20 tans werden abgefragt onlinebanking => rootkit?

sonor71 · 05.09.2010, 19:55

Hallo,

wurde heute zum ersten Mal auf meiner onlinebanking-seite in einem fenster nach 20 tans gefragt. denke es ist ein sog. rootkit auf meinem pc.

ich bitte um kompetente unterstützung für mein problem. vorab - 1000 dank!

Hinweis: vor wenigen tagen ist auch ein fenster aufgegangen, das mir mitteilte, dass mein computer binnen einer zeitfrist automatisch heruntergefahren wird... dies erfolgte auch. z.t. funktionieren seit tagen auch manch andