Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Google leitet auf andere Suchmaschienen um (Firefox und Explorer) (https://www.trojaner-board.de/91677-google-leitet-andere-suchmaschienen-um-firefox-explorer.html)

El_Kimmo 10.10.2010 20:05
Google leitet auf andere Suchmaschienen um (Firefox und Explorer)
 
Habe schon einen Scan mit Malwarebytes und Antivir durchgeführt und es wurde nichts gefunden.

HiJackthis log ist hier
HiJackthis Logfile:
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:31, on 10.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Motorola Media Link\NServiceEntry.exe
C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe
C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vsnpstd.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\iatsky\iatsky.exe
C:\Programme\Motorola\MotoConnectService\MotoConnect.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\Programme\ICQ7.2\ICQ.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IATSKY] C:\Programme\iatsky\iatsky.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Telefonauskunft und Rückwärtssuche auf CD-ROM - Schnellstarter.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?4d756034759342df9342eeac146bbd95
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?4d756034759342df9342eeac146bbd95
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177158109359
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: DeviceMonitorService - Nero AG - C:\Programme\Motorola Media Link\NServiceEntry.exe
O23 - Service: Google Update Service (gupdate1c9b3abc89374fa) (gupdate1c9b3abc89374fa) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: MotoConnect Service - Unknown owner - C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
 
--
End of file - 8390 bytes
--- --- ---


Bitte um Hilfe, schonmal Danke im Vorraus

AntiVir meldete gerade folgenden Fund den ich sofort gelöscht habe:

In der Datei 'C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir'
wurde ein Virus oder unerwünschtes Programm 'TR/Rootkit.Gen3' [trojan] gefunden.
Ausgeführte Aktion: Datei löschen

Malwarebytes meldete gerade folgendes

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

10.10.2010 23:34:55
mbam-log-2010-10-10 (23-34-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 72690
Laufzeit: 1 Stunde(n), 48 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 11.10.2010 10:58
Zitat:
In der Datei 'C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir'
Wenn man schon CF aus eigene Faust ausführt postet man wenigstens unaufgefordert das Log!

El_Kimmo 11.10.2010 15:42
Ich hab Combofix nicht auf eigene Faust ausgeführt. Das habe ich noch auf dem Rechner vom letzten mal, da hab ich das unter Anleitung durchgeführt. Also was wird alles noch an logs benötigt

Antivir hat folgende Viren gefunden und kann diese nicht entfernen:

In der Datei 'C:\WINDOWS\system32\winlogon.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.513024.22' [trojan] gefunden.

In der Datei 'C:\WINDOWS\explorer.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.1036800.8' [trojan] gefunden.

El_Kimmo 11.10.2010 17:46
Kann mir also keiner helfen ??

cosinus 11.10.2010 19:58
Zitat:
Das habe ich noch auf dem Rechner vom letzten mal, da hab ich das unter Anleitung durchgeführt.
Ok, ich dachte schon :D


Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

El_Kimmo 12.10.2010 01:58
Hier nach langer Zeit schonmal das log von malwarebytes

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4796

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

12.10.2010 02:53:53
mbam-log-2010-10-12 (02-53-53).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 300448
Laufzeit: 3 Stunde(n), 38 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\appsecdll (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\Lea\Eigene Dateien\zurückgeholte\3277.jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Lea\Eigene Dateien\zurückgeholte\2d0nt6f.jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Lea\Eigene Dateien\zurückgeholte\MFT 39453\sklafja.jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Lea\Lokale Einstellungen\Temp\RarSFX2\basic\guardgui.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\User\Desktop\Multimedia\hjsplit\hjsplit.exe (Trojan.Agent) -> Quarantined and deleted successfully.

El_Kimmo 12.10.2010 02:03
und die otl logs:OTL Logfile:
Code:
OTL Extras logfile created on: 12.10.2010 03:00:45 - Run 1
OTL by OldTimer - Version 3.2.15.0    Folder = C:\Dokumente und Einstellungen\Detlef\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): D:\pagefile.sys 3072 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 5,13 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 154,75 Gb Total Space | 10,88 Gb Free Space | 7,03% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Detlef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"57203:TCP" = 57203:TCP:*:Enabled:Pando Media Booster
"57203:UDP" = 57203:UDP:*:Enabled:Pando Media Booster
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remoteunterstützung - Windows Messenger und Voice -- (Microsoft Corporation)
"C:\Programme\Sony\Media Manager for WALKMAN\MediaManager.exe" = C:\Programme\Sony\Media Manager for WALKMAN\MediaManager.exe:*:Enabled:Media Manager for WALKMAN 1.2 -- (Sony Creative Software Inc.)
"C:\Programme\Trillian\trillian.exe" = C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\Spiele\SteamApps\assi_the_trooper\condition zero deleted scenes\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Motorola Media Link\MML.exe" = C:\Programme\Motorola Media Link\MML.exe:*:Disabled:Motorola Media Link main -- (Nero corporation)
"D:\Spiele\SteamApps\assi_the_trooper\counter-strike\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\counter-strike\hl.exe:*:Enabled:Counter-Strike -- File not found
"D:\Spiele\SteamApps\assi_the_trooper\day of defeat\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\day of defeat\hl.exe:*:Enabled:Day of Defeat -- File not found
"D:\Spiele\SteamApps\assi_the_trooper\condition zero\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- File not found
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CLUR05IZ\svchost[1].exe" = C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CLUR05IZ\svchost[1].exe:*:Enabled:ldrsoft -- File not found
"D:\Spiele\DarkCrusade.exe" = D:\Spiele\DarkCrusade.exe:*:Disabled:DarkCrusade -- File not found
"D:\Spiele\Soulstorm.exe" = D:\Spiele\Soulstorm.exe:*:Disabled:Soulstorm -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510" = Canon MP510
"{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = PowerStarter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{3353CA25-78CC-4321-B67C-16F2933DC94B}" = Browsen mit Registerkarten (Windows Live Toolbar)
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AF0CCF7-3D25-470A-91D3-ABBBA7F30327}" = OneCare Advisor (Windows Live Toolbar)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D31F40D-78C1-48C4-B7C6-10844B7A6DF9}" = Telefonauskunft und Rückwärtssuche auf CD-ROM
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}" = iTunes
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5A6ED905-D19D-4954-8499-0DAF386460F7}" = Media Manager for WALKMAN 1.2
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6EFA70F2-D6C3-4ECA-BEA9-C1A31277C63A}_is1" = FLV Converter 2.5
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7677634B-E04E-4D2A-89CE-C6EF2370B498}" = Popupblocker (Windows Live Toolbar)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{7CDA2B02-E0A4-4EB5-8533-050D535BA43A}" = Media Converter for Philips
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A6AD979-8170-49ED-8529-14174317B281}" = SA60xx Device Manager
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8FB1A5EA-7DA8-4D57-80FB-BD923CCCC852}" = OpenOffice.org 2.1
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA9768AA-FF0B-4C66-A085-31E934F77841}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup 1.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BA02FAF3-7AEE-4B07-A7F8-5AF7F81EB940}" = DRAWings X3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{D9DC70B6-BE13-41DD-9053-9E617E72D085}" = MOTOROLA MEDIA LINK
"{DD133F7D-E484-45B7-BBB9-828FCA45BBDB}" = i@Sky Weather Information Centre
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy 1.0
"{EBA672FF-F80E-48B1-8FC4-616825318810}" = Feederkennung (Windows Live Toolbar)
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EFD8E454-EE12-402A-BFC1-7EA096599CBA}" = Windows Live Outlook-Toolbar (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F3220F3E-3B12-4B65-861D-B8EFCCA44A39}" = VideoCAM Trek
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Anti-Twin 2008-02-11 23.09.08" = Anti-Twin (Installation 11.02.2008)
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Canon MP510 Benutzerregistrierung" = Canon MP510 Benutzerregistrierung
"CCleaner" = CCleaner
"Diashow pro_is1" = Diashow pro
"Easy-WebPrint" = Easy-WebPrint
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 2.3
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"LingoPad_is1" = LingoPad 2.5.1 (Build 325)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"Mp3tag" = Mp3tag v2.46
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Nero 6
"NeroVision!UninstallKey" = Nero Digital
"Ninotech Date Edit" = Ninotech Date Edit 4.0
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PSP Video 9" = PSP Video 9 4.04
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Recuva" = Recuva (remove only)
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SUPER ©" = SUPER © Version 2008.bld.25 (Feb 5, 2008)
"Switch" = Switch
"Total Video Converter 3.14_is1" = Total Video Converter 3.14 080930
"Uninstall_is1" = Uninstall 1.0.0.0
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winexit_is1" = Winexit 3.5
"WinFF_is1" = WinFF 0.31
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.90.2
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD" = XviD MPEG-4 Codec
 
========== Last 10 Event Log Errors ==========
 
[ DRAWings Events ]
Error - 14.07.2008 09:59:07 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description =
 
Error - 14.07.2008 10:00:21 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description =
 
Error - 14.07.2008 10:00:42 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description =
 
[ System Events ]
Error - 18.09.2010 15:46:47 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 18.09.2010 15:46:47 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
Error - 19.09.2010 07:06:00 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 19.09.2010 07:06:01 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
Error - 19.09.2010 14:43:00 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 19.09.2010 14:43:01 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
Error - 20.09.2010 08:39:04 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 20.09.2010 08:39:04 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
Error - 21.09.2010 11:55:50 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 21.09.2010 11:55:59 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
 
< End of report >
--- --- ---
OTL Logfile:
Code:
OTL logfile created on: 12.10.2010 03:00:45 - Run 1
OTL by OldTimer - Version 3.2.15.0    Folder = C:\Dokumente und Einstellungen\Detlef\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): D:\pagefile.sys 3072 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 5,13 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 154,75 Gb Total Space | 10,88 Gb Free Space | 7,03% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Detlef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\iatsky\iatsky.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\vsnpstd.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MotoConnect Service) -- C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (DeviceMonitorService) -- C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\D.tmp File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\Cofi\catchme.sys File not found
DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (Motousbnet) -- C:\WINDOWS\system32\drivers\Motousbnet.sys (Motorola)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola)
DRV - (BTCFilterService) -- C:\WINDOWS\system32\drivers\motfilt.sys (Motorola Inc)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (MotoSwitchService) -- C:\WINDOWS\system32\drivers\motswch.sys (Motorola)
DRV - (VtcDrv) -- C:\WINDOWS\system32\drivers\vtcdrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                          )
DRV - (snpstd) -- C:\WINDOWS\system32\drivers\snpstd.sys ()
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.09.19 00:09:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.10.12 01:51:47 | 000,000,000 | ---D | M]
 
[2008.10.12 22:37:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Extensions
[2010.10.11 23:09:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions
[2010.10.11 23:09:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.04.06 22:55:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.08.12 20:10:39 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\searchplugins\icqplugin.xml
[2010.07.27 02:17:55 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.19 18:40:53 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.07.25 18:12:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.25 18:12:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.25 18:12:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.25 18:12:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.25 18:12:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.11.24 21:34:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IATSKY] C:\Programme\iatsky\iatsky.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D}] C:\WINDOWS\System32\win32GI\svhost.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Programme\MSN Messenger\msnmsgr.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177158109359 (MUWebControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.21 12:49:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: nlsfol32 - (C:\WINDOWS\system32\cidasec6.dll) - C:\WINDOWS\System32\cidasec6.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.12 02:58:48 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe
[2010.10.12 02:09:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\Adobe
[2010.10.12 01:52:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Apple Computer
[2010.10.12 00:06:43 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Detlef\Eigene Dateien\Eigene Videos
[2010.10.11 23:13:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Eigene Dateien\Downloads
[2010.10.11 23:12:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Malwarebytes
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.10 17:31:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.10.09 16:02:31 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.10.09 14:58:24 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Server
[2010.09.26 17:44:42 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2007.04.26 14:14:30 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2007.04.26 14:14:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2007.04.26 14:14:30 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.12 03:00:23 | 002,097,152 | -H-- | M] () -- C:\Dokumente und Einstellungen\Detlef\ntuser.dat
[2010.10.12 02:58:50 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe
[2010.10.12 02:56:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.12 02:56:19 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.10.12 02:56:04 | 000,088,556 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.10.12 02:56:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.12 02:56:02 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.12 02:56:01 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.12 02:55:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.12 02:55:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.12 02:54:45 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Detlef\ntuser.ini
[2010.10.12 02:50:36 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.10.12 02:50:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.12 01:52:06 | 000,273,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.10.12 00:06:57 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.09 17:16:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.07 15:09:05 | 001,024,808 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.07 15:09:05 | 000,458,808 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.07 15:09:05 | 000,440,998 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.07 15:09:05 | 000,084,666 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.07 15:09:05 | 000,071,316 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.04 18:20:02 | 004,632,029 | ---- | M] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:19:57 | 003,575,010 | ---- | M] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:19:54 | 003,371,882 | ---- | M] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:19:51 | 003,661,946 | ---- | M] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:19:48 | 004,018,465 | ---- | M] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.10.04 18:19:45 | 003,213,894 | ---- | M] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:19:42 | 002,800,532 | ---- | M] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:19:39 | 003,935,291 | ---- | M] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:19:36 | 003,017,453 | ---- | M] () -- C:\01 Club of Sons.wma.MP3
[2010.09.26 17:47:18 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.10.12 00:06:59 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.12 00:06:57 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.04 18:14:14 | 003,213,894 | ---- | C] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:14:01 | 002,800,532 | ---- | C] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:13:45 | 003,935,291 | ---- | C] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:13:33 | 003,017,453 | ---- | C] () -- C:\01 Club of Sons.wma.MP3
[2010.10.04 18:13:15 | 004,632,029 | ---- | C] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:13:00 | 003,575,010 | ---- | C] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:12:47 | 003,371,882 | ---- | C] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:12:30 | 003,661,946 | ---- | C] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:12:14 | 004,018,465 | ---- | C] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.09.26 17:47:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.05.31 18:14:16 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.24 19:06:21 | 000,000,158 | ---- | C] () -- C:\WINDOWS\civ.ini
[2009.11.24 22:24:29 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\Combo-Fix.sys
[2009.09.10 16:05:18 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.06.05 22:29:08 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2009.06.05 22:27:49 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.12.02 23:58:56 | 000,231,390 | ---- | C] () -- C:\Programme\RootkitRevealer.zip
[2008.11.27 16:24:25 | 000,027,626 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Svclog.log
[2008.10.31 17:02:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WorldBuilder.INI
[2008.05.30 16:00:35 | 000,000,253 | ---- | C] () -- C:\WINDOWS\ktel.ini
[2008.02.08 15:15:47 | 000,399,360 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008.02.08 15:15:46 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.02.08 15:15:38 | 000,151,040 | -HS- | C] () -- C:\WINDOWS\System32\VistaUltm.dll
[2008.02.08 15:15:38 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\Smab0.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2008.02.07 23:49:47 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.02.07 23:49:47 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.02.07 18:16:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.02.07 18:16:11 | 000,088,064 | ---- | C] () -- C:\WINDOWS\System32\AudioExCtl.dll
[2008.02.07 18:15:10 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2007.10.20 16:53:10 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.09.19 17:51:17 | 000,000,264 | ---- | C] () -- C:\WINDOWS\game.ini
[2007.08.07 23:21:10 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.07 22:11:59 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.07.12 01:43:26 | 000,006,537 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007.06.27 16:43:38 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\viscomqtde.dll
[2007.06.27 16:43:38 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.05.27 15:26:32 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.04.30 11:47:56 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLec.DAT
[2007.04.29 15:57:32 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.04.26 14:14:30 | 000,390,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2007.04.26 14:14:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2007.04.26 14:14:30 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2007.04.26 14:09:57 | 000,000,408 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007.04.25 17:58:29 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.04.21 14:00:43 | 000,000,469 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.04.21 13:51:17 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.04.21 13:09:03 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.04.21 12:55:22 | 000,005,042 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.04.21 12:55:18 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.08.11 22:45:20 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.08.11 22:43:10 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.08.11 22:43:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.08.11 22:43:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.08.11 22:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.08.11 22:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.08.11 22:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2002.09.10 17:10:05 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >
--- --- ---

El_Kimmo 12.10.2010 02:04
und die otl logs:OTL Logfile:
Code:
OTL Extras logfile created on: 12.10.2010 03:00:45 - Run 1
OTL by OldTimer - Version 3.2.15.0    Folder = C:\Dokumente und Einstellungen\Detlef\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): D:\pagefile.sys 3072 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 5,13 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 154,75 Gb Total Space | 10,88 Gb Free Space | 7,03% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Detlef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"57203:TCP" = 57203:TCP:*:Enabled:Pando Media Booster
"57203:UDP" = 57203:UDP:*:Enabled:Pando Media Booster
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remoteunterstützung - Windows Messenger und Voice -- (Microsoft Corporation)
"C:\Programme\Sony\Media Manager for WALKMAN\MediaManager.exe" = C:\Programme\Sony\Media Manager for WALKMAN\MediaManager.exe:*:Enabled:Media Manager for WALKMAN 1.2 -- (Sony Creative Software Inc.)
"C:\Programme\Trillian\trillian.exe" = C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\Spiele\SteamApps\assi_the_trooper\condition zero deleted scenes\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Motorola Media Link\MML.exe" = C:\Programme\Motorola Media Link\MML.exe:*:Disabled:Motorola Media Link main -- (Nero corporation)
"D:\Spiele\SteamApps\assi_the_trooper\counter-strike\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\counter-strike\hl.exe:*:Enabled:Counter-Strike -- File not found
"D:\Spiele\SteamApps\assi_the_trooper\day of defeat\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\day of defeat\hl.exe:*:Enabled:Day of Defeat -- File not found
"D:\Spiele\SteamApps\assi_the_trooper\condition zero\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- File not found
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CLUR05IZ\svchost[1].exe" = C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CLUR05IZ\svchost[1].exe:*:Enabled:ldrsoft -- File not found
"D:\Spiele\DarkCrusade.exe" = D:\Spiele\DarkCrusade.exe:*:Disabled:DarkCrusade -- File not found
"D:\Spiele\Soulstorm.exe" = D:\Spiele\Soulstorm.exe:*:Disabled:Soulstorm -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510" = Canon MP510
"{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = PowerStarter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{3353CA25-78CC-4321-B67C-16F2933DC94B}" = Browsen mit Registerkarten (Windows Live Toolbar)
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AF0CCF7-3D25-470A-91D3-ABBBA7F30327}" = OneCare Advisor (Windows Live Toolbar)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D31F40D-78C1-48C4-B7C6-10844B7A6DF9}" = Telefonauskunft und Rückwärtssuche auf CD-ROM
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}" = iTunes
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5A6ED905-D19D-4954-8499-0DAF386460F7}" = Media Manager for WALKMAN 1.2
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6EFA70F2-D6C3-4ECA-BEA9-C1A31277C63A}_is1" = FLV Converter 2.5
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7677634B-E04E-4D2A-89CE-C6EF2370B498}" = Popupblocker (Windows Live Toolbar)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{7CDA2B02-E0A4-4EB5-8533-050D535BA43A}" = Media Converter for Philips
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A6AD979-8170-49ED-8529-14174317B281}" = SA60xx Device Manager
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8FB1A5EA-7DA8-4D57-80FB-BD923CCCC852}" = OpenOffice.org 2.1
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA9768AA-FF0B-4C66-A085-31E934F77841}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup 1.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BA02FAF3-7AEE-4B07-A7F8-5AF7F81EB940}" = DRAWings X3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{D9DC70B6-BE13-41DD-9053-9E617E72D085}" = MOTOROLA MEDIA LINK
"{DD133F7D-E484-45B7-BBB9-828FCA45BBDB}" = i@Sky Weather Information Centre
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy 1.0
"{EBA672FF-F80E-48B1-8FC4-616825318810}" = Feederkennung (Windows Live Toolbar)
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EFD8E454-EE12-402A-BFC1-7EA096599CBA}" = Windows Live Outlook-Toolbar (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F3220F3E-3B12-4B65-861D-B8EFCCA44A39}" = VideoCAM Trek
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Anti-Twin 2008-02-11 23.09.08" = Anti-Twin (Installation 11.02.2008)
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Canon MP510 Benutzerregistrierung" = Canon MP510 Benutzerregistrierung
"CCleaner" = CCleaner
"Diashow pro_is1" = Diashow pro
"Easy-WebPrint" = Easy-WebPrint
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 2.3
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"LingoPad_is1" = LingoPad 2.5.1 (Build 325)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"Mp3tag" = Mp3tag v2.46
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Nero 6
"NeroVision!UninstallKey" = Nero Digital
"Ninotech Date Edit" = Ninotech Date Edit 4.0
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PSP Video 9" = PSP Video 9 4.04
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Recuva" = Recuva (remove only)
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SUPER ©" = SUPER © Version 2008.bld.25 (Feb 5, 2008)
"Switch" = Switch
"Total Video Converter 3.14_is1" = Total Video Converter 3.14 080930
"Uninstall_is1" = Uninstall 1.0.0.0
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winexit_is1" = Winexit 3.5
"WinFF_is1" = WinFF 0.31
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.90.2
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD" = XviD MPEG-4 Codec
 
========== Last 10 Event Log Errors ==========
 
[ DRAWings Events ]
Error - 14.07.2008 09:59:07 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description =
 
Error - 14.07.2008 10:00:21 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description =
 
Error - 14.07.2008 10:00:42 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description =
 
[ System Events ]
Error - 18.09.2010 15:46:47 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 18.09.2010 15:46:47 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
Error - 19.09.2010 07:06:00 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 19.09.2010 07:06:01 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
Error - 19.09.2010 14:43:00 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 19.09.2010 14:43:01 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
Error - 20.09.2010 08:39:04 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 20.09.2010 08:39:04 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
Error - 21.09.2010 11:55:50 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 21.09.2010 11:55:59 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:  %%2
 
 
< End of report >
--- --- ---

OTL Logfile:
Code:
OTL logfile created on: 12.10.2010 03:00:45 - Run 1
OTL by OldTimer - Version 3.2.15.0    Folder = C:\Dokumente und Einstellungen\Detlef\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): D:\pagefile.sys 3072 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 5,13 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 154,75 Gb Total Space | 10,88 Gb Free Space | 7,03% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Detlef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\iatsky\iatsky.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\vsnpstd.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MotoConnect Service) -- C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (DeviceMonitorService) -- C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\D.tmp File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\Cofi\catchme.sys File not found
DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (Motousbnet) -- C:\WINDOWS\system32\drivers\Motousbnet.sys (Motorola)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola)
DRV - (BTCFilterService) -- C:\WINDOWS\system32\drivers\motfilt.sys (Motorola Inc)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (MotoSwitchService) -- C:\WINDOWS\system32\drivers\motswch.sys (Motorola)
DRV - (VtcDrv) -- C:\WINDOWS\system32\drivers\vtcdrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                          )
DRV - (snpstd) -- C:\WINDOWS\system32\drivers\snpstd.sys ()
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.09.19 00:09:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.10.12 01:51:47 | 000,000,000 | ---D | M]
 
[2008.10.12 22:37:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Extensions
[2010.10.11 23:09:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions
[2010.10.11 23:09:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.04.06 22:55:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.08.12 20:10:39 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\searchplugins\icqplugin.xml
[2010.07.27 02:17:55 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.19 18:40:53 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.07.25 18:12:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.25 18:12:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.25 18:12:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.25 18:12:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.25 18:12:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.11.24 21:34:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IATSKY] C:\Programme\iatsky\iatsky.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D}] C:\WINDOWS\System32\win32GI\svhost.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Programme\MSN Messenger\msnmsgr.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177158109359 (MUWebControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.21 12:49:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: nlsfol32 - (C:\WINDOWS\system32\cidasec6.dll) - C:\WINDOWS\System32\cidasec6.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.12 02:58:48 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe
[2010.10.12 02:09:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\Adobe
[2010.10.12 01:52:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Apple Computer
[2010.10.12 00:06:43 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Detlef\Eigene Dateien\Eigene Videos
[2010.10.11 23:13:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Eigene Dateien\Downloads
[2010.10.11 23:12:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Malwarebytes
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.10 17:31:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.10.09 16:02:31 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.10.09 14:58:24 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Server
[2010.09.26 17:44:42 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2007.04.26 14:14:30 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2007.04.26 14:14:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2007.04.26 14:14:30 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.12 03:00:23 | 002,097,152 | -H-- | M] () -- C:\Dokumente und Einstellungen\Detlef\ntuser.dat
[2010.10.12 02:58:50 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe
[2010.10.12 02:56:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.12 02:56:19 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.10.12 02:56:04 | 000,088,556 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.10.12 02:56:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.12 02:56:02 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.12 02:56:01 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.12 02:55:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.12 02:55:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.12 02:54:45 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Detlef\ntuser.ini
[2010.10.12 02:50:36 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.10.12 02:50:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.12 01:52:06 | 000,273,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.10.12 00:06:57 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.09 17:16:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.07 15:09:05 | 001,024,808 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.07 15:09:05 | 000,458,808 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.07 15:09:05 | 000,440,998 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.07 15:09:05 | 000,084,666 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.07 15:09:05 | 000,071,316 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.04 18:20:02 | 004,632,029 | ---- | M] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:19:57 | 003,575,010 | ---- | M] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:19:54 | 003,371,882 | ---- | M] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:19:51 | 003,661,946 | ---- | M] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:19:48 | 004,018,465 | ---- | M] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.10.04 18:19:45 | 003,213,894 | ---- | M] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:19:42 | 002,800,532 | ---- | M] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:19:39 | 003,935,291 | ---- | M] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:19:36 | 003,017,453 | ---- | M] () -- C:\01 Club of Sons.wma.MP3
[2010.09.26 17:47:18 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.10.12 00:06:59 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.12 00:06:57 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.04 18:14:14 | 003,213,894 | ---- | C] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:14:01 | 002,800,532 | ---- | C] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:13:45 | 003,935,291 | ---- | C] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:13:33 | 003,017,453 | ---- | C] () -- C:\01 Club of Sons.wma.MP3
[2010.10.04 18:13:15 | 004,632,029 | ---- | C] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:13:00 | 003,575,010 | ---- | C] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:12:47 | 003,371,882 | ---- | C] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:12:30 | 003,661,946 | ---- | C] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:12:14 | 004,018,465 | ---- | C] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.09.26 17:47:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.05.31 18:14:16 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.24 19:06:21 | 000,000,158 | ---- | C] () -- C:\WINDOWS\civ.ini
[2009.11.24 22:24:29 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\Combo-Fix.sys
[2009.09.10 16:05:18 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.06.05 22:29:08 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2009.06.05 22:27:49 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.12.02 23:58:56 | 000,231,390 | ---- | C] () -- C:\Programme\RootkitRevealer.zip
[2008.11.27 16:24:25 | 000,027,626 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Svclog.log
[2008.10.31 17:02:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WorldBuilder.INI
[2008.05.30 16:00:35 | 000,000,253 | ---- | C] () -- C:\WINDOWS\ktel.ini
[2008.02.08 15:15:47 | 000,399,360 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008.02.08 15:15:46 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.02.08 15:15:38 | 000,151,040 | -HS- | C] () -- C:\WINDOWS\System32\VistaUltm.dll
[2008.02.08 15:15:38 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\Smab0.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2008.02.07 23:49:47 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.02.07 23:49:47 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.02.07 18:16:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.02.07 18:16:11 | 000,088,064 | ---- | C] () -- C:\WINDOWS\System32\AudioExCtl.dll
[2008.02.07 18:15:10 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2007.10.20 16:53:10 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.09.19 17:51:17 | 000,000,264 | ---- | C] () -- C:\WINDOWS\game.ini
[2007.08.07 23:21:10 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.07 22:11:59 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.07.12 01:43:26 | 000,006,537 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007.06.27 16:43:38 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\viscomqtde.dll
[2007.06.27 16:43:38 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.05.27 15:26:32 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.04.30 11:47:56 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLec.DAT
[2007.04.29 15:57:32 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.04.26 14:14:30 | 000,390,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2007.04.26 14:14:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2007.04.26 14:14:30 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2007.04.26 14:09:57 | 000,000,408 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007.04.25 17:58:29 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.04.21 14:00:43 | 000,000,469 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.04.21 13:51:17 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.04.21 13:09:03 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.04.21 12:55:22 | 000,005,042 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.04.21 12:55:18 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.08.11 22:45:20 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.08.11 22:43:10 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.08.11 22:43:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.08.11 22:43:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.08.11 22:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.08.11 22:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.08.11 22:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2002.09.10 17:10:05 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >
--- --- ---

cosinus 12.10.2010 11:31
Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
PRC - C:\Programme\iatsky\iatsky.exe ()
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\D.tmp File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
O4 - HKLM..\Run: [IATSKY] C:\Programme\iatsky\iatsky.exe ()
O4 - HKCU..\Run: [{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D}] C:\WINDOWS\System32\win32GI\svhost.exe File not found
O36 - AppCertDlls: nlsfol32 - (C:\WINDOWS\system32\cidasec6.dll) - C:\WINDOWS\System32\cidasec6.dll File not found
[2010.10.09 14:58:24 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Server
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
:Files
C:\Programme\iatsky
C:\WINDOWS\System32\win32GI
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

El_Kimmo 12.10.2010 12:09
All processes killed
========== OTL ==========
No active process named iatsky.exe was found!
Error: No service named MEMSWEEP2 was found to stop!
Service\Driver key MEMSWEEP2 not found.
File C:\WINDOWS\System32\D.tmp File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\System32\drivers\EagleNT.sys File not found not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IATSKY deleted successfully.
C:\Programme\iatsky\iatsky.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\nlsfol32:C:\WINDOWS\system32\cidasec6.dll deleted successfully.
Folder move failed. C:\Dokumente und Einstellungen\All Users\Dokumente\Server scheduled to be moved on reboot.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 deleted successfully.
========== FILES ==========
C:\Programme\iatsky\resources folder moved successfully.
C:\Programme\iatsky folder moved successfully.
File\Folder C:\WINDOWS\System32\win32GI not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 5899320 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes

User: Detlef
->Temp folder emptied: 134947 bytes
->Temporary Internet Files folder emptied: 45503 bytes
->FireFox cache emptied: 32948597 bytes
->Flash cache emptied: 1219 bytes

User: Lea

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: User

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134333 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 78302011 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 114,00 mb


OTL by OldTimer - Version 3.2.15.0 log created on 10122010_130344

Files\Folders moved on Reboot...
Folder move failed. C:\Dokumente und Einstellungen\All Users\Dokumente\Server scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus 12.10.2010 13:12
Dann bitte jetzt CF (neu) ausführen, cofi.exe neu herunterladen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

El_Kimmo 12.10.2010 13:52
ComboFix 10-10-11.04 - Detlef 12.10.2010 14:35:54.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.2047.1660 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Detlef\Desktop\cofi.exe.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\dokumente und einstellungen\All Users\Dokumente\Server\server.dat
C:\hasdfkasif.exe
c:\hasdfkasif.exe\config.bin
c:\hasdfkasif.exe\hasdfkasif.exe
.
---- Vorheriger Suchlauf -------
.
c:\dokumente und einstellungen\User\Anwendungsdaten\.Tribler\isdn.dll
c:\dokumente und einstellungen\User\Anwendungsdaten\Adobe\pup.exe
c:\dokumente und einstellungen\User\Anwendungsdaten\Ahead\ven32.exe
c:\dokumente und einstellungen\User\Anwendungsdaten\Apple Computer\kls.dll
c:\dokumente und einstellungen\User\Anwendungsdaten\ArcSoft\regs32.exe

Infizierte Kopie von c:\windows\system32\winlogon.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\ERDNT\cache\winlogon.exe wurde wiederhergestellt

Infizierte Kopie von c:\windows\explorer.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\ERDNT\cache\explorer.exe wurde wiederhergestellt

.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_31FF
-------\Legacy_3AEB
-------\Legacy_6406
-------\Legacy_989A
-------\Legacy_A9910
-------\Legacy_AD37
-------\Legacy_D3BE
-------\Legacy_E098
-------\Legacy_EB32
-------\Legacy_F4F4
-------\Legacy_FF5C
-------\Legacy_MEMSWEEP2
-------\Service_31fF
-------\Service_3aeB
-------\Service_6406
-------\Service_989A
-------\Service_a9910
-------\Service_ad37
-------\Service_d3bE
-------\Service_e098
-------\Service_eb32
-------\Service_f4f4
-------\Service_ff5C
-------\Service_MEMSWEEP2
-------\Service_No30oiaschp
-------\Legacy_31FF
-------\Legacy_3AEB
-------\Legacy_6406
-------\Legacy_989A
-------\Legacy_A9910
-------\Legacy_AD37
-------\Legacy_D3BE
-------\Legacy_E098
-------\Legacy_EB32
-------\Legacy_F4F4
-------\Legacy_FF5C


((((((((((((((((((((((( Dateien erstellt von 2010-09-12 bis 2010-10-12 ))))))))))))))))))))))))))))))
.

2010-10-12 11:54 . 2010-10-12 12:29 -------- d-----w- c:\dokumente und einstellungen\Detlef\Anwendungsdaten\ICQ
2010-10-12 11:54 . 2010-10-12 11:54 -------- d-----w- c:\dokumente und einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\AOL
2010-10-12 10:58 . 2010-10-12 10:58 -------- d-----w- C:\_OTL
2010-10-12 00:09 . 2010-10-12 00:09 -------- d-----w- c:\dokumente und einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\Adobe
2010-10-11 23:52 . 2010-10-11 23:52 -------- d-----w- c:\dokumente und einstellungen\Detlef\Anwendungsdaten\Apple Computer
2010-10-11 21:12 . 2010-10-11 21:12 -------- d-----w- c:\dokumente und einstellungen\Detlef\Anwendungsdaten\Malwarebytes
2010-10-11 18:57 . 2010-10-11 18:57 -------- d-----w- c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DBControl
2010-10-11 18:57 . 2010-10-11 18:57 -------- d-----w- c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DBControl
2010-09-26 15:44 . 2010-09-26 15:44 -------- d-----w- c:\programme\Gemeinsame Dateien\Skype

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2007-12-17 13:43 27648 --sh--w- c:\windows\system32\Smab0.dll
2008-02-04 19:26 151040 --sh--w- c:\windows\system32\VistaUltm.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-11-24_19.34.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 19:54 . 2009-07-11 19:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-12 00:07 . 2009-07-12 00:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 00:19 . 2009-07-12 00:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2010-04-24 17:06 . 1994-09-20 22:00 12800 c:\windows\system32\WING32.DLL
+ 2007-01-29 08:58 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2004-08-04 12:00 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 75776 c:\windows\system32\strmfilt.dll
+ 2004-08-04 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2010-03-08 21:30 . 2008-03-21 12:57 14640 c:\windows\system32\spmsgXP_2k3.dll
- 2008-01-29 21:46 . 2008-07-08 13:00 18808 c:\windows\system32\spmsg.dll
+ 2008-01-29 21:46 . 2010-02-22 14:22 18808 c:\windows\system32\spmsg.dll
+ 2004-08-04 12:00 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 79872 c:\windows\system32\raschap.dll
+ 2010-03-30 22:16 . 2010-03-30 22:16 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2010-05-31 16:14 . 2010-05-31 16:14 66872 c:\windows\system32\PnkBstrA.exe
- 2004-08-04 12:00 . 2009-10-25 19:23 71316 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2010-10-07 13:09 71316 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2010-10-07 13:09 84666 c:\windows\system32\perfc007.dat
- 2004-08-04 12:00 . 2009-10-25 19:23 84666 c:\windows\system32\perfc007.dat
+ 2009-11-06 23:07 . 2009-11-06 23:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-05 20:17 . 2009-11-05 20:17 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-04 00:57 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2007-04-21 12:07 . 2008-08-13 09:22 24576 c:\windows\system32\msxml3a.dll
+ 2004-08-04 12:00 . 2009-11-27 16:08 28672 c:\windows\system32\msvidc32.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 11264 c:\windows\system32\msrle32.dll
+ 2004-08-04 12:00 . 2009-11-27 16:08 11264 c:\windows\system32\msrle32.dll
+ 2004-08-04 12:00 . 2008-05-19 05:33 18944 c:\windows\system32\msisip.dll
+ 2004-08-04 12:00 . 2008-05-19 00:57 95744 c:\windows\system32\msiexec.exe
+ 2006-07-28 06:10 . 2009-12-21 13:42 15616 c:\windows\system32\mot_ci.dll
+ 2009-06-12 18:38 . 2010-05-12 11:42 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2004-08-04 00:57 . 2009-11-27 16:08 48128 c:\windows\system32\iyuv_32.dll
- 2004-08-04 12:00 . 2009-09-25 05:35 81920 c:\windows\system32\ieencode.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 81920 c:\windows\system32\ieencode.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 80384 c:\windows\system32\iccvid.dll
+ 2004-08-04 12:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
+ 2004-08-04 12:00 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll
- 2004-08-04 12:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2004-08-04 12:00 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
+ 2010-03-09 17:48 . 2009-10-27 11:02 23936 c:\windows\system32\DRVSTORE\motport_8D8D33AD41012F86EAEB5F1E61B6042B8F506586\motport.sys
+ 2010-03-09 17:48 . 2009-12-22 09:00 23552 c:\windows\system32\DRVSTORE\motousbnet_6D791DAFE11EF3F28FC4B4204124883A85101411\Motousbnet.sys
+ 2010-03-09 17:48 . 2009-05-08 10:56 42752 c:\windows\system32\DRVSTORE\motodrv_D06C801EA18A8B7745FF946C777072E286BBC9E8\motodrv.sys
+ 2010-03-09 17:48 . 2009-12-21 13:42 15616 c:\windows\system32\DRVSTORE\motodrv_D06C801EA18A8B7745FF946C777072E286BBC9E8\mot_ci.dll
+ 2010-03-09 17:48 . 2009-07-10 12:01 25856 c:\windows\system32\DRVSTORE\motoandroi_9C5ADBB3F416A3229DD948F7BBC46ECA50A38AC1\motoandroid.sys
+ 2010-03-09 17:48 . 2009-10-27 11:02 23936 c:\windows\system32\DRVSTORE\motmodem_0AFD2376E9CEC21E2C9824A1713C17124B94ACE8\motmodem.sys
+ 2010-03-08 21:30 . 2009-06-19 15:59 19712 c:\windows\system32\DRVSTORE\motccgp_A0FA88AB3B3F3737224F9CFABDF26194C9F2A878\motccgp.sys
+ 2006-11-02 06:22 . 2008-03-27 15:27 35040 c:\windows\system32\drivers\wdfldr.sys
+ 2010-05-31 16:14 . 2010-05-31 16:14 22328 c:\windows\system32\drivers\PnkBstrK.sys
+ 2007-04-21 12:03 . 2010-06-25 23:06 28256 c:\windows\system32\drivers\MxlW2k.sys
- 2007-04-21 12:03 . 2008-02-20 12:17 28256 c:\windows\system32\drivers\MxlW2k.sys
+ 2010-03-09 17:48 . 2009-12-22 09:00 23552 c:\windows\system32\drivers\Motousbnet.sys
+ 2010-03-09 17:48 . 2009-10-27 11:02 23936 c:\windows\system32\drivers\motmodem.sys
+ 2010-03-08 21:30 . 2009-06-19 15:59 19712 c:\windows\system32\drivers\motccgp.sys
+ 2008-12-01 20:18 . 2010-04-29 10:19 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2008-12-01 20:18 . 2010-04-29 10:19 20952 c:\windows\system32\drivers\mbam.sys
+ 2010-06-16 16:28 . 2008-04-13 17:45 10368 c:\windows\system32\drivers\hidusb.sys
+ 2009-10-30 11:59 . 2009-12-07 19:13 56816 c:\windows\system32\drivers\avgntflt.sys
+ 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2004-08-04 12:00 . 2009-11-27 16:08 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-05-19 05:33 . 2008-05-19 05:33 18944 c:\windows\system32\dllcache\msisip.dll
+ 2008-05-19 00:57 . 2008-05-19 00:57 95744 c:\windows\system32\dllcache\msiexec.exe
+ 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll
- 2009-02-20 08:09 . 2009-09-25 05:35 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-02-20 08:09 . 2010-06-24 12:10 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2010-06-16 16:28 . 2008-04-13 17:45 10368 c:\windows\system32\dllcache\hidusb.sys
- 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-01-13 14:00 . 2010-01-13 14:00 86528 c:\windows\system32\dllcache\cabview.dll
- 2009-06-10 14:13 . 2009-06-10 14:13 85504 c:\windows\system32\dllcache\avifil32.dll
+ 2009-06-10 14:13 . 2009-11-27 16:08 85504 c:\windows\system32\dllcache\avifil32.dll
+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-04 12:00 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
- 2007-04-21 10:54 . 2009-11-24 18:02 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat
+ 2007-04-21 10:54 . 2010-05-18 17:43 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat
+ 2007-04-21 10:54 . 2010-05-18 17:43 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat
- 2007-04-21 10:54 . 2009-11-24 18:02 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat
+ 2010-05-10 20:39 . 2010-05-18 17:43 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2004-08-04 12:00 . 2010-01-13 14:00 86528 c:\windows\system32\cabview.dll
+ 2004-08-04 12:00 . 2009-11-27 16:08 85504 c:\windows\system32\avifil32.dll
- 2004-08-04 12:00 . 2009-06-10 14:13 85504 c:\windows\system32\avifil32.dll
+ 2004-08-04 12:00 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
+ 2010-04-24 17:06 . 1994-09-20 22:00 92208 c:\windows\system\WING.DLL
+ 2010-04-24 17:06 . 1993-11-18 22:00 43520 c:\windows\system\MSVIDC.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 11776 c:\windows\system\MSRLE.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 22816 c:\windows\system\MSACM.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 49616 c:\windows\system\MSACM.DLL
+ 2010-04-24 17:06 . 1995-03-21 22:00 50096 c:\windows\system\IYVU9.DLL
+ 2010-04-24 17:06 . 1994-09-01 22:00 65408 c:\windows\system\ICCVID.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 14208 c:\windows\system\CTL3D.DLL
+ 2010-04-24 17:06 . 1993-11-18 22:00 12800 c:\windows\system\ACMCMPRS.DLL
+ 2010-04-07 21:48 . 2010-04-07 21:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-09-22 07:43 . 2010-09-22 07:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-09-23 13:55 . 2010-09-23 13:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-09-23 01:17 . 2010-09-23 01:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 17:19 . 2003-02-20 17:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-09-23 01:17 . 2010-09-23 01:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-03-06 16:55 . 2010-03-06 16:55 20480 c:\windows\Installer\289c2.msi
+ 2010-03-18 19:45 . 2010-03-18 19:45 22528 c:\windows\Installer\1efbe9.msi
+ 2010-05-19 17:52 . 2010-05-19 17:52 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-11-24 23:43 . 2009-11-24 23:43 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2010-03-08 21:33 . 2010-03-09 17:51 54576 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\UNINST_Uninstall_N_9478A81BBD0A41A094DC4C1702BA87D8.exe
+ 2009-12-24 19:41 . 2009-12-24 19:41 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-07-05 18:40 . 2010-09-18 22:44 40960 c:\windows\Installer\{90850407-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2009-12-03 13:42 . 2009-12-03 13:42 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-09-18 22:44 . 2010-09-18 22:44 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-06-04 14:00 . 2010-09-29 17:07 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\ARPPRODUCTICON.exe
+ 2010-02-11 13:43 . 2010-02-11 13:43 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-04-12 16:52 . 2010-04-12 16:52 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2003-07-15 04:57 . 2003-07-15 04:57 58944 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\SEQCHK10.DLL
+ 2003-07-15 04:52 . 2003-07-15 04:52 55360 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\MSOHTMED.EXE
+ 2003-07-15 04:52 . 2003-07-15 04:52 67128 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\MSOHEV.DLL
+ 2009-10-12 09:48 . 2009-10-12 09:48 66856 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\webaccessproxy.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 38184 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\usbdevice.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 46888 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\transfertranscoding.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 49448 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\transcodermgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 17704 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\threadmgt.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 16168 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\prescandirectory.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 79144 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\photoeditor.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 20776 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\pctransfermgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 17704 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nwmplaylist.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 42792 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nthumbnailmgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 87336 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nserviceentry.exe
+ 2009-10-12 09:48 . 2009-10-12 09:48 34088 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nsdi.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 99624 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nplayback.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 42280 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nlog.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 52520 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nexternplaylist.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 42280 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nevp6dec.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 62760 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nefileid.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 95528 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ned3d9rendering.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 20264 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ndevicemonitor.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 21800 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.store.dll
+ 2009-10-12 09:42 . 2009-10-12 09:42 31104 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.dashboard.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 86824 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.applications.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 83240 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmdb.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 37160 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\massenc.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 66856 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ituneplaylist.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 46376 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\interop.pimmgtlib.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 11048 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\interop.nthumbnailmgtlib.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 15656 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\interop.nplaybacklib.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 15656 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\interop.nmediaeditinglib.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 21288 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\fileplugin_wpd.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 16168 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\fileplugin_win.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 26408 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\fileplugin_cd.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 18728 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\filemonitor.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 15656 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\errorhandling.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 23848 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\dbaccess.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f29fc1d6\System.Drawing.Design.dll
+ 2010-10-07 13:06 . 2010-10-07 13:06 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_431aaa2b\CustomMarshalers.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\dd5ce29ac227f3d0fd81b84621a57477\WindowsLiveWriter.ni.exe
+ 2010-08-11 16:26 . 2010-08-11 16:26 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\67a565eaa748e11f0953953cbdcd4e72\WindowsLive.Writer.Api.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-08-11 16:28 . 2010-08-11 16:28 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\9eba4732354d330d1d86f0416fd40817\stdole.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 29184 c:\windows\assembly\NativeImages_v2.0.50727_32\SFMARKETLib\898c9256ffaa39ac35f45b30ff6952e0\SFMARKETLib.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-08-11 01:10 . 2010-08-11 01:10 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Store\7ff8156172cda90a7a9137e29ae56f5c\MML.Modules.Store.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 74240 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.DashBoa#\9cc0bfce93c4c2940f0149241e55e788\MML.Modules.DashBoard.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\db075fbeb39bc6ea1e26681f53bc6bc6\Microsoft.Practices.ServiceLocation.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 40960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\2f2065ec9a37162fb295124d052a9599\Microsoft.Practices.Composite.UnityExtensions.ni. dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.QTOControlL#\dadbf611053f0d02879b38026f3b7a10\Interop.QTOControlLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 76800 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.PortableDev#\a4502dca169ba72d83a999ffddc96760\Interop.PortableDeviceTypesLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 77312 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.PortableDev#\3864c153b210d87e0c50f484e199db42\Interop.PortableDeviceApiLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 77312 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.PimMgtLib\945f8ab91de25c29f88a1ea4054f94e7\interop.PimMgtLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.NThumbnailM#\0ff069c250ee961629a09b19a5fc1dc1\interop.NThumbnailMgtLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 29696 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.NPlaybackLib\2c5191dd63a615fd9a318f749d619836\interop.NPlaybackLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.NMetaDataLib\111284f634fe394b55b1b7ec5509b5d8\interop.NMetaDataLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.NMediaEditi#\cd331d2505b803916a42a7e3ac0a2996\interop.NMediaEditingLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBUICONTR#\6fd33218b948fe194cd822d9623b60fe\Interop.CDDBUICONTROLLibSMS.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 72192 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBLINKLib#\92bca08c28bb23d2f46f0c6783a35ce0\Interop.CDDBLINKLibSMS.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 31744 c:\windows\assembly\NativeImages_v2.0.50727_32\Interfaces\4bca70a1883e0f7e9304b33f8da2aafd\Interfaces.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-08-11 16:26 . 2010-08-11 16:26 59904 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.QTOContro#\2a057e9da8c6bb98caf7a741e5171f30\AxInterop.QTOControlLib.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-08-22 12:43 . 2009-08-22 12:43 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-07 13:06 . 2010-10-07 13:06 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-03-08 21:30 . 2006-11-02 06:22 32224 c:\windows\$NtUninstallWdf01007$\wdfldr.sys
+ 2010-08-11 01:05 . 2008-04-14 02:22 80384 c:\windows\$NtUninstallKB982665$\iccvid.dll
+ 2010-06-08 23:38 . 2010-02-26 05:41 81920 c:\windows\$NtUninstallKB982381$\ieencode.dll
+ 2010-05-27 13:27 . 2010-01-23 08:11 46080 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-27 13:27 . 2010-04-22 22:21 16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-03-30 22:26 . 2009-12-22 05:07 81920 c:\windows\$NtUninstallKB980182$\ieencode.dll
+ 2010-06-08 23:44 . 2008-04-14 02:22 65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-04-14 23:18 . 2008-04-14 02:22 84992 c:\windows\$NtUninstallKB979309$\cabview.dll
+ 2010-02-24 17:36 . 2009-10-28 15:07 46080 c:\windows\$NtUninstallKB979306$\tzchange.exe
+ 2010-02-24 17:36 . 2010-01-23 10:40 16896 c:\windows\$NtUninstallKB979306$\spuninst\tzchange.dll
+ 2010-01-22 20:37 . 2009-09-25 05:35 81920 c:\windows\$NtUninstallKB978207$\ieencode.dll
+ 2010-02-09 22:51 . 2008-04-14 02:22 32256 c:\windows\$NtUninstallKB978037$\csrsrv.dll
+ 2010-02-09 22:51 . 2004-08-04 12:00 25600 c:\windows\$NtUninstallKB977914$\msvidc32.dll
+ 2010-02-09 22:51 . 2008-04-14 02:22 11264 c:\windows\$NtUninstallKB977914$\msrle32.dll
+ 2010-02-09 22:51 . 2008-04-14 02:22 47616 c:\windows\$NtUninstallKB977914$\iyuv_32.dll
+ 2010-02-09 22:51 . 2009-06-10 14:13 85504 c:\windows\$NtUninstallKB977914$\avifil32.dll
+ 2009-11-24 23:44 . 2009-07-14 11:03 46080 c:\windows\$NtUninstallKB976098-v2$\tzchange.exe
+ 2009-11-24 23:44 . 2009-10-29 02:03 16896 c:\windows\$NtUninstallKB976098-v2$\spuninst\tzchange.dll
+ 2010-02-09 22:51 . 2008-04-14 02:22 16896 c:\windows\$NtUninstallKB975560$\msyuv.dll
+ 2009-12-09 21:02 . 2008-04-14 02:22 79872 c:\windows\$NtUninstallKB974318$\raschap.dll
+ 2010-01-13 23:08 . 2009-06-16 14:36 81920 c:\windows\$NtUninstallKB972270$\fontsub.dll
+ 2009-12-09 21:02 . 2008-04-14 02:22 75776 c:\windows\$NtUninstallKB970430$\strmfilt.dll
+ 2009-12-09 21:02 . 2008-04-14 02:22 24576 c:\windows\$NtUninstallKB970430$\httpapi.dll
+ 2010-03-08 21:27 . 2008-04-14 02:22 15360 c:\windows\$NtUninstallKB942288-v3$\msisip.dll
+ 2010-03-08 21:27 . 2008-04-14 02:22 78848 c:\windows\$NtUninstallKB942288-v3$\msiexec.exe
+ 2010-08-11 01:10 . 2010-04-16 16:06 81920 c:\windows\$NtUninstallKB2183461$\ieencode.dll
+ 2010-08-11 01:05 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll
+ 2010-08-11 01:05 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB982665\spmsg.dll
+ 2010-06-17 14:00 . 2010-06-17 14:00 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982381\update\spcustom.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB982381\spmsg.dll
+ 2010-04-16 15:59 . 2010-04-16 15:59 81920 c:\windows\$hf_mig$\KB982381\SP3QFE\ieencode.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB982214\spmsg.dll
+ 2010-08-11 01:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll
+ 2010-08-11 01:05 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB981997\spmsg.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll
+ 2010-08-10 19:56 . 2010-06-17 13:45 16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB981852\spmsg.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981349\update\spcustom.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB981349\spmsg.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB980436\spmsg.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB980232\update\spcustom.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 18808 c:\windows\$hf_mig$\KB980232\spmsg.dll
+ 2010-06-08 23:47 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980218\update\spcustom.dll
+ 2010-06-08 23:47 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB980218\spmsg.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB980195\spmsg.dll
+ 2010-03-30 22:26 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB980182\update\spcustom.dll
+ 2010-03-30 22:26 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB980182\spmsg.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 81920 c:\windows\$hf_mig$\KB980182\SP3QFE\ieencode.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979683\update\spcustom.dll
+ 2010-04-14 19:13 . 2010-03-05 14:53 16896 c:\windows\$hf_mig$\KB979683\update\mpsyschk.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB979683\spmsg.dll
+ 2010-06-08 23:46 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll
+ 2010-06-08 23:46 . 2009-05-26 09:01 18808 c:\windows\$hf_mig$\KB979559\spmsg.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-03-05 14:50 . 2010-03-05 14:50 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB979309\update\spcustom.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB979309\spmsg.dll
+ 2010-01-13 13:48 . 2010-01-13 13:48 86528 c:\windows\$hf_mig$\KB979309\SP3QFE\cabview.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978706\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978706\spmsg.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB978601\update\spcustom.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB978601\spmsg.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978338\update\spcustom.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978338\spmsg.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978262\update\spcustom.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978262\spmsg.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978251\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978251\spmsg.dll
+ 2010-01-22 20:37 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB978207\update\spcustom.dll
+ 2010-01-22 20:37 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB978207\spmsg.dll
+ 2009-12-22 05:05 . 2009-12-22 05:05 81920 c:\windows\$hf_mig$\KB978207\SP3QFE\ieencode.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978037\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978037\spmsg.dll
+ 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\$hf_mig$\KB978037\SP3QFE\csrsrv.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977914\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB977914\spmsg.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 28672 c:\windows\$hf_mig$\KB977914\SP3QFE\msvidc32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 11264 c:\windows\$hf_mig$\KB977914\SP3QFE\msrle32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 48128 c:\windows\$hf_mig$\KB977914\SP3QFE\iyuv_32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 85504 c:\windows\$hf_mig$\KB977914\SP3QFE\avifil32.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977816\update\spcustom.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB977816\spmsg.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977165\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB977165\spmsg.dll
+ 2009-12-09 21:02 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB976325\update\spcustom.dll
+ 2009-12-09 21:02 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB976325\spmsg.dll
+ 2009-09-25 05:32 . 2009-09-25 05:32 81920 c:\windows\$hf_mig$\KB976325\SP3QFE\ieencode.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975713\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB975713\spmsg.dll
+ 2010-06-08 23:44 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-06-08 23:44 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2010-03-11 15:01 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB975561\update\spcustom.dll
+ 2010-03-11 15:01 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB975561\spmsg.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975560\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB975560\spmsg.dll
+ 2009-11-27 17:23 . 2009-11-27 17:23 17920 c:\windows\$hf_mig$\KB975560\SP3QFE\msyuv.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974392\update\spcustom.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB974392\spmsg.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974318\update\spcustom.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB974318\spmsg.dll
+ 2009-10-12 13:29 . 2009-10-12 13:29 79872 c:\windows\$hf_mig$\KB974318\SP3QFE\raschap.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973904\update\spcustom.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB973904\spmsg.dll
+ 2009-11-24 23:44 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB973687\update\spcustom.dll
+ 2009-11-24 23:44 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB973687\spmsg.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB972270\update\spcustom.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB972270\spmsg.dll
+ 2010-01-13 20:35 . 2009-10-15 16:38 81920 c:\windows\$hf_mig$\KB972270\SP3QFE\fontsub.dll
+ 2009-12-09 21:01 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB971737\update\spcustom.dll
+ 2009-12-09 21:01 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB971737\spmsg.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB971468\update\spcustom.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB971468\spmsg.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB970430\update\spcustom.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB970430\spmsg.dll
+ 2009-10-21 05:41 . 2009-10-21 05:41 75776 c:\windows\$hf_mig$\KB970430\SP3QFE\strmfilt.dll
+ 2009-10-21 05:41 . 2009-10-21 05:41 25088 c:\windows\$hf_mig$\KB970430\SP3QFE\httpapi.dll
+ 2010-01-13 23:08 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB955759\update\spcustom.dll
+ 2010-01-13 23:08 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB955759\spmsg.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-07-14 14:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-07-14 14:02 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB2183461\update\spcustom.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB2183461\spmsg.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 81920 c:\windows\$hf_mig$\KB2183461\SP3QFE\ieencode.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB2160329\update\spcustom.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB2160329\spmsg.dll
+ 2010-08-11 01:10 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll
+ 2010-08-11 01:10 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB2115168\spmsg.dll
+ 2010-08-11 01:09 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll
+ 2010-08-11 01:09 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB2079403\spmsg.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-05-05 05:25 . 2010-07-22 06:19 5632 c:\windows\system32\xpsp4res.dll
+ 2001-08-18 04:54 . 2009-11-27 16:08 8704 c:\windows\system32\tsbyuv.dll
- 2009-11-01 14:07 . 2009-11-01 14:07 5632 c:\windows\system32\pndx5032.dll
+ 2009-11-01 14:07 . 2010-03-06 16:55 5632 c:\windows\system32\pndx5032.dll
+ 2009-11-01 14:07 . 2010-03-06 16:55 6656 c:\windows\system32\pndx5016.dll
- 2009-11-01 14:07 . 2009-11-01 14:07 6656 c:\windows\system32\pndx5016.dll
+ 2004-08-04 12:00 . 2008-04-17 00:43 2560 c:\windows\system32\msimsg.dll
+ 2010-03-09 17:48 . 2010-01-25 18:56 9472 c:\windows\system32\DRVSTORE\motusbdevi_4F7E6DAFBCC5BFBD9F5E79EE8F9E5A7CAA4E99DA\motusbdevice.sys
+ 2010-03-09 17:48 . 2007-11-02 14:51 6400 c:\windows\system32\DRVSTORE\motousbnet_6D791DAFE11EF3F28FC4B4204124883A85101411\motswch.sys
+ 2010-03-09 17:48 . 2009-01-29 16:11 6016 c:\windows\system32\DRVSTORE\motousbnet_6D791DAFE11EF3F28FC4B4204124883A85101411\motfilt.sys
+ 2010-03-08 21:30 . 2007-11-02 14:51 6400 c:\windows\system32\DRVSTORE\motccgp_A0FA88AB3B3F3737224F9CFABDF26194C9F2A878\motswch.sys
+ 2010-03-08 21:30 . 2009-01-29 16:18 8320 c:\windows\system32\DRVSTORE\motccgp_A0FA88AB3B3F3737224F9CFABDF26194C9F2A878\motccgpfl.sys
+ 2010-03-08 21:30 . 2007-11-02 14:51 6400 c:\windows\system32\drivers\motswch.sys
+ 2010-03-08 21:30 . 2009-01-29 16:11 6016 c:\windows\system32\drivers\motfilt.sys
+ 2010-03-08 21:30 . 2009-01-29 16:18 8320 c:\windows\system32\drivers\motccgpfl.sys
+ 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2008-04-17 00:43 . 2008-04-17 00:43 2560 c:\windows\system32\dllcache\msimsg.dll
+ 2010-04-24 17:06 . 1994-09-20 22:00 6736 c:\windows\system\WINGDIB.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 7168 c:\windows\system\DISPDIB.DLL
+ 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-16 21:17 . 2009-10-16 21:17 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-16 21:17 . 2009-10-16 21:17 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-02-09 22:51 . 2004-08-04 12:00 8192 c:\windows\$NtUninstallKB977914$\tsbyuv.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 00:12 . 2009-07-12 00:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 00:09 . 2009-07-12 00:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 00:08 . 2009-07-12 00:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2004-08-04 12:00 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 293888 c:\windows\system32\winsrv.dll
+ 2004-08-04 12:00 . 2010-06-18 17:44 293888 c:\windows\system32\winsrv.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 672768 c:\windows\system32\wininet.dll
- 2004-08-04 12:00 . 2009-09-25 05:35 672768 c:\windows\system32\wininet.dll
+ 2004-08-04 12:00 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
- 2004-08-04 12:00 . 2008-05-09 10:54 430080 c:\windows\system32\vbscript.dll
+ 2004-08-04 12:00 . 2010-03-09 11:09 430080 c:\windows\system32\vbscript.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 406016 c:\windows\system32\usp10.dll
+ 2004-08-04 12:00 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 628736 c:\windows\system32\urlmon.dll
- 2004-08-04 12:00 . 2009-09-25 05:35 628736 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed.dll
- 2004-08-04 12:00 . 2009-06-16 14:36 119808 c:\windows\system32\t2embed.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 474624 c:\windows\system32\shlwapi.dll
+ 2004-08-04 12:00 . 2009-12-08 09:23 474624 c:\windows\system32\shlwapi.dll
+ 2004-08-04 12:00 . 2010-06-30 12:28 149504 c:\windows\system32\schannel.dll
+ 2004-08-04 12:00 . 2010-07-22 15:48 590848 c:\windows\system32\rpcrt4.dll
- 2009-11-01 14:07 . 2009-11-01 14:07 185920 c:\windows\system32\rmoc3260.dll
+ 2010-03-06 16:56 . 2010-03-06 16:56 185920 c:\windows\system32\rmoc3260.dll
+ 2004-08-04 12:00 . 2009-10-12 13:38 150528 c:\windows\system32\rastls.dll
+ 2010-03-30 22:10 . 2010-03-30 22:10 295264 c:\windows\system32\PresentationHost.exe
+ 2010-05-31 16:14 . 2010-05-31 16:14 103736 c:\windows\system32\PnkBstrB.exe
+ 2007-06-17 13:51 . 2010-03-06 16:55 278528 c:\windows\system32\pncrt.dll
- 2007-06-17 13:51 . 2009-11-01 14:06 278528 c:\windows\system32\pncrt.dll
+ 2004-08-04 12:00 . 2010-10-07 13:09 440998 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2009-10-25 19:23 440998 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2009-10-25 19:23 458808 c:\windows\system32\perfh007.dat
+ 2004-08-04 12:00 . 2010-10-07 13:09 458808 c:\windows\system32\perfh007.dat
+ 2010-05-31 16:14 . 2010-05-31 16:14 669184 c:\windows\system32\pbsvc.exe
+ 2004-08-04 12:00 . 2009-10-13 10:32 271360 c:\windows\system32\oakley.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 271360 c:\windows\system32\oakley.dll
+ 2007-04-26 12:04 . 2010-03-06 16:55 348160 c:\windows\system32\msvcr71.dll
- 2007-04-26 12:04 . 2009-11-01 14:06 348160 c:\windows\system32\msvcr71.dll
+ 2007-04-26 12:04 . 2010-03-06 16:55 499712 c:\windows\system32\msvcp71.dll
- 2007-04-26 12:04 . 2009-11-01 14:06 499712 c:\windows\system32\msvcp71.dll
+ 2007-04-21 10:45 . 2009-12-17 07:40 346624 c:\windows\system32\mspaint.exe
- 2007-04-21 10:45 . 2008-04-14 02:22 346624 c:\windows\system32\mspaint.exe
+ 2004-08-04 12:00 . 2008-05-19 05:33 332800 c:\windows\system32\msihnd.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 297808 c:\windows\system32\mscoree.dll
- 2006-10-18 19:47 . 2006-10-18 19:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-18 19:47 . 2010-03-30 10:24 317440 c:\windows\system32\mp4sdecd.dll
+ 2010-07-05 16:38 . 2010-07-05 16:38 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe
+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 c:\windows\system32\Macromed\Flash\FlashUtil10e.exe
+ 2007-04-21 10:47 . 2010-06-09 07:43 692736 c:\windows\system32\inetcomm.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 251904 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 251904 c:\windows\system32\iepeers.dll
+ 2007-04-21 11:39 . 2010-08-11 14:14 757344 c:\windows\system32\FNTCACHE.DAT
+ 2010-04-29 17:39 . 2004-08-12 09:06 188416 c:\windows\system32\eax.dll
+ 2010-03-08 21:30 . 2009-03-02 21:00 103552 c:\windows\system32\DRVSTORE\Moser_D7089C7835F0E7ECEC244A670740F4C8336E0FA1\Mousbser.sys
+ 2010-03-08 21:30 . 2009-03-02 21:00 103552 c:\windows\system32\DRVSTORE\Momdm_D7089C7835F0E7ECEC244A670740F4C8336E0FA1\Mousbser.sys
+ 2006-11-02 06:22 . 2008-03-27 15:27 503008 c:\windows\system32\drivers\wdf01000.sys
+ 2004-08-04 12:00 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-04 12:00 . 2010-06-21 15:27 354304 c:\windows\system32\drivers\srv.sys
+ 2004-08-04 12:00 . 2010-02-24 13:11 455680 c:\windows\system32\drivers\mrxsmb.sys
+ 2004-08-04 12:00 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys
+ 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2010-06-18 17:44 . 2010-06-18 17:44 293888 c:\windows\system32\dllcache\winsrv.dll
- 2008-06-23 15:10 . 2009-09-25 05:35 672768 c:\windows\system32\dllcache\wininet.dll
+ 2008-06-23 15:10 . 2010-06-24 12:10 672768 c:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:30 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
- 2008-05-09 10:54 . 2008-05-09 10:54 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2008-05-09 10:54 . 2010-03-09 11:09 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-06-26 08:12 . 2010-06-24 12:10 628736 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-26 08:12 . 2009-09-25 05:35 628736 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
- 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2008-10-15 19:04 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys
+ 2009-12-08 09:23 . 2009-12-08 09:23 474624 c:\windows\system32\dllcache\shlwapi.dll
+ 2008-12-05 06:55 . 2010-06-30 12:28 149504 c:\windows\system32\dllcache\schannel.dll
+ 2009-04-15 14:51 . 2010-07-22 15:48 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 150528 c:\windows\system32\dllcache\rastls.dll
+ 2009-10-13 10:32 . 2009-10-13 10:32 271360 c:\windows\system32\dllcache\oakley.dll
+ 2009-12-17 07:40 . 2009-12-17 07:40 346624 c:\windows\system32\dllcache\mspaint.exe
+ 2008-05-19 05:33 . 2008-05-19 05:33 332800 c:\windows\system32\dllcache\msihnd.dll
+ 2008-11-12 19:15 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 10:24 . 2010-03-30 10:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2008-09-01 12:31 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2010-02-26 05:41 . 2010-06-24 12:10 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2010-07-14 13:24 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2010-04-20 05:29 . 2010-04-20 05:29 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2010-01-13 20:35 . 2009-11-21 15:54 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2008-03-11 14:56 . 2010-06-03 21:09 107888 c:\windows\system32\CmdLineExt.dll
- 2008-03-11 14:56 . 2009-10-07 22:08 107888 c:\windows\system32\CmdLineExt.dll
+ 2010-03-12 11:04 . 2010-02-12 10:03 293376 c:\windows\system32\browserchoice.exe
+ 2004-08-04 12:00 . 2010-04-20 05:29 285696 c:\windows\system32\atmfd.dll
- 2004-08-04 12:00 . 2008-04-14 02:20 285696 c:\windows\system32\atmfd.dll
+ 2004-08-04 12:00 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
+ 2010-04-24 17:06 . 1994-08-23 22:00 188960 c:\windows\system\WINGDE.DLL
+ 2010-04-24 17:06 . 1995-11-08 22:00 774960 c:\windows\system\IR41.DLL
+ 2010-04-24 17:06 . 1995-10-19 22:00 151744 c:\windows\system\IR32.DLL
- 2007-04-21 10:47 . 2008-04-14 02:22 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2007-04-21 10:47 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2010-03-30 22:16 . 2010-03-30 22:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-09-22 07:43 . 2010-09-22 07:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 10:22 . 2010-02-09 10:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2009-08-07 21:51 . 2009-08-07 21:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 00:25 . 2010-09-23 00:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-09-23 01:17 . 2010-09-23 01:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-06-08 23:46 . 2010-06-08 23:46 200192 c:\windows\Installer\e2da35.msi
+ 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\e2da04.msp
+ 2010-06-16 16:31 . 2010-06-16 16:31 245760 c:\windows\Installer\bf082f.msi
+ 2010-03-08 21:29 . 2010-03-08 21:29 424960 c:\windows\Installer\bded74.msi
+ 2010-07-05 18:44 . 2010-07-05 18:44 381440 c:\windows\Installer\8110b8.msi
+ 2010-07-05 18:40 . 2010-07-05 18:40 894464 c:\windows\Installer\811099.msi
+ 2010-09-23 19:02 . 2010-09-23 19:02 798208 c:\windows\Installer\5838dc.msp
+ 2010-03-09 17:47 . 2010-03-09 17:47 370688 c:\windows\Installer\355c6.msi
+ 2010-06-11 17:07 . 2010-06-11 17:07 168960 c:\windows\Installer\34f99a.msp
+ 2010-04-06 20:45 . 2010-04-06 20:45 331264 c:\windows\Installer\3325c5.msi
+ 2009-11-24 23:43 . 2009-11-24 23:43 429568 c:\windows\Installer\26756d.msi
+ 2007-09-12 14:37 . 2007-09-12 14:37 344064 c:\windows\Installer\1c8548c.msp
+ 2010-03-08 21:33 . 2010-03-09 17:51 398640 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\NGP.exe1_AD452C6A9A6B4F93A7BEE4B129DFFCFA.exe
+ 2010-03-08 21:33 . 2010-03-09 17:51 361776 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\NewShortcut1_55371FD36E414386B2D0FECAEFFAD4DE.exe
+ 2010-03-08 21:33 . 2010-03-09 17:51 398640 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\MML.exe_9154F19F21A14345B997CED5FAD9F289.exe
+ 2010-03-08 21:33 . 2010-03-09 17:51 398640 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\ARPPRODUCTICON.exe
+ 2010-09-26 15:44 . 2010-09-26 15:44 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-10-09 14:02 . 2010-10-09 14:02 295606 c:\windows\Installer\{AC76BA86-7AD7-1031-7B44-A81300000003}\SC_Reader.exe
+ 2010-07-05 18:40 . 2010-09-18 22:44 135168 c:\windows\Installer\{90850407-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-10-12 09:46 . 2009-10-12 09:46 132392 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\wpdenc.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 107816 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\webaccess.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 144680 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\thumbmgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 312616 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\pimmgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 185640 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nxconnector.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 173352 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ntrackandreportmgt.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 144680 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmvisualizernas.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 832808 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmthumbnailiconsgen.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 480552 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmsseffects.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 472360 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmslideshow.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 103720 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmediaediting.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 337192 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmdefaultdrmdialogs.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 513320 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmcdrip.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 173352 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nlicensemgt.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 427304 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nevcr.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 623920 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerovmrmodules.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 132392 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerocontentfinder.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 390440 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerocaptureapi.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 202024 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nereplaygain.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 353576 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\neem2v.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 128296 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\neem2a.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 124200 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nedvencoder.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 816424 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nedtshddec.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 320808 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nddenoisedmo.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 316712 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ndcolordmo.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 886056 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ndaudio.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 156968 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\moviewizard.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 103720 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmsync.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 116008 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmlupdateservice.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 208168 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmlupdate.exe
+ 2009-10-12 09:45 . 2009-10-12 09:45 128296 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmlregistration.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 210728 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmlcc.exe
+ 2009-10-12 09:48 . 2009-10-12 09:48 462120 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.themes.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 173352 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.resources.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 186152 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.uicommon.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 113448 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.settings.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 236328 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.media.video.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 270120 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.media.photo.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 287528 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.media.music.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 679208 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.infrastructure.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 247080 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\metadatamgt.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 116008 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\liveupdatetactics.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 247080 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\em2v.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 111912 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\effectmgr.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 263464 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\deleteuserdata.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 111912 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\categorymgt.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 533800 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\areadylb_nero.dll
+ 2008-11-12 19:15 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys
+ 2010-10-07 13:07 . 2010-10-07 13:07 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_f614ca9f\System.Drawing.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_a4af38ed\System.Drawing.Design.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_7b6643fa\CustomMarshalers.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-10-07 15:25 . 2010-10-07 15:25 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\f39d526b39e8928e719d9ce8a971383e\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f06626ccee27150b618f6ff8e4b83dba\WindowsLive.Writer.Extensibility.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e0e45d40fad4c1b13c93dbd1268410f3\WindowsLive.Writer.Passport.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d0916f4cf87dafdf941b66056dd0e005\WindowsLive.Writer.BlogClient.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c46d84073499887c745801bda334c97f\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa7ddbdf38e8a7129fb0befd951897f5\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8f73472385b353ebd6010d02ad42b2b6\WindowsLive.Writer.SpellChecker.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7619247d1c0a0779042423940f5f93de\WindowsLive.Writer.HtmlParser.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\56faab9a03f8863e76f75d8b6c70185b\WindowsLive.Writer.Localization.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4844cd1fac89240407ab5e2a4fe9c518\WindowsLive.Writer.BrowserControl.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\482300ac4d48e5c77dc319ec489e6bfc\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\436529704b6c85b97f68a5489dc82ab2\WindowsLive.Writer.FileDestinations.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3dce78aa75f081de7ad7cd480e64167a\WindowsLive.Writer.Interop.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1931e1807dc35a71bda7ce8b517c84ef\WindowsLive.Writer.Controls.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\18a657bcf90f1a3340e7e33ea4dad4c9\WindowsLive.Writer.Mshtml.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\088f2a6fd9107021e9b80ecc5c832334\WindowsLive.Writer.Instrumentation.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\4db92179406aa5a642aca6165defa8fe\WindowsLive.Client.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-08-11 16:28 . 2010-08-11 16:28 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.d ll
+ 2010-10-07 14:58 . 2010-10-07 14:58 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a140e8da81b3af34c864ad851fe150fd\System.Runtime.Remoting.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-08-11 16:28 . 2010-08-11 16:28 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\97bd2a5d946aa3a824e4cfe5b6ef95aa\System.Messaging.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\a055d54c458b7557d957c714551873c3\sysglobl.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-08-11 16:26 . 2010-08-11 16:26 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-08-11 14:17 . 2010-08-11 14:17 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 601088 c:\windows\assembly\NativeImages_v2.0.50727_32\PerstNET\6418e07758921b45e87606e6a1f9a817\PerstNET.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-08-11 16:25 . 2010-08-11 16:25 523776 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Themes\3f47d9eaf638e804cc9b3695cece37ab\MML.Themes.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 608768 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.UICommon\d6310dfcaf59f85baf69571dc7cfb76e\MML.Modules.UICommon.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 251392 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Settings\444043e7be9691a0a022e97c200293e8\MML.Modules.Settings.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 747520 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Media.V#\6dd5a8d7945d7a01d15109e2c7e467c4\MML.Modules.Media.Video.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 847360 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Media.P#\6eefe319dcba0248696aa7cba8841f4d\MML.Modules.Media.Photo.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 218624 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Applica#\b550ca72867b18b84f9e8e01c57459e4\MML.Modules.Applications.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 234496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\84340b2a3e00e9c502b271c52eeb8a6b\Microsoft.Practices.Composite.Presentation.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 292864 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\4f522c46ae629da1500dc36f7c65a4d3\Microsoft.Practices.ObjectBuilder2.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 310272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\48ee4cd2f8011a42f3675103e607f83f\Microsoft.Practices.Composite.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 197632 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\0d2b334ebad61e0eaa81d24afc92a0c1\Microsoft.Practices.Unity.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 264192 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Utils\31a87c97f519d3b9e6821b51db4c2952\MediaManager.Utils.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 272384 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Splash#\4010d3ef164921339edb67934792f793\MediaManager.SplashScreen.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 948736 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.GUI\1f4a2fe8c4419b2a88ca4e6f7f3c11ac\MediaManager.GUI.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 856576 c:\windows\assembly\NativeImages_v2.0.50727_32\Lucene.Net\641ee86e2dbd2cab638e815d58ac360e\Lucene.Net.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 657920 c:\windows\assembly\NativeImages_v2.0.50727_32\log4net\31494515a8e82f798f90c995169ac344\log4net.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 812032 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WMPLib\857490da2c27ea6f2bac1a0309da6c97\Interop.WMPLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 311808 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.SHDocVw\bb9dc25ca7771593464ac6571c598468\Interop.SHDocVw.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 204288 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.QTOLibrary\6767424c471042ccfe043a96fd2f051a\Interop.QTOLibrary.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 100864 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\9223f7593d66861845c023dd9708587f\Interop.IWshRuntimeLibrary.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 374784 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBCONTROL#\a00294415f985f9d7f2f567dc1d3b17d\Interop.CDDBCONTROLLibSMS.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 210432 c:\windows\assembly\NativeImages_v2.0.50727_32\GCPlayer\5c41c0c896042a9468d0ac24514040c9\GCPlayer.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-08-11 16:26 . 2010-08-11 16:26 151552 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.WMPLib\81a7ea2aab9275894cae2c648f229989\AxInterop.WMPLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.SHDocVw\00dcc80d73005bc2c3072c44008c2e7f\AxInterop.SHDocVw.ni.dll
+ 2010-10-07 15:24 . 2010-10-07 15:24 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 626176 c:\windows\assembly\NativeImages_v2.0.50727_32\AdvrCntrProxy\3ef7b4961849f7279420860b3850f684\AdvrCntrProxy.ni.dll
- 2009-10-16 21:16 . 2009-10-16 21:16 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-08-22 12:43 . 2009-08-22 12:43 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-16 21:16 . 2009-10-16 21:16 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2004-08-04 12:00 . 2009-11-21 15:54 471552 c:\windows\AppPatch\aclayers.dll

El_Kimmo 12.10.2010 13:53
+ 2010-03-08 21:30 . 2006-11-02 06:22 492000 c:\windows\$NtUninstallWdf01007$\wdf01000.sys
+ 2010-03-08 21:30 . 2008-03-21 12:57 379184 c:\windows\$NtUninstallWdf01007$\spuninst\updspapi.dll
+ 2010-03-08 21:30 . 2008-03-21 12:57 221488 c:\windows\$NtUninstallWdf01007$\spuninst\spuninst.exe
+ 2010-08-11 01:05 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB982665$\spuninst\updspapi.dll
+ 2010-08-11 01:05 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB982665$\spuninst\spuninst.exe
+ 2010-06-08 23:38 . 2010-02-26 05:41 672768 c:\windows\$NtUninstallKB982381$\wininet.dll
+ 2010-06-08 23:38 . 2010-02-26 05:41 628736 c:\windows\$NtUninstallKB982381$\urlmon.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB982381$\spuninst\updspapi.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB982381$\spuninst\spuninst.exe
+ 2010-06-08 23:38 . 2010-02-26 05:41 251904 c:\windows\$NtUninstallKB982381$\iepeers.dll
+ 2010-08-11 01:10 . 2009-12-31 16:50 353792 c:\windows\$NtUninstallKB982214$\srv.sys
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB982214$\spuninst\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB982214$\spuninst\spuninst.exe
+ 2010-08-11 01:05 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB981997$\spuninst\updspapi.dll
+ 2010-08-11 01:05 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB981997$\spuninst\spuninst.exe
+ 2010-08-11 01:09 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB981852$\spuninst\updspapi.dll
+ 2010-08-11 01:09 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB981852$\spuninst\spuninst.exe
+ 2010-05-27 13:27 . 2009-05-26 09:01 388984 c:\windows\$NtUninstallKB981793$\spuninst\updspapi.dll
+ 2010-05-27 13:27 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB981793$\spuninst\spuninst.exe
+ 2010-04-14 23:19 . 2008-05-09 10:54 430080 c:\windows\$NtUninstallKB981349$\vbscript.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB981349$\spuninst\updspapi.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB981349$\spuninst\spuninst.exe
+ 2010-08-11 01:07 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB980436$\spuninst\updspapi.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB980436$\spuninst\spuninst.exe
+ 2010-08-11 01:07 . 2009-06-25 08:25 147456 c:\windows\$NtUninstallKB980436$\schannel.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 388984 c:\windows\$NtUninstallKB980232$\spuninst\updspapi.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB980232$\spuninst\spuninst.exe
+ 2010-04-14 23:20 . 2009-12-04 18:22 455424 c:\windows\$NtUninstallKB980232$\mrxsmb.sys
+ 2010-06-08 23:47 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB980218$\spuninst\updspapi.dll
+ 2010-06-08 23:47 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB980218$\spuninst\spuninst.exe
+ 2010-06-08 23:47 . 2008-04-14 02:20 285696 c:\windows\$NtUninstallKB980218$\atmfd.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 388984 c:\windows\$NtUninstallKB980195$\spuninst\updspapi.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB980195$\spuninst\spuninst.exe
+ 2010-03-30 22:26 . 2009-12-22 05:07 672768 c:\windows\$NtUninstallKB980182$\wininet.dll
+ 2010-03-30 22:26 . 2009-12-22 05:07 628736 c:\windows\$NtUninstallKB980182$\urlmon.dll
+ 2010-03-30 22:26 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB980182$\spuninst\updspapi.dll
+ 2010-03-30 22:26 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB980182$\spuninst\spuninst.exe
+ 2010-03-30 22:26 . 2008-04-14 02:22 251904 c:\windows\$NtUninstallKB980182$\iepeers.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979683$\spuninst\updspapi.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979683$\spuninst\spuninst.exe
+ 2010-06-08 23:46 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979559$\spuninst\updspapi.dll
+ 2010-06-08 23:46 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB979559$\spuninst\spuninst.exe
+ 2010-06-08 23:44 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979482$\spuninst\updspapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979482$\spuninst\spuninst.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979309$\spuninst\updspapi.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB979309$\spuninst\spuninst.exe
+ 2010-02-24 17:36 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979306$\spuninst\updspapi.dll
+ 2010-02-24 17:36 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979306$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978706$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978706$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2008-04-14 02:22 346624 c:\windows\$NtUninstallKB978706$\mspaint.exe
+ 2010-06-08 23:44 . 2007-07-27 21:11 382840 c:\windows\$NtUninstallKB978695_WM9$\spuninst\updspapi.dll
+ 2010-06-08 23:44 . 2007-07-27 18:46 234872 c:\windows\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe
+ 2010-04-14 23:18 . 2008-04-14 02:22 176640 c:\windows\$NtUninstallKB978601$\wintrust.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978601$\spuninst\updspapi.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB978601$\spuninst\spuninst.exe
+ 2010-05-11 22:26 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-05-11 22:26 . 2008-04-11 19:04 691712 c:\windows\$NtUninstallKB978542$\inetcomm.dll
+ 2010-04-14 23:19 . 2008-06-20 11:08 225856 c:\windows\$NtUninstallKB978338$\tcpip6.sys
+ 2010-04-14 23:19 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978338$\spuninst\updspapi.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978338$\spuninst\spuninst.exe
+ 2010-04-14 23:19 . 2008-04-14 02:22 100352 c:\windows\$NtUninstallKB978338$\6to4svc.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978262$\spuninst\updspapi.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978262$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978251$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978251$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2008-10-24 11:21 455296 c:\windows\$NtUninstallKB978251$\mrxsmb.sys
+ 2010-01-22 20:37 . 2009-10-29 05:24 672768 c:\windows\$NtUninstallKB978207$\wininet.dll
+ 2010-01-22 20:37 . 2009-10-29 05:24 628736 c:\windows\$NtUninstallKB978207$\urlmon.dll
+ 2010-01-22 20:37 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978207$\spuninst\updspapi.dll
+ 2010-01-22 20:37 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB978207$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978037$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978037$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB977914$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB977914$\spuninst\spuninst.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB977816$\spuninst\updspapi.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB977816$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB977165$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB977165$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2009-09-25 05:35 672768 c:\windows\$NtUninstallKB976325$\wininet.dll
+ 2009-12-09 21:02 . 2009-09-25 05:35 628736 c:\windows\$NtUninstallKB976325$\urlmon.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB976325$\spuninst\updspapi.dll
+ 2009-12-09 21:02 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB976325$\spuninst\spuninst.exe
+ 2009-11-24 23:44 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB976098-v2$\spuninst\updspapi.dll
+ 2009-11-24 23:44 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB976098-v2$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975713$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB975713$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2008-04-14 02:22 474624 c:\windows\$NtUninstallKB975713$\shlwapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975562$\spuninst\updspapi.dll
+ 2010-06-08 23:44 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB975562$\spuninst\spuninst.exe
+ 2010-03-11 15:01 . 2009-05-26 16:10 388984 c:\windows\$NtUninstallKB975561$\spuninst\updspapi.dll
+ 2010-03-11 15:01 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB975561$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975560$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB975560$\spuninst\spuninst.exe
+ 2009-12-09 21:01 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB974392$\spuninst\updspapi.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB974392$\spuninst\spuninst.exe
+ 2009-12-09 21:01 . 2008-04-14 02:22 271360 c:\windows\$NtUninstallKB974392$\oakley.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB974318$\spuninst\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB974318$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2008-04-14 02:22 151040 c:\windows\$NtUninstallKB974318$\rastls.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB973904$\spuninst\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB973904$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2004-08-04 12:00 116288 c:\windows\$NtUninstallKB973904$\msconv97.dll
+ 2009-11-24 23:44 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB973687$\spuninst\updspapi.dll
+ 2009-11-24 23:44 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB973687$\spuninst\spuninst.exe
+ 2010-01-13 23:08 . 2009-06-16 14:36 119808 c:\windows\$NtUninstallKB972270$\t2embed.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 388984 c:\windows\$NtUninstallKB972270$\spuninst\updspapi.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB972270$\spuninst\spuninst.exe
+ 2009-12-09 21:01 . 2008-12-16 12:30 354304 c:\windows\$NtUninstallKB971737$\winhttp.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB971737$\spuninst\updspapi.dll
+ 2009-12-09 21:01 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB971737$\spuninst\spuninst.exe
+ 2010-02-09 22:53 . 2008-12-11 10:57 333952 c:\windows\$NtUninstallKB971468$\srv.sys
+ 2010-02-09 22:53 . 2008-07-08 13:00 388984 c:\windows\$NtUninstallKB971468$\spuninst\updspapi.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB971468$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB970430$\spuninst\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB970430$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2008-04-13 18:53 264832 c:\windows\$NtUninstallKB970430$\http.sys
+ 2010-01-13 23:08 . 2009-05-26 16:10 388984 c:\windows\$NtUninstallKB955759$\spuninst\updspapi.dll
+ 2010-01-13 23:08 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB955759$\spuninst\spuninst.exe
+ 2010-01-13 23:08 . 2008-04-14 02:22 451072 c:\windows\$NtUninstallKB955759$\aclayers.dll
+ 2010-03-08 21:27 . 2007-11-30 04:39 388984 c:\windows\$NtUninstallKB942288-v3$\spuninst\updspapi.dll
+ 2010-03-08 21:27 . 2007-11-30 04:39 234872 c:\windows\$NtUninstallKB942288-v3$\spuninst\spuninst.exe
+ 2010-03-08 21:27 . 2008-04-13 15:39 884736 c:\windows\$NtUninstallKB942288-v3$\msimsg.dll
+ 2010-03-08 21:27 . 2008-04-14 02:22 271360 c:\windows\$NtUninstallKB942288-v3$\msihnd.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe
+ 2010-07-14 14:02 . 2010-02-22 17:52 388984 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-07-14 14:02 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-07-14 14:02 . 2008-04-14 02:22 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-08-11 01:10 . 2010-04-16 16:06 672768 c:\windows\$NtUninstallKB2183461$\wininet.dll
+ 2010-08-11 01:10 . 2010-04-16 16:06 628736 c:\windows\$NtUninstallKB2183461$\urlmon.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB2183461$\spuninst\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB2183461$\spuninst\spuninst.exe
+ 2010-08-11 01:10 . 2010-04-16 16:06 251904 c:\windows\$NtUninstallKB2183461$\iepeers.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB2160329$\spuninst\updspapi.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB2160329$\spuninst\spuninst.exe
+ 2010-08-11 01:10 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB2115168$\spuninst\updspapi.dll
+ 2010-08-11 01:10 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB2115168$\spuninst\spuninst.exe
+ 2010-08-11 01:09 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB2079403$\spuninst\updspapi.dll
+ 2010-08-11 01:09 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB2079403$\spuninst\spuninst.exe
+ 2010-08-11 01:05 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB982665\update\updspapi.dll
+ 2010-08-11 01:05 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB982665\update\update.exe
+ 2010-08-11 01:05 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB982665\spuninst.exe
+ 2010-06-08 23:38 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB982381\update\updspapi.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB982381\update\update.exe
+ 2010-06-08 23:38 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB982381\spuninst.exe
+ 2010-04-16 16:00 . 2010-04-16 16:00 674304 c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 629760 c:\windows\$hf_mig$\KB982381\SP3QFE\urlmon.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 251904 c:\windows\$hf_mig$\KB982381\SP3QFE\iepeers.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB982214\update\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB982214\update\update.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB982214\spuninst.exe
+ 2010-08-10 19:56 . 2010-06-21 14:18 354304 c:\windows\$hf_mig$\KB982214\SP3QFE\srv.sys
+ 2010-08-11 01:05 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB981997\update\updspapi.dll
+ 2010-08-11 01:05 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB981997\update\update.exe
+ 2010-08-11 01:05 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB981997\spuninst.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB981852\update\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB981852\update\update.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB981852\spuninst.exe
+ 2010-04-14 23:19 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB981349\update\updspapi.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB981349\update\update.exe
+ 2010-04-14 23:19 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB981349\spuninst.exe
+ 2010-03-09 11:07 . 2010-03-09 11:07 430080 c:\windows\$hf_mig$\KB981349\SP3QFE\vbscript.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB980436\update\updspapi.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB980436\update\update.exe
+ 2010-08-11 01:07 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB980436\spuninst.exe
+ 2010-06-30 12:23 . 2010-06-30 12:23 149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 388984 c:\windows\$hf_mig$\KB980232\update\updspapi.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 765304 c:\windows\$hf_mig$\KB980232\update\update.exe
+ 2010-04-14 23:20 . 2009-05-26 09:01 234872 c:\windows\$hf_mig$\KB980232\spuninst.exe
+ 2010-04-14 19:12 . 2010-02-24 11:57 457216 c:\windows\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys
+ 2010-06-08 23:47 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB980218\update\updspapi.dll
+ 2010-06-08 23:47 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB980218\update\update.exe
+ 2010-06-08 23:47 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB980218\spuninst.exe
+ 2010-04-20 05:37 . 2010-04-20 05:37 285824 c:\windows\$hf_mig$\KB980218\SP3QFE\atmfd.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 388984 c:\windows\$hf_mig$\KB980195\update\updspapi.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 765304 c:\windows\$hf_mig$\KB980195\update\update.exe
+ 2010-06-08 23:47 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB980195\spuninst.exe
+ 2010-03-30 22:26 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB980182\update\updspapi.dll
+ 2010-03-30 22:26 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB980182\update\update.exe
+ 2010-03-30 22:26 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB980182\spuninst.exe
+ 2010-02-26 05:37 . 2010-02-26 05:37 674304 c:\windows\$hf_mig$\KB980182\SP3QFE\wininet.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 629760 c:\windows\$hf_mig$\KB980182\SP3QFE\urlmon.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 251904 c:\windows\$hf_mig$\KB980182\SP3QFE\iepeers.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979683\update\updspapi.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979683\update\update.exe
+ 2010-04-14 23:20 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB979683\spuninst.exe
+ 2010-06-08 23:46 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979559\update\updspapi.dll
+ 2010-06-08 23:46 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979559\update\update.exe
+ 2010-06-08 23:46 . 2009-05-26 09:01 234872 c:\windows\$hf_mig$\KB979559\spuninst.exe
+ 2010-06-08 23:44 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-06-08 23:44 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979309\update\updspapi.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979309\update\update.exe
+ 2010-04-14 23:18 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB979309\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978706\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978706\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978706\spuninst.exe
+ 2009-12-17 07:37 . 2009-12-17 07:37 346624 c:\windows\$hf_mig$\KB978706\SP3QFE\mspaint.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978601\update\updspapi.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978601\update\update.exe
+ 2010-04-14 23:18 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB978601\spuninst.exe
+ 2009-12-24 06:42 . 2009-12-24 06:42 178176 c:\windows\$hf_mig$\KB978601\SP3QFE\wintrust.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-05-11 22:26 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978338\update\updspapi.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978338\update\update.exe
+ 2010-04-14 23:19 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978338\spuninst.exe
+ 2010-02-11 11:36 . 2010-02-11 11:36 226880 c:\windows\$hf_mig$\KB978338\SP3QFE\tcpip6.sys
+ 2010-02-12 04:28 . 2010-02-12 04:28 100864 c:\windows\$hf_mig$\KB978338\SP3QFE\6to4svc.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978262\update\updspapi.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978262\update\update.exe
+ 2010-02-09 22:53 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978262\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978251\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978251\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978251\spuninst.exe
+ 2010-02-09 21:24 . 2009-12-04 17:25 456832 c:\windows\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys
+ 2010-01-22 20:37 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978207\update\updspapi.dll
+ 2010-01-22 20:37 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978207\update\update.exe
+ 2010-01-22 20:37 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB978207\spuninst.exe
+ 2009-12-22 05:05 . 2009-12-22 05:05 674304 c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
+ 2009-12-22 05:05 . 2009-12-22 05:05 629760 c:\windows\$hf_mig$\KB978207\SP3QFE\urlmon.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978037\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978037\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978037\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB977914\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB977914\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB977914\spuninst.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB977816\update\updspapi.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB977816\update\update.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB977816\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB977165\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB977165\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB977165\spuninst.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB976325\update\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB976325\update\update.exe
+ 2009-12-09 21:02 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB976325\spuninst.exe
+ 2009-10-29 05:22 . 2009-10-29 05:22 674304 c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll
+ 2009-10-29 05:22 . 2009-10-29 05:22 629760 c:\windows\$hf_mig$\KB976325\SP3QFE\urlmon.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975713\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975713\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB975713\spuninst.exe
+ 2009-12-08 09:01 . 2009-12-08 09:01 474624 c:\windows\$hf_mig$\KB975713\SP3QFE\shlwapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-06-08 23:44 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2010-03-11 15:01 . 2009-05-26 16:10 388984 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2010-03-11 15:01 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975561\update\update.exe
+ 2010-03-11 15:01 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB975561\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975560\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB975560\spuninst.exe
+ 2009-12-09 21:01 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB974392\update\updspapi.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB974392\update\update.exe
+ 2009-12-09 21:01 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB974392\spuninst.exe
+ 2009-10-13 10:38 . 2009-10-13 10:38 271360 c:\windows\$hf_mig$\KB974392\SP3QFE\oakley.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB974318\update\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB974318\update\update.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB974318\spuninst.exe
+ 2009-10-12 13:29 . 2009-10-12 13:29 151040 c:\windows\$hf_mig$\KB974318\SP3QFE\rastls.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB973904\update\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB973904\update\update.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB973904\spuninst.exe
+ 2009-12-09 19:29 . 2009-07-29 14:01 119648 c:\windows\$hf_mig$\KB973904\SP3QFE\msconv97.dll
+ 2009-11-24 23:44 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB973687\update\updspapi.dll
+ 2009-11-24 23:44 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB973687\update\update.exe
+ 2009-11-24 23:44 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB973687\spuninst.exe
+ 2010-01-13 23:08 . 2008-07-08 13:00 388984 c:\windows\$hf_mig$\KB972270\update\updspapi.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 765304 c:\windows\$hf_mig$\KB972270\update\update.exe
+ 2010-01-13 23:08 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB972270\spuninst.exe
+ 2010-01-13 20:35 . 2009-10-15 16:38 119808 c:\windows\$hf_mig$\KB972270\SP3QFE\t2embed.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB971737\update\updspapi.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB971737\update\update.exe
+ 2009-12-09 21:01 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB971737\spuninst.exe
+ 2009-08-25 09:27 . 2009-08-25 09:27 354816 c:\windows\$hf_mig$\KB971737\SP3QFE\winhttp.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 388984 c:\windows\$hf_mig$\KB971468\update\updspapi.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 765304 c:\windows\$hf_mig$\KB971468\update\update.exe
+ 2010-02-09 22:53 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB971468\spuninst.exe
+ 2010-02-09 21:24 . 2010-01-01 07:58 353792 c:\windows\$hf_mig$\KB971468\SP3QFE\srv.sys
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB970430\update\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB970430\update\update.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB970430\spuninst.exe
+ 2009-10-20 15:21 . 2009-10-20 15:21 265728 c:\windows\$hf_mig$\KB970430\SP3QFE\http.sys
+ 2010-01-13 23:08 . 2009-05-26 16:10 388984 c:\windows\$hf_mig$\KB955759\update\updspapi.dll
+ 2010-01-13 23:08 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB955759\update\update.exe
+ 2010-01-13 23:08 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB955759\spuninst.exe
+ 2010-01-13 20:35 . 2009-11-21 15:42 471552 c:\windows\$hf_mig$\KB955759\SP3QFE\aclayers.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB2286198\update\update.exe
+ 2010-08-03 13:25 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB2286198\spuninst.exe
+ 2010-07-14 14:02 . 2010-02-22 17:52 388984 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-07-14 14:02 . 2010-02-22 14:21 765304 c:\windows\$hf_mig$\KB2229593\update\update.exe
+ 2010-07-14 14:02 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-07-14 13:24 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB2183461\update\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB2183461\update\update.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB2183461\spuninst.exe
+ 2010-06-24 12:11 . 2010-06-24 12:11 674304 c:\windows\$hf_mig$\KB2183461\SP3QFE\wininet.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 629760 c:\windows\$hf_mig$\KB2183461\SP3QFE\urlmon.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 251904 c:\windows\$hf_mig$\KB2183461\SP3QFE\iepeers.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB2160329\update\updspapi.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB2160329\update\update.exe
+ 2010-08-11 01:07 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB2160329\spuninst.exe
+ 2010-08-11 01:10 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB2115168\update\updspapi.dll
+ 2010-08-11 01:10 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB2115168\update\update.exe
+ 2010-08-11 01:10 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB2115168\spuninst.exe
+ 2010-08-11 01:09 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll
+ 2010-08-11 01:09 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB2079403\update\update.exe
+ 2010-08-11 01:09 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB2079403\spuninst.exe
+ 2009-07-11 19:46 . 2009-07-11 19:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-11 19:46 . 2009-07-11 19:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2009-07-20 23:03 . 2009-07-20 23:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2004-08-04 12:00 . 2010-04-06 02:52 2462720 c:\windows\system32\WMVCore.dll
+ 2004-08-04 12:00 . 2010-06-24 09:02 1852032 c:\windows\system32\win32k.sys
+ 2010-03-08 21:30 . 2008-03-27 16:49 1112288 c:\windows\system32\wdfcoinstaller01007.dll
+ 2004-08-04 12:00 . 2010-07-27 06:29 8503296 c:\windows\system32\shell32.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 1509888 c:\windows\system32\shdocvw.dll
- 2004-08-04 12:00 . 2009-09-25 05:35 1509888 c:\windows\system32\shdocvw.dll
+ 2004-08-04 12:00 . 2010-02-05 18:25 1297408 c:\windows\system32\quartz.dll
+ 2004-08-04 12:00 . 2010-04-28 05:41 2148864 c:\windows\system32\ntoskrnl.exe
+ 2004-08-04 00:50 . 2010-04-28 05:41 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2008-08-29 19:06 . 2009-07-31 09:02 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-20 23:05 . 2009-07-20 23:05 1348432 c:\windows\system32\msxml4.dll
+ 2004-08-04 12:00 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
+ 2004-08-04 12:00 . 2008-05-19 05:33 4445184 c:\windows\system32\msi.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 3094016 c:\windows\system32\mshtml.dll
+ 2009-02-03 02:15 . 2010-07-05 16:38 5612496 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motusbdevi_4F7E6DAFBCC5BFBD9F5E79EE8F9E5A7CAA4E99DA\wdfcoinstaller01007.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motport_8D8D33AD41012F86EAEB5F1E61B6042B8F506586\wdfcoinstaller01007.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motousbnet_6D791DAFE11EF3F28FC4B4204124883A85101411\wdfcoinstaller01007.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motoandroi_9C5ADBB3F416A3229DD948F7BBC46ECA50A38AC1\wdfcoinstaller01007.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motmodem_0AFD2376E9CEC21E2C9824A1713C17124B94ACE8\wdfcoinstaller01007.dll
+ 2010-03-08 21:30 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motccgp_A0FA88AB3B3F3737224F9CFABDF26194C9F2A878\wdfcoinstaller01007.dll
+ 2004-08-04 12:00 . 2010-04-06 02:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-15 19:04 . 2010-06-24 09:02 1852032 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-17 19:00 . 2010-07-27 06:29 8503296 c:\windows\system32\dllcache\shell32.dll
+ 2008-06-26 08:12 . 2010-06-24 12:10 1509888 c:\windows\system32\dllcache\shdocvw.dll
- 2008-06-26 08:12 . 2009-09-25 05:35 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-05-07 05:10 . 2010-02-05 18:25 1297408 c:\windows\system32\dllcache\quartz.dll
+ 2008-10-15 19:04 . 2010-04-28 18:11 2192256 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-11-27 16:37 . 2009-07-31 09:02 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2004-08-04 12:00 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-08-12 19:03 . 2010-01-29 14:59 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-12 19:03 . 2009-07-10 13:26 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-05-19 05:33 . 2008-05-19 05:33 4445184 c:\windows\system32\dllcache\msi.dll
+ 2008-06-23 15:10 . 2010-06-24 12:10 3094016 c:\windows\system32\dllcache\mshtml.dll
+ 2010-03-11 13:29 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2010-03-10 04:33 . 2010-06-24 12:10 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2009-11-06 23:06 . 2009-11-06 23:06 1130824 c:\windows\system32\dfshim.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 1025024 c:\windows\system32\browseui.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 1025024 c:\windows\system32\browseui.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-11-25 02:59 . 2008-11-25 02:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-09-22 07:44 . 2010-09-22 07:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2009-08-07 21:51 . 2009-08-07 21:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 13:55 . 2010-09-23 13:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 13:55 . 2010-09-23 13:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 00:25 . 2010-09-23 00:25 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-09-23 13:55 . 2010-09-23 13:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-04-11 20:17 . 2010-04-11 20:17 2607104 c:\windows\Installer\e2da11.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 4210688 c:\windows\Installer\e2da10.msp
+ 2009-11-08 22:25 . 2009-11-08 22:25 1935360 c:\windows\Installer\c734fb.msp
+ 2010-08-04 13:12 . 2010-08-04 13:12 1004544 c:\windows\Installer\a2be0c.msp
+ 2010-08-25 15:06 . 2010-08-25 15:06 6479360 c:\windows\Installer\a2be04.msp
+ 2010-09-26 11:52 . 2010-09-26 11:52 1223680 c:\windows\Installer\324b3d.msi
+ 2010-09-23 05:39 . 2010-09-23 05:39 4265472 c:\windows\Installer\28f9bf.msp
+ 2009-12-11 20:01 . 2009-12-11 20:01 3751424 c:\windows\Installer\1c85496.msp
+ 2009-08-25 08:59 . 2009-08-25 08:59 3731456 c:\windows\Installer\1c85483.msp
+ 2008-10-25 07:15 . 2008-10-25 07:15 6227456 c:\windows\Installer\1c85479.msp
+ 2009-09-29 07:08 . 2009-09-29 07:08 6747648 c:\windows\Installer\1c85470.msp
+ 2010-04-24 15:10 . 2010-04-24 15:10 8486400 c:\windows\Installer\1c85466.msp
+ 2010-10-09 14:02 . 2010-10-09 14:02 4242432 c:\windows\Installer\132de.msi
+ 2010-07-20 09:41 . 2010-07-20 09:41 3750912 c:\windows\Installer\11e4dcf.msp
+ 2010-07-10 18:14 . 2010-07-10 18:14 2850816 c:\windows\Installer\11e4dba.msp
+ 2010-09-26 15:44 . 2010-09-26 15:44 1575936 c:\windows\Installer\1080ad6.msi
+ 2007-05-31 11:37 . 2007-05-31 11:37 8812384 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.8173\WORDVIEW.EXE
+ 2005-05-03 18:09 . 2005-05-03 18:09 6864584 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\WORDVIEW.EXE
+ 2009-09-29 09:26 . 2009-09-29 09:26 1865000 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\uneromediacon.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 1007616 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\pst.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 2102568 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmttranscoder.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 2508072 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmplaybackcomponent.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 4085032 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\neroipp.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 2135336 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerodigitalext.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 4457768 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerodigital.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 1062184 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\neee.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 1614632 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.exe
+ 2009-08-19 16:04 . 2009-08-19 16:04 4542296 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\WRD12CNV.DLL
+ 2008-10-15 19:04 . 2010-04-28 18:11 2192256 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-10-07 13:06 . 2010-10-07 13:06 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_709a6107\System.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_5dd8cef6\System.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_923f9c96\System.Xml.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_499dc5ab\System.Xml.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_9ee61cd5\System.Windows.Forms.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_6e250af5\System.Windows.Forms.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7395dc4f\System.Drawing.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_fa55dd17\System.Design.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_5f0de5b3\System.Design.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a4d4f14e\mscorlib.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_97129bf6\mscorlib.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d13674449b3ae21327820bddbd7e445f\WindowsLive.Writer.PostEditor.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c266f56473a94ee07c092381c2ff9522\WindowsLive.Writer.CoreServices.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ba732eb3a84c96e8bf60495395efbfac\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll
+ 2010-10-07 14:58 . 2010-10-07 14:58 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4200f716e9a41cb91d17516ba864e586\System.Web.Mobile.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-10-07 15:24 . 2010-10-07 15:24 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1006592 c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.MediaSoftware.#\ed83e73efeb1f4b749fb75037f411eef\Sony.MediaSoftware.clrshared.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 1604608 c:\windows\assembly\NativeImages_v2.0.50727_32\MML\9ffac1e881758ab0bcdba840b20460ff\MML.ni.exe
+ 2010-08-11 16:25 . 2010-08-11 16:25 1071104 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Media.M#\e116bba2e3b33ff4e1aa78178fdb1199\MML.Modules.Media.Music.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 2126848 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Infrastructure\4802b9bb0c47a0599176e8c00f42cdec\MML.Infrastructure.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1786880 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager\bd80d47c7868b76d47549b7a7cc29941\MediaManager.ni.exe
+ 2010-10-07 15:25 . 2010-10-07 15:25 7511552 c:\windows\assembly\NativeImages_v2.0.50727_32\AppCommon\4805a561c6fa0293f9ee54775f785d3f\AppCommon.ni.dll
+ 2010-06-24 00:59 . 2010-06-24 00:59 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-10-08 12:28 . 2010-10-08 12:28 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2009-08-22 12:47 . 2009-08-22 12:47 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-06-24 00:59 . 2010-06-24 00:59 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-16 21:16 . 2009-10-16 21:16 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-22 12:43 . 2009-08-22 12:43 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-06-24 00:59 . 2010-06-24 00:59 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-10-16 21:13 . 2009-10-16 21:13 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-10-07 13:06 . 2010-10-07 13:06 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-10-07 13:06 . 2010-10-07 13:06 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-16 21:13 . 2009-10-16 21:13 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-08 23:38 . 2010-03-10 04:33 1509888 c:\windows\$NtUninstallKB982381$\shdocvw.dll
+ 2010-06-08 23:38 . 2010-02-26 05:41 3094016 c:\windows\$NtUninstallKB982381$\mshtml.dll
+ 2010-06-08 23:38 . 2010-03-10 04:33 1025024 c:\windows\$NtUninstallKB982381$\browseui.dll
+ 2010-08-11 01:05 . 2009-10-23 15:28 3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe
+ 2010-08-11 01:09 . 2010-02-16 19:04 2148864 c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
+ 2010-08-11 01:09 . 2010-02-16 19:04 2027008 c:\windows\$NtUninstallKB981852$\ntkrpamp.exe
+ 2010-08-11 01:09 . 2010-02-16 19:04 2027008 c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
+ 2010-08-11 01:09 . 2010-02-16 19:04 2148864 c:\windows\$NtUninstallKB981852$\ntkrnlmp.exe
+ 2010-03-30 22:26 . 2009-12-22 05:07 1509888 c:\windows\$NtUninstallKB980182$\shdocvw.dll
+ 2010-03-30 22:26 . 2009-12-22 05:07 3092480 c:\windows\$NtUninstallKB980182$\mshtml.dll
+ 2010-03-30 22:26 . 2008-04-14 02:22 1025024 c:\windows\$NtUninstallKB980182$\browseui.dll
+ 2010-04-14 23:20 . 2009-12-09 10:05 2147840 c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
+ 2010-04-14 23:20 . 2009-12-09 10:05 2026496 c:\windows\$NtUninstallKB979683$\ntkrpamp.exe
+ 2010-04-14 23:20 . 2009-12-09 10:05 2026496 c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
+ 2010-04-14 23:20 . 2009-12-09 10:05 2147840 c:\windows\$NtUninstallKB979683$\ntkrnlmp.exe
+ 2010-06-08 23:46 . 2009-08-14 15:10 1850752 c:\windows\$NtUninstallKB979559$\win32k.sys
+ 2010-06-08 23:44 . 2009-05-20 02:56 2458112 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll
+ 2010-05-11 22:26 . 2009-07-10 13:26 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-01-22 20:37 . 2009-10-29 05:24 1509888 c:\windows\$NtUninstallKB978207$\shdocvw.dll
+ 2010-01-22 20:37 . 2009-10-29 18:54 3091968 c:\windows\$NtUninstallKB978207$\mshtml.dll
+ 2010-02-09 22:51 . 2009-08-04 17:26 2147840 c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
+ 2010-02-09 22:51 . 2009-08-04 17:25 2026496 c:\windows\$NtUninstallKB977165$\ntkrpamp.exe
+ 2010-02-09 22:51 . 2009-08-04 17:25 2026496 c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
+ 2010-02-09 22:51 . 2009-08-04 17:26 2147840 c:\windows\$NtUninstallKB977165$\ntkrnlmp.exe
+ 2009-12-09 21:02 . 2009-09-25 05:35 1509888 c:\windows\$NtUninstallKB976325$\shdocvw.dll
+ 2009-12-09 21:02 . 2009-10-19 23:51 3091968 c:\windows\$NtUninstallKB976325$\mshtml.dll
+ 2010-06-08 23:44 . 2009-11-27 17:11 1297408 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2010-03-11 15:01 . 2008-04-14 02:22 3558912 c:\windows\$NtUninstallKB975561$\moviemk.exe
+ 2010-02-09 22:51 . 2009-06-03 19:09 1296896 c:\windows\$NtUninstallKB975560$\quartz.dll
+ 2009-11-24 23:44 . 2008-09-10 01:13 1307648 c:\windows\$NtUninstallKB973687$\msxml6.dll
+ 2009-11-24 23:44 . 2008-09-04 17:15 1106944 c:\windows\$NtUninstallKB973687$\msxml3.dll
+ 2010-03-08 21:27 . 2008-04-14 02:22 2843136 c:\windows\$NtUninstallKB942288-v3$\msi.dll
+ 2010-08-03 13:25 . 2008-06-17 19:00 8502272 c:\windows\$NtUninstallKB2286198$\shell32.dll
+ 2010-08-11 01:10 . 2010-04-16 16:06 1509888 c:\windows\$NtUninstallKB2183461$\shdocvw.dll
+ 2010-08-11 01:10 . 2010-04-16 16:06 3094016 c:\windows\$NtUninstallKB2183461$\mshtml.dll
+ 2010-08-11 01:10 . 2010-04-16 16:06 1025024 c:\windows\$NtUninstallKB2183461$\browseui.dll
+ 2010-08-11 01:07 . 2010-05-02 08:05 1851392 c:\windows\$NtUninstallKB2160329$\win32k.sys
+ 2010-08-11 01:09 . 2009-07-31 04:32 1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 1509888 c:\windows\$hf_mig$\KB982381\SP3QFE\shdocvw.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 3094528 c:\windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll
+ 2010-04-16 15:59 . 2010-04-16 15:59 1025024 c:\windows\$hf_mig$\KB982381\SP3QFE\browseui.dll
+ 2010-08-10 19:56 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe
+ 2010-08-10 19:56 . 2010-04-28 05:15 2192384 c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
+ 2010-08-10 19:56 . 2010-04-28 05:15 2027008 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrpamp.exe
+ 2010-04-28 21:15 . 2010-04-28 21:15 2069248 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
+ 2010-08-10 19:56 . 2010-04-28 05:15 2148864 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlmp.exe
+ 2010-03-10 04:54 . 2010-03-10 04:54 1509888 c:\windows\$hf_mig$\KB980182\SP3QFE\shdocvw.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 3094528 c:\windows\$hf_mig$\KB980182\SP3QFE\mshtml.dll
+ 2010-03-10 04:53 . 2010-03-10 04:53 1025024 c:\windows\$hf_mig$\KB980182\SP3QFE\browseui.dll
+ 2010-04-14 19:13 . 2010-02-16 18:58 2192384 c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
+ 2010-04-14 19:13 . 2010-02-16 18:58 2027008 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrpamp.exe
+ 2010-04-14 19:13 . 2010-02-16 18:58 2069248 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
+ 2010-04-14 19:13 . 2010-02-16 18:58 2148864 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlmp.exe
+ 2010-05-02 08:00 . 2010-05-02 08:00 1860480 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys
+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2009-12-22 05:05 . 2009-12-22 05:05 1509888 c:\windows\$hf_mig$\KB978207\SP3QFE\shdocvw.dll
+ 2009-12-22 05:05 . 2009-12-22 05:05 3094528 c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
+ 2009-12-09 14:29 . 2009-12-09 14:29 2191616 c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
+ 2010-02-09 21:23 . 2009-12-09 09:58 2026496 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrpamp.exe
+ 2009-12-09 14:29 . 2009-12-09 14:29 2068480 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
+ 2010-02-09 21:23 . 2009-12-09 09:58 2147840 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlmp.exe
+ 2009-10-29 05:22 . 2009-10-29 05:22 1509888 c:\windows\$hf_mig$\KB976325\SP3QFE\shdocvw.dll
+ 2009-10-29 05:22 . 2009-10-29 05:22 3094016 c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll
+ 2010-02-05 18:28 . 2010-02-05 18:28 1297408 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2010-03-11 13:29 . 2009-10-23 14:53 3558912 c:\windows\$hf_mig$\KB975561\SP3QFE\moviemk.exe
+ 2009-11-27 17:23 . 2009-11-27 17:23 1297408 c:\windows\$hf_mig$\KB975560\SP3QFE\quartz.dll
+ 2009-11-24 18:04 . 2009-07-31 04:24 1447424 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml6.dll
+ 2009-11-24 18:04 . 2009-07-31 04:24 1172480 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml3.dll
+ 2010-07-27 06:27 . 2010-07-27 06:27 8504320 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 1509888 c:\windows\$hf_mig$\KB2183461\SP3QFE\shdocvw.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 3094528 c:\windows\$hf_mig$\KB2183461\SP3QFE\mshtml.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 1025024 c:\windows\$hf_mig$\KB2183461\SP3QFE\browseui.dll
+ 2010-06-24 21:29 . 2010-06-24 21:29 1861248 c:\windows\$hf_mig$\KB2160329\SP3QFE\win32k.sys
+ 2010-06-14 07:39 . 2010-06-14 07:39 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll
+ 2007-04-21 11:27 . 2010-09-18 22:44 35552200 c:\windows\system32\MRT.exe
+ 2010-04-02 17:29 . 2010-04-02 17:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-09-24 12:08 . 2010-09-24 12:08 11430400 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp
+ 2010-04-02 10:30 . 2010-04-02 10:30 17456640 c:\windows\Installer\e2da53.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 14599680 c:\windows\Installer\e2da20.msp
+ 2010-03-30 23:23 . 2010-03-30 23:23 15638528 c:\windows\Installer\c73508.msp
+ 2010-06-04 14:00 . 2010-06-04 14:00 20242432 c:\windows\Installer\c20e2.msp
+ 2010-03-08 21:33 . 2010-03-08 21:33 21181952 c:\windows\Installer\bdedaf.msi
+ 2010-01-20 00:36 . 2010-01-20 00:36 15710720 c:\windows\Installer\ae2a64.msp
+ 2010-09-08 14:00 . 2010-09-08 14:00 20303872 c:\windows\Installer\ad2ba.msp
+ 2007-07-31 12:29 . 2007-07-31 12:29 12886528 c:\windows\Installer\8110b0.msp
+ 2010-09-29 17:07 . 2010-09-29 17:07 20303872 c:\windows\Installer\45fcaa.msp
+ 2010-03-09 17:50 . 2010-03-09 17:50 28027392 c:\windows\Installer\357a0.msp
+ 2010-09-24 05:08 . 2010-09-24 05:08 17518080 c:\windows\Installer\28f9b5.msp
+ 2010-05-11 09:30 . 2010-05-11 09:30 11194880 c:\windows\Installer\1c854a9.msp
+ 2010-04-24 15:09 . 2010-04-24 15:09 11750912 c:\windows\Installer\1c8549f.msp
+ 2010-05-19 11:08 . 2010-05-19 11:08 11408896 c:\windows\Installer\11e4dc5.msp
+ 2007-06-18 15:16 . 2007-06-18 15:16 12259160 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.8173\MSO.DLL
+ 2005-04-22 04:57 . 2005-04-22 04:57 12235968 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\MSO.DLL
+ 2009-08-17 15:39 . 2009-08-17 15:39 15119720 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\XL12CNV.EXE
+ 2009-08-17 14:40 . 2009-08-17 14:40 17309040 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\MSO.DLL
+ 2010-08-11 14:15 . 2010-08-11 14:15 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-10-07 14:58 . 2010-10-07 14:58 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll
+ 2010-10-07 15:24 . 2010-10-07 15:24 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
+ 2010-10-07 14:58 . 2010-10-07 14:59 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2010-03-06 202256]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-09-06 413696]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk
backup=c:\windows\pss\Adobe Reader - Schnellstart.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^NkbMonitor.exe.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\NkbMonitor.exe.lnk
backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Winexit.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Winexit.lnk
backup=c:\windows\pss\Winexit.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^OpenOffice.org 2.1.lnk]
path=c:\dokumente und einstellungen\User\Startmenü\Programme\Autostart\OpenOffice.org 2.1.lnk
backup=c:\windows\pss\OpenOffice.org 2.1.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
2008-09-26 09:02 2356088 ----a-r- c:\programme\Gemeinsame Dateien\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 -c--a-w- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-09-10 15:40 289576 ----a-w- c:\programme\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-22 10:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-22 10:22 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-22 10:22 1622016 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45 75304 ----a-w- c:\programme\ScanSoft\OmniPageSE4.0\OpWareSE4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
2008-09-06 13:09 413696 ----a-w- c:\programme\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerBar]
2004-12-31 10:01 110592 ------w- c:\programme\CyberLink\PowerStarter\PowerBar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 13:09 413696 ----a-w- c:\programme\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 18:24 32768 -c--a-w- c:\programme\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-06-28 06:54 16248320 -c--a-w- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 -c--a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\programme\Gemeinsame Dateien\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-06 16:55 202256 ----a-w- c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2008-05-02 04:15 15872 ----a-w- c:\programme\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-01-15 22:54 37376 ----a-w- c:\programme\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{1290A33C-85F5-4164-A1BE-7DD299D4986A}]
2004-06-08 16:33 69721 -c----w- c:\programme\CyberLink\PowerBackup\PBKScheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wscsvc"=2 (0x2)
"CiSvc"=3 (0x3)
"ImapiService"=3 (0x3)
"NVSvc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Sony\\Media Manager for WALKMAN\\MediaManager.exe"=
"c:\\Programme\\Trillian\\trillian.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programme\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programme\\Motorola Media Link\\MML.exe"=
"c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programme\\ICQ7.2\\ICQ.exe"=
"c:\\Programme\\ICQ7.2\\aolload.exe"=
"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57203:TCP"= 57203:TCP:Pando Media Booster
"57203:UDP"= 57203:UDP:Pando Media Booster

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [30.10.2009 13:59 108289]
R2 DeviceMonitorService;DeviceMonitorService;c:\programme\Motorola Media Link\NServiceEntry.exe [12.10.2009 11:46 87336]
R2 MotoConnect Service;MotoConnect Service;c:\programme\Motorola\MotoConnectService\MotoConnectService.exe [08.03.2010 23:29 91392]
S2 gupdate1c9b3abc89374fa;Google Update Service (gupdate1c9b3abc89374fa);c:\programme\Google\Update\GoogleUpdate.exe [02.04.2009 17:57 133104]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [08.03.2010 23:30 6016]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [08.03.2010 23:30 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [08.03.2010 23:30 8320]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [09.03.2010 19:48 23552]
S3 VtcDrv;Philips SA60xx Recovery Device;c:\windows\system32\drivers\vtcdrv.sys [07.02.2008 17:40 18560]
.
Inhalt des "geplante Tasks" Ordners

2010-10-12 c:\windows\Tasks\Google Software Updater.job
- c:\programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 15:57]

2010-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-04-02 15:57]

2010-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-04-02 15:57]

2010-10-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1004.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2010-10-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2010-10-09 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1004.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2010-10-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - Welcome to Windows Live
IE: Easy-WebPrint - Drucken - c:\programme\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Schnelldruck - c:\programme\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint - Vorschau - c:\programme\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Zu Druckliste hinzufügen - c:\programme\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: In neuer Registerkarte im Hintergrund öffnen - c:\programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?79a16f71681d4223b2d015193d61ffce
IE: In neuer Registerkarte im Vordergrund öffnen - c:\programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?79a16f71681d4223b2d015193d61ffce
FF - ProfilePath - c:\dokumente und einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\
FF - prefs.js: browser.search.selectedEngine -
FF - plugin: c:\programme\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\programme\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programme\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\programme\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

MSConfigStartUp-mmtask - c:\program files\MusicMatch\MusicMatch Jukebox\mmtask.exe
MSConfigStartUp-msnmsgr - c:\programme\MSN Messenger\msnmsgr.exe
MSConfigStartUp-PCSuiteTrayApplication - c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
MSConfigStartUp-PcSync - c:\programme\Nokia\Nokia PC Suite 6\PcSync2.exe
MSConfigStartUp-Picasa Media Detector - c:\programme\Picasa2\PicasaMediaDetector.exe
MSConfigStartUp-Steam - d:\spiele\Steam.exe
MSConfigStartUp-SunJavaUpdateSched - c:\programme\Java\jre1.5.0_11\bin\jusched.exe
MSConfigStartUp-Wambo - c:\programme\Swapper\Swapper.exe


.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'explorer.exe'(3948)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe
c:\windows\system32\PnkBstrA.exe
c:\programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\RUNDLL32.EXE
c:\programme\Motorola\MotoConnectService\MotoConnect.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-10-12 14:45:52 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2010-10-12 12:45
ComboFix2.txt 2009-11-24 19:39

Vor Suchlauf: 5.558.247.424 Bytes frei
Nach Suchlauf: 5.616.963.584 Bytes frei

- - End Of File - - D5B6D71400F9059362419DB9F7011615

cosinus 13.10.2010 08:02
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus

Downloade Dir anschließend bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

El_Kimmo 13.10.2010 20:47
Also GMER hat sich nach Stunden aufgehangen also keine Log ausgespuckt und die Downloadseite von OSAM ist down. Soll ich dann trotzdem MBRcheck ausführen ?

cosinus 15.10.2010 11:18
Ersatzlink für OSAM => File-Upload.net - osam.zip

El_Kimmo 15.10.2010 15:48
Die Verbindung zur Online Datenbank schlug fehl. Aber hier das Log

OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
Online Solutions. Complex Protection for Information Systems
Saved at 16:47:00 on 15.10.2010

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.10

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Software Updater.job" - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1004.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1004.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl
"PhysX.cpl" - ? - C:\WINDOWS\system32\PhysX.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"Pando" - "Pando Networks" - C:\Programme\Pando Networks\Media Booster\PMB.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\DOKUME~1\Detlef\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"ENTECH" (ENTECH) - "EnTech Taiwan" - C:\WINDOWS\system32\DRIVERS\ENTECH.sys
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"MxlW2k" (MxlW2k) - "MusicMatch, Inc." - C:\WINDOWS\system32\drivers\MxlW2k.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"Philips SA60xx Recovery Device" (VtcDrv) - "Windows (R) Codename Longhorn DDK provider" - C:\WINDOWS\System32\Drivers\vtcdrv.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys  (File found, but it contains no detailed information)
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 2.1\program\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{CE433D33-14CB-42EB-B666-ECBF98C80DD2} "Draw Property Sheet" - ? -  (File not found | COM-object registry key not found)
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "ICQ Lite Shell Extension" - ? -  (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -  (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{6A1122A1-6D55-11D0-9E64-0000C04E5143} "Mls shell extension" - ? -  (File not found | COM-object registry key not found)
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 2.1\program\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 2.1\program\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 2.1\program\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 2.1\program\shlxthdl.dll
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\programme\real\realplayer\rpshell.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -  (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{BD88A479-9623-4897-8546-BC62B9628F44} "SPTHandler" - ? -  (File not found | COM-object registry key not found)
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - C:\Programme\Unlocker\UnlockerCOM.dll  (File found, but it contains no detailed information)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll
<binary data> "ITBarLayout" - ? -  (File not found | COM-object registry key not found)
<binary data> "{00000000-0000-0000-0000-000000000000}" - ? -  (File not found | COM-object registry key not found)
<binary data> "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" - ? -  (File not found | COM-object registry key not found)
<binary data> "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
{B8BE5E93-A60C-4D26-A2DC-220313175592} "MSN Games - Installer" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\ZIntro.ocx / hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx / hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"ICQ7.2" - "ICQ, LLC." - C:\Programme\ICQ7.2\ICQ.exe
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\desktop.ini
"Telefonauskunft und Rückwärtssuche auf CD-ROM - Schnellstarter.lnk" - "klickTel AG" - C:\Programme\Telefonauskunft und Rückwärtssuche\Telefonauskunft + Rückwärtssuche auf CD-ROM\KSTART32.EXE  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"hasdfkasif.exe" - ? - C:\hasdfkasif.exe\hasdfkasif.exe  (File not found)
"ICQ" - "ICQ, LLC." - "C:\Programme\ICQ7.2\ICQ.exe" silent loginmode=4
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"nwiz" - "NVIDIA Corporation" - nwiz.exe /install
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"TkBellExe" - "RealNetworks, Inc." - "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe"  -osboot

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Adobe LM Service" (Adobe LM Service) - "Adobe Systems" - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll  (File not found)
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Bonjour-Dienst" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe
"DeviceMonitorService" (DeviceMonitorService) - "Nero AG" - C:\Programme\Motorola Media Link\NServiceEntry.exe
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate1c9b3abc89374fa)" (gupdate1c9b3abc89374fa) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"MotoConnect Service" (MotoConnect Service) - ? - C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe  (File found, but it contains no detailed information)
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"PnkBstrA" (PnkBstrA) - ? - C:\WINDOWS\system32\PnkBstrA.exe  (File found, but it contains no detailed information)
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Programme\Windows Live\Family Safety\fsssvc.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---
If You have questions or want to get some help, You can visit Online Solutions :: Index

cosinus 15.10.2010 16:08
Beim OSAM-Hersteller gibts anscheinend ein paar Probleme. Aber die Online-DB interessiert mich eh nicht.
Poste bitte noch das Log von mbrcheck

El_Kimmo 15.10.2010 16:36
Hier das MBRcheck Log

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 120):
0x804D7000 \WINDOWS\system32\TUKERNEL.EXE
0x80722000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF75A7000 ACPI.sys
0xF7989000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7596000 pci.sys
0xF75F7000 isapnp.sys
0xF7607000 ohci1394.sys
0xF7617000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7627000 MountMgr.sys
0xF74D7000 ftdisk.sys
0xF770F000 PartMgr.sys
0xF7637000 VolSnap.sys
0xF74BF000 atapi.sys
0xF7647000 disk.sys
0xF7657000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF749F000 fltmgr.sys
0xF748D000 sr.sys
0xF7667000 PxHelp20.sys
0xF7860000 KSecDD.sys
0xF784D000 WudfPf.sys
0xF7B52000 Ntfs.sys
0xF795A000 NDIS.sys
0xF7833000 Mup.sys
0xBA1E2000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB95BA000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB95A6000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB957E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB956A000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys
0xF77DF000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB9546000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF77E7000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xBA1D2000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF76E7000 \SystemRoot\system32\DRIVERS\serial.sys
0xF77EF000 \SystemRoot\system32\DRIVERS\irsir.sys
0xBA7E0000 \SystemRoot\system32\DRIVERS\irenum.sys
0xB9532000 \SystemRoot\system32\DRIVERS\parport.sys
0xBA7D8000 \SystemRoot\system32\DRIVERS\gameenum.sys
0xF7AB2000 \SystemRoot\system32\drivers\msmpu401.sys
0xB950E000 \SystemRoot\system32\drivers\portcls.sys
0xF76F7000 \SystemRoot\system32\drivers\drmk.sys
0xB94EB000 \SystemRoot\system32\drivers\ks.sys
0xF7586000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF77F7000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF77FF000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA7D4000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF7576000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7807000 \SystemRoot\System32\Drivers\MxlW2k.SYS
0xF7566000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7556000 \SystemRoot\system32\DRIVERS\redbook.sys
0xBA7D0000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7AB3000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF79B1000 \SystemRoot\System32\Drivers\RootMdm.sys
0xF780F000 \SystemRoot\System32\Drivers\Modem.SYS
0xF7817000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xF781F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF7546000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA7C4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB94D4000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7536000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7526000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB94C3000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7516000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF774F000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7757000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF7506000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF79B3000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB9465000 \SystemRoot\system32\DRIVERS\update.sys
0xBA7BC000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF74F6000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB6E4A000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xF746D000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79BB000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF79BD000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7A99000 \SystemRoot\System32\Drivers\Null.SYS
0xF79BF000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7777000 \SystemRoot\System32\drivers\vga.sys
0xF79C1000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79C3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF777F000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7787000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7923000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB5F5C000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB5F03000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB5EDB000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB5EB5000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF745D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB5E93000 \SystemRoot\System32\drivers\afd.sys
0xF744D000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB99D2000 \SystemRoot\System32\Drivers\StarOpen.SYS
0xB5E68000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF743D000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xB5DF8000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF742D000 \SystemRoot\System32\Drivers\Fips.SYS
0xB5DDC000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF79C7000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xF7877000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xBA7F0000 \SystemRoot\System32\drivers\Dxapi.sys
0xB99CA000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7A74000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB5327000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xB5413000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
0xB51D1000 \SystemRoot\system32\DRIVERS\irda.sys
0xB530B000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB479C000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7993000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB4619000 \SystemRoot\system32\DRIVERS\srv.sys
0xB3CC4000 \SystemRoot\system32\drivers\wdmaud.sys
0xB46C4000 \SystemRoot\system32\drivers\sysaudio.sys
0xB4949000 \SystemRoot\system32\DRIVERS\secdrv.sys
0xB36BB000 \SystemRoot\System32\Drivers\HTTP.sys
0xAC873000 \SystemRoot\system32\drivers\kmixer.sys
0x7C910000 \WINDOWS\system32\ntdll.dll

Processes (total 33):
0 System Idle Process
4 System
800 C:\WINDOWS\system32\smss.exe
912 csrss.exe
984 C:\WINDOWS\system32\winlogon.exe
1028 C:\WINDOWS\system32\services.exe
1040 C:\WINDOWS\system32\lsass.exe
1252 C:\WINDOWS\system32\svchost.exe
1336 svchost.exe
1432 C:\WINDOWS\system32\svchost.exe
1472 C:\WINDOWS\system32\svchost.exe
1628 svchost.exe
1816 svchost.exe
1992 C:\WINDOWS\system32\spoolsv.exe
128 C:\Programme\Avira\AntiVir Desktop\sched.exe
200 svchost.exe
744 C:\Programme\Avira\AntiVir Desktop\avguard.exe
756 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
768 C:\Programme\Bonjour\mDNSResponder.exe
816 C:\Programme\Motorola Media Link\NServiceEntry.exe
1316 C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe
1612 C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe
440 C:\WINDOWS\system32\PnkBstrA.exe
472 C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
556 C:\WINDOWS\system32\svchost.exe
1836 C:\WINDOWS\explorer.exe
1908 C:\Programme\Motorola\MotoConnectService\MotoConnect.exe
2260 C:\WINDOWS\vsnpstd.exe
2600 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
2952 C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
3008 alg.exe
488 C:\WINDOWS\system32\wuauclt.exe
1396 C:\Dokumente und Einstellungen\User\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000013`8836ac00 (NTFS)

PhysicalDrive0 Model Number: ST3250823AS, Rev: 3.06

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11


Done!

cosinus 15.10.2010 20:02
Zitat:
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

El_Kimmo 16.10.2010 20:04
Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4840

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

16.10.2010 20:57:17
mbam-log-2010-10-16 (20-57-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 315979
Laufzeit: 3 Stunde(n), 20 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Userinit.exe (Security.Hijack) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\Software\Microsoft\bk (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\System Volume Information\_restore{5BBF7EE9-8E00-4325-BFDA-E00E385B3760}\RP1\A0000037.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

El_Kimmo 16.10.2010 23:15
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 10/17/2010 at 00:10 AM

Application Version : 4.44.1000

Core Rules Database Version : 5696
Trace Rules Database Version: 3508

Scan type : Complete Scan
Total Scan Time : 02:24:18

Memory items scanned : 408
Memory threats detected : 0
Registry items scanned : 7720
Registry threats detected : 6
File items scanned : 173372
File threats detected : 29

Rogue.Component/Trace
HKLM\Software\Microsoft\E81F30A5
HKLM\Software\Microsoft\E81F30A5#e81f30a5
HKLM\Software\Microsoft\E81F30A5#Version
HKLM\Software\Microsoft\E81F30A5#e81f9d25
HKLM\Software\Microsoft\E81F30A5#e81ff4c0

Trojan.Fake-Alert/Trace
HKU\S-1-5-21-220523388-1383384898-725345543-1004\SOFTWARE\Microsoft\fias4013

Adware.Tracking Cookie
imagesrv.adition.com [ C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\4R9UER93 ]
atdmt.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
banner.mindshare.de [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
broadcast.piximedia.fr [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
cdn1.eyewonder.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
googleads.g.doubleclick.net [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
hs.interpolls.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
interclick.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
m.de.2mdn.net [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
macromedia.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media.ign.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media.jambocast.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media.mtvnservices.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media.mtvu.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media.scanscout.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media.socialvibe.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media.tattomedia.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media.thewb.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media01.kyte.tv [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
media1.break.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
oddcast.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
spe.atdmt.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
static.youporn.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
track.webgains.com [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
vmixmedia-0.vo.llnwd.net [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
[adult swim] [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
SmartAdserver - Shaping the future of AdServing [ C:\Dokumente und Einstellungen\Lea\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\2FCNWASK ]
C:\Dokumente und Einstellungen\Lea\Cookies\lea@as-eu.falkag[2].txt
C:\Dokumente und Einstellungen\Lea\Cookies\lea@as1.falkag[2].txt



Wo kommen die ganzen Ergebnisse jetzt noch her ??

cosinus 17.10.2010 12:35
Einige Sachen wurden noch gefunden, ich vermute da nur Überreste. Lass uns aber nochmal weiter nachsehen:

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

El_Kimmo 17.10.2010 15:23
OTL Logfile:
Code:
OTL logfile created on: 17.10.2010 16:16:46 - Run 2
OTL by OldTimer - Version 3.2.15.2    Folder = C:\Dokumente und Einstellungen\User\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): D:\pagefile.sys 3072 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 4,51 Gb Free Space | 5,77% Space Free | Partition Type: NTFS
Drive D: | 154,75 Gb Total Space | 6,49 Gb Free Space | 4,19% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\User\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\vsnpstd.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\User\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MotoConnect Service) -- C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (DeviceMonitorService) -- C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (catchme) -- C:\DOKUME~1\Detlef\LOKALE~1\Temp\catchme.sys File not found
DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Motousbnet) -- C:\WINDOWS\system32\drivers\Motousbnet.sys (Motorola)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola)
DRV - (BTCFilterService) -- C:\WINDOWS\system32\drivers\motfilt.sys (Motorola Inc)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (MotoSwitchService) -- C:\WINDOWS\system32\drivers\motswch.sys (Motorola)
DRV - (VtcDrv) -- C:\WINDOWS\system32\drivers\vtcdrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                          )
DRV - (snpstd) -- C:\WINDOWS\system32\drivers\snpstd.sys ()
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.3.1
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.09.19 00:09:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.10.14 20:17:11 | 000,000,000 | ---D | M]
 
[2008.11.29 20:30:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions
[2010.10.16 17:45:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\extensions
[2009.09.03 13:34:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.02 21:09:25 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.10.22 12:07:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\extensions\personas@christopher.beard
[2010.10.10 17:13:13 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\searchplugins\icqplugin-1.xml
[2009.08.07 11:42:57 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\searchplugins\icqplugin-2.xml
[2010.06.24 13:04:58 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\searchplugins\icqplugin-3.xml
[2010.07.05 18:36:38 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\searchplugins\icqplugin-4.xml
[2010.07.25 18:12:54 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\searchplugins\icqplugin-5.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ozz5rs05.default\searchplugins\icqplugin.xml
[2010.07.27 02:17:55 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.07.25 18:12:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.25 18:12:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.25 18:12:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.25 18:12:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.25 18:12:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.10.12 14:42:21 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\Telefonauskunft und Rückwärtssuche auf CD-ROM - Schnellstarter.lnk = C:\Programme\Telefonauskunft und Rückwärtssuche\Telefonauskunft + Rückwärtssuche auf CD-ROM\KSTART32.EXE (klickTel AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177158109359 (MUWebControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.21 12:49:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "wscsvc"
MsConfig - Services: "CiSvc"
MsConfig - Services: "ImapiService"
MsConfig - Services: "NVSvc"
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk - C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^NkbMonitor.exe.lnk - C:\Programme\Nikon\PictureProject\NkbMonitor.exe - (Nikon Corporation)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Winexit.lnk - C:\Programme\Winexit\Winexit.exe - (mysoft Home)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^OpenOffice.org 2.1.lnk - C:\Programme\OpenOffice.org 2.1\program\quickstart.exe - ()
MsConfig - StartUpReg: AdobeUpdater - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= -  File not found
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= -  File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= -  File not found
MsConfig - StartUpReg: nwiz - hkey= - key= -  File not found
MsConfig - StartUpReg: OpwareSE4 - hkey= - key= - C:\Programme\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
MsConfig - StartUpReg: Power2GoExpress - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: PowerBar - hkey= - key= - C:\Programme\CyberLink\PowerStarter\PowerBar.exe (Cyberlink, Corp.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Programme\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SkyTel - hkey= - key= - C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SSBkgdUpdate - hkey= - key= - C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: UnlockerAssistant - hkey= - key= - C:\Programme\Unlocker\UnlockerAssistant.exe ()
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Programme\Winamp\winampa.exe ()
MsConfig - StartUpReg: {1290A33C-85F5-4164-A1BE-7DD299D4986A} - hkey= - key= - C:\Programme\CyberLink\PowerBackup\PBKScheduler.exe (CyberLink Corp.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {03A0C05D-8066-738D-D09E-F6845197E729} - Vektorgrafik-Rendering (VML)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1325db73-d9f1-48f8-8895-6d814ec58889} - Sicherheitsupdate für Windows XP (KB913433)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {B3682745-2B88-45BB-44DB-5213F390E066} - Microsoft Windows Media Player
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
 
Drivers32: msacm.clmp3enc - C:\Programme\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvid.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.10.17 16:15:24 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL.exe
[2010.10.16 21:43:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
[2010.10.16 21:43:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\SUPERAntiSpyware.com
[2010.10.16 21:43:44 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2010.10.16 21:34:17 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\User\Recent
[2010.10.16 21:22:20 | 009,578,056 | ---- | C] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\User\Desktop\SUPERAntiSpyware.exe
[2010.10.15 19:49:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Desktop\ROAIN
[2010.10.15 18:54:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Desktop\Erotische Phantasien Vol.1
[2010.10.14 22:14:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\LolClient
[2010.10.13 22:30:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.10.12 14:45:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.10.12 14:34:47 | 000,000,000 | ---D | C] -- C:\cofi.exe
[2010.10.12 12:58:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.11 20:57:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.11 16:28:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Desktop\_Hits71-
[2010.10.09 16:02:31 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.10.09 14:58:24 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Server
[2010.09.26 17:47:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\skypePM
[2010.09.26 17:44:42 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2010.09.03 23:45:43 | 000,000,000 | R--D | C] -- D:\Eigene Dateien\Kopie von Eigene Bilder
[2007.04.26 14:14:30 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2007.04.26 14:14:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2007.04.26 14:14:30 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
 
========== Files - Modified Within 90 Days ==========
 
[2010.10.17 16:15:27 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL.exe
[2010.10.17 16:11:56 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.10.17 16:00:43 | 000,088,556 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.10.17 16:00:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.17 16:00:36 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.17 16:00:36 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.17 16:00:35 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.17 15:58:49 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.10.17 15:58:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.16 23:50:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.16 21:43:46 | 000,001,642 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.10.16 21:23:25 | 009,578,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\User\Desktop\SUPERAntiSpyware.exe
[2010.10.16 19:00:54 | 000,055,653 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\5537_007.jpg
[2010.10.16 17:21:25 | 000,757,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.10.15 20:31:17 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.12 14:42:21 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.10.12 00:06:57 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.10 18:25:35 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\CCleaner.lnk
[2010.10.07 15:09:05 | 000,458,808 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.07 15:09:05 | 000,440,998 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.07 15:09:05 | 000,084,666 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.07 15:09:05 | 000,071,316 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.05 20:59:46 | 000,000,063 | ---- | M] () -- C:\Dokumente und Einstellungen\User\default.pls
[2010.10.04 18:20:02 | 004,632,029 | ---- | M] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:19:57 | 003,575,010 | ---- | M] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:19:54 | 003,371,882 | ---- | M] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:19:51 | 003,661,946 | ---- | M] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:19:48 | 004,018,465 | ---- | M] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.10.04 18:19:45 | 003,213,894 | ---- | M] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:19:42 | 002,800,532 | ---- | M] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:19:39 | 003,935,291 | ---- | M] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:19:36 | 003,017,453 | ---- | M] () -- C:\01 Club of Sons.wma.MP3
[2010.09.26 19:12:04 | 005,179,431 | ---- | M] () -- D:\Eigene Dateien\P5060016.JPG
[2010.09.26 17:47:18 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.09.09 14:17:17 | 000,000,264 | ---- | M] () -- C:\WINDOWS\game.ini
[2010.09.05 20:50:42 | 000,000,253 | ---- | M] () -- C:\WINDOWS\ktel.ini
[2010.07.21 13:47:55 | 002,739,304 | ---- | M] () -- C:\08 Snakey Ruth.m4a.MP3
[2010.07.21 13:47:44 | 003,327,373 | ---- | M] () -- C:\07 Beyond the City of Love.m4a.MP3
[2010.07.21 13:47:31 | 003,110,452 | ---- | M] () -- C:\06 The Girl's Attractive.m4a.MP3
[2010.07.21 13:47:19 | 002,185,090 | ---- | M] () -- C:\05 Red Hex.m4a.MP3
[2010.07.21 13:47:09 | 002,582,987 | ---- | M] () -- C:\04 It's a Shokka.m4a.MP3
[2010.07.21 13:46:58 | 004,283,245 | ---- | M] () -- C:\03 Drip Drip.m4a.MP3
[2010.07.21 13:46:42 | 004,036,649 | ---- | M] () -- C:\02 Saturday Fantastic.m4a.MP3
[2010.07.21 13:46:25 | 003,144,724 | ---- | M] () -- C:\01 Destination Diamonds.m4a.MP3
[2010.07.21 13:46:11 | 001,903,386 | ---- | M] () -- C:\12 Ordinary Life.m4a.MP3
[2010.07.21 13:46:03 | 004,001,123 | ---- | M] () -- C:\11 A Kiss to Tell.m4a.MP3
[2010.07.21 13:45:47 | 001,902,968 | ---- | M] () -- C:\10 Needle in the Rice.m4a.MP3
[2010.07.21 13:45:38 | 003,604,897 | ---- | M] () -- C:\09 Dirty Thief.m4a.MP3
 
========== Files Created - No Company Name ==========
 
[2010.10.16 21:43:46 | 000,001,642 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.10.16 19:00:52 | 000,055,653 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\5537_007.jpg
[2010.10.12 00:06:59 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.12 00:06:57 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.11 20:57:33 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.04 18:14:14 | 003,213,894 | ---- | C] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:14:01 | 002,800,532 | ---- | C] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:13:45 | 003,935,291 | ---- | C] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:13:33 | 003,017,453 | ---- | C] () -- C:\01 Club of Sons.wma.MP3
[2010.10.04 18:13:15 | 004,632,029 | ---- | C] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:13:00 | 003,575,010 | ---- | C] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:12:47 | 003,371,882 | ---- | C] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:12:30 | 003,661,946 | ---- | C] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:12:14 | 004,018,465 | ---- | C] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.09.26 19:08:01 | 005,179,431 | ---- | C] () -- D:\Eigene Dateien\P5060016.JPG
[2010.09.26 17:47:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.07.21 13:47:46 | 002,739,304 | ---- | C] () -- C:\08 Snakey Ruth.m4a.MP3
[2010.07.21 13:47:33 | 003,327,373 | ---- | C] () -- C:\07 Beyond the City of Love.m4a.MP3
[2010.07.21 13:47:20 | 003,110,452 | ---- | C] () -- C:\06 The Girl's Attractive.m4a.MP3
[2010.07.21 13:47:10 | 002,185,090 | ---- | C] () -- C:\05 Red Hex.m4a.MP3
[2010.07.21 13:47:00 | 002,582,987 | ---- | C] () -- C:\04 It's a Shokka.m4a.MP3
[2010.07.21 13:46:43 | 004,283,245 | ---- | C] () -- C:\03 Drip Drip.m4a.MP3
[2010.07.21 13:46:26 | 004,036,649 | ---- | C] () -- C:\02 Saturday Fantastic.m4a.MP3
[2010.07.21 13:46:13 | 003,144,724 | ---- | C] () -- C:\01 Destination Diamonds.m4a.MP3
[2010.07.21 13:46:04 | 001,903,386 | ---- | C] () -- C:\12 Ordinary Life.m4a.MP3
[2010.07.21 13:45:48 | 004,001,123 | ---- | C] () -- C:\11 A Kiss to Tell.m4a.MP3
[2010.07.21 13:45:40 | 001,902,968 | ---- | C] () -- C:\10 Needle in the Rice.m4a.MP3
[2010.07.21 13:45:24 | 003,604,897 | ---- | C] () -- C:\09 Dirty Thief.m4a.MP3
[2010.05.31 18:14:16 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.24 19:06:21 | 000,000,158 | ---- | C] () -- C:\WINDOWS\civ.ini
[2009.09.10 17:22:41 | 000,002,119 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\oq2ldJcTat.gif
[2009.09.10 17:22:41 | 000,000,607 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\oq2ldJcTzn.gif
[2009.09.10 17:22:41 | 000,000,598 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\oq2ldJcTby.gif
[2009.09.10 16:05:18 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.06.05 22:29:08 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2009.06.05 22:27:49 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.12.02 23:58:56 | 000,231,390 | ---- | C] () -- C:\Programme\RootkitRevealer.zip
[2008.11.27 16:24:25 | 000,027,626 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Svclog.log
[2008.10.31 17:02:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WorldBuilder.INI
[2008.10.09 00:20:49 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PnkBstrK.sys
[2008.05.30 16:00:35 | 000,000,253 | ---- | C] () -- C:\WINDOWS\ktel.ini
[2008.02.08 15:15:47 | 000,399,360 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008.02.08 15:15:46 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.02.08 15:15:38 | 000,151,040 | -HS- | C] () -- C:\WINDOWS\System32\VistaUltm.dll
[2008.02.08 15:15:38 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\Smab0.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2008.02.07 23:49:47 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.02.07 23:49:47 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.02.07 18:16:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.02.07 18:16:11 | 000,088,064 | ---- | C] () -- C:\WINDOWS\System32\AudioExCtl.dll
[2008.02.07 18:15:10 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2007.10.20 16:53:10 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.09.19 17:51:17 | 000,000,264 | ---- | C] () -- C:\WINDOWS\game.ini
[2007.08.07 22:11:59 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.07.12 01:43:26 | 000,006,537 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007.06.27 16:43:38 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\viscomqtde.dll
[2007.06.27 16:43:38 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.05.27 15:26:32 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.04.30 11:47:56 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLec.DAT
[2007.04.29 15:57:32 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.04.26 14:14:30 | 000,390,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2007.04.26 14:14:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2007.04.26 14:14:30 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2007.04.26 14:09:57 | 000,000,408 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007.04.25 22:34:43 | 000,126,976 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.04.25 17:58:29 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.04.21 14:00:43 | 000,000,469 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.04.21 13:51:17 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.04.21 13:40:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.04.21 13:09:03 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.04.21 12:55:22 | 000,005,042 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.04.21 12:55:18 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.08.11 22:45:20 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.08.11 22:43:10 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.08.11 22:43:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.08.11 22:43:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.08.11 22:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.08.11 22:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.08.11 22:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2002.09.10 17:10:05 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
 
========== LOP Check ==========
 
[2007.04.26 13:55:14 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2010.10.10 17:31:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2007.04.30 11:47:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EnterNHelp
[2010.06.02 21:09:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2007.11.02 17:51:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!
[2010.03.08 23:40:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\motorola
[2007.05.02 20:48:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\muvee Technologies
[2007.04.30 11:41:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nikon
[2010.10.14 20:17:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2007.04.26 14:09:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2007.04.25 18:33:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2007.04.25 18:32:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online_ZusatzSoftware
[2008.11.26 17:12:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009.11.07 22:11:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2007.04.30 11:47:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ultima_T15
[2008.09.13 00:37:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009.11.01 16:41:55 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009.11.24 22:24:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\.Tribler
[2007.09.17 16:15:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Artweaver
[2007.07.12 04:29:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\BonkEnc
[2009.10.14 14:37:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Canon
[2007.07.27 18:16:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Datalayer
[2007.10.01 14:30:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Glory of the Roman Empire
[2010.06.16 18:31:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\iatsky
[2010.10.17 16:15:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ICQ
[2007.04.25 21:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ICQLite
[2008.05.30 16:01:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\klickTel
[2007.09.18 20:05:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\LimeWire
[2007.05.21 16:56:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Lingo4u
[2010.10.14 22:14:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\LolClient
[2010.03.08 23:40:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\motorola
[2010.04.12 21:31:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mp3tag
[2007.05.10 17:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\MusicIP
[2007.09.13 00:44:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\NCH Swift Sound
[2007.05.05 22:54:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nikon
[2007.07.27 18:16:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nokia
[2007.10.17 22:37:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nokia Multimedia Player
[2007.07.27 18:13:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PC Suite
[2010.10.10 17:30:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Samsung
[2007.04.25 18:33:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\T-Online
[2009.11.01 16:42:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\TuneUp Software
[2007.10.21 20:25:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Winff
[2007.07.12 01:36:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\XnView
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2009.11.24 22:24:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\.Tribler
[2010.07.05 14:33:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Adobe
[2009.11.24 22:24:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Ahead
[2009.11.24 22:24:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Apple Computer
[2009.11.24 22:24:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ArcSoft
[2007.09.17 16:15:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Artweaver
[2010.01.11 00:30:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\AVS4YOU
[2007.07.12 04:29:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\BonkEnc
[2009.10.14 14:37:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Canon
[2007.04.21 14:04:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\CyberLink
[2007.07.27 18:16:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Datalayer
[2007.10.01 14:30:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Glory of the Roman Empire
[2007.04.21 14:05:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Google
[2007.07.12 02:31:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Help
[2010.06.16 18:31:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\iatsky
[2010.10.17 16:15:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ICQ
[2007.04.25 21:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ICQLite
[2007.04.21 12:54:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Identities
[2008.02.10 21:05:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\InstallShield
[2008.05.30 16:01:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\klickTel
[2007.09.18 20:05:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\LimeWire
[2007.05.21 16:56:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Lingo4u
[2010.10.14 22:14:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\LolClient
[2007.04.21 14:20:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Macromedia
[2008.09.02 20:59:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Malwarebytes
[2010.07.05 20:45:37 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Microsoft
[2010.03.08 23:40:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\motorola
[2010.06.21 20:09:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Move Networks
[2008.11.29 20:30:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla
[2010.04.12 21:31:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mp3tag
[2007.05.10 17:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\MusicIP
[2007.09.13 00:44:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\NCH Swift Sound
[2007.05.05 22:54:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nikon
[2007.07.27 18:16:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nokia
[2007.10.17 22:37:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nokia Multimedia Player
[2010.10.14 18:18:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\OpenOffice.org2
[2007.07.27 18:13:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PC Suite
[2010.03.09 21:28:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Real
[2010.10.10 17:30:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Samsung
[2010.05.31 18:15:02 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\SecuROM
[2010.10.10 23:39:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Skype
[2010.10.10 22:40:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\skypePM
[2007.05.14 00:00:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Sun
[2008.11.27 16:24:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Sunbelt Software
[2010.10.16 21:43:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\SUPERAntiSpyware.com
[2007.04.25 18:33:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\T-Online
[2009.11.01 16:42:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\TuneUp Software
[2007.07.21 04:57:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\vlc
[2010.10.16 21:34:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Winamp
[2007.10.21 20:25:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Winff
[2008.06.29 16:58:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\WinRAR
[2007.07.12 01:36:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\XnView
[2008.10.29 23:09:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Yahoo!
 
< %APPDATA%\*.exe /s >
[2007.09.10 00:43:53 | 003,378,248 | ---- | M] (Lime Wire LLC) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\LimeWire\.NetworkShare\LimeWireWin4.14.8.exe
[2009.03.08 21:40:22 | 000,015,872 | R--- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
[2010.06.16 18:31:21 | 000,015,086 | R--- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Microsoft\Installer\{DD133F7D-E484-45B7-BBB9-828FCA45BBDB}\_6FEFF9B68218417F98F549.exe
[2010.06.16 18:31:21 | 000,015,086 | R--- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Microsoft\Installer\{DD133F7D-E484-45B7-BBB9-828FCA45BBDB}\_71EB04B578FEBCBEC875C5.exe
[2010.06.16 18:31:21 | 000,015,086 | R--- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Microsoft\Installer\{DD133F7D-E484-45B7-BBB9-828FCA45BBDB}\_AEDF77519664FA20889601.exe
[2010.06.21 20:09:52 | 001,811,472 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Move Networks\MoveMediaPlayerWin_071802000001.exe
[2010.06.21 20:09:55 | 000,144,053 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Move Networks\uninstall.exe
[2010.02.11 21:31:38 | 000,097,216 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Move Networks\ie_bin\MovePlayerUpgrade.exe
 
< %SYSTEMDRIVE%\*.exe >
[2004.07.09 05:08:36 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\dxsetup.exe
 
 
< MD5 for: AGP440.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.11.29 18:44:05 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.11.29 18:44:05 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.11.29 18:44:05 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.11.29 18:44:05 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2004.08.04 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2007.03.08 17:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ERDNT\cache\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2007.04.21 14:38:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007.04.21 14:38:15 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007.04.21 14:38:15 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
--- --- ---

cosinus 17.10.2010 15:31
Sieht unauffällig aus.
Noch Probleme oder weitere Funde in der Zwischenzeit?

El_Kimmo 17.10.2010 15:34
Nein also AntiVir hat nichts mehr gemeldet. Soll ich die ganzen Programme löschen ?? Und wie siehts mit verbesserungsvorschlägen aus ?? also Opera anstatt Mozilla oder eine Alternative zu ICQ

cosinus 17.10.2010 15:38
Dann wären wir durch! :abklatsch:

Zitat:
Soll ich die ganzen Programme löschen ??
Wenn Du willst ja, aber an für sich stören Malwarebytes und so nicht.

Zitat:
Und wie siehts mit verbesserungsvorschlägen aus ?? also Opera anstatt Mozilla oder eine Alternative zu ICQ
Mozilla Firefox ist schon sehr gut. Allerdings bringt der beste Browser nichts, wenn Du mit Adminrechten auf dubiosen Seiten mit altem Flashplayer und Java klickst.
Als ICQ-Alternative wäre sowas wie Miranda, Pidgin oder Trillian da.

Halte Dich am besten auch grob an diese fünf Regeln:

1) Sei misstrauisch im Internet und v.a. bei unbekannten E-Mails, sei vorsichtig bei der Herausgabe persönlicher Daten!!
2) Halte Windows und alle verwendeten Programme immer aktuell
3) Führe regelmäßig Backups auf externe Medien durch
4) Arbeite mit eingeschränkten Rechten
5) Nutze sichere Programme wie zB Opera oder Firefox zum Surfen statt den IE, zum Mailen Thunderbird statt Outlook Express - E-Mails nur als reinen text anzeigen lassen

Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar?


Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update



PDF-Reader aktualisieren
Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst.

Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink => http://filepony.de/?q=Flash+Player


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

El_Kimmo 17.10.2010 22:31
Jetzt meldet AntiVir doch folgendes :

In der Datei 'C:\System Volume Information\_restore{5BBF7EE9-8E00-4325-BFDA-E00E385B3760}\RP1\A0000033.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.513024.22' [trojan] gefunden.
Ausgeführte Aktion: Datei löschen

cosinus 18.10.2010 08:48
Deaktiviere die Systemwiederherstellung, im Verlauf der Infektion wurden auch Malwaredateien in Wiederherstellungspunkten mitgesichert - die sind alle nun unbrauchbar, da ein Zurücksetzen des Systems durch einen Wiederherstellungspunkt wahrscheinlich wieder eine Infektion nach sich ziehen würde.


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:28 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131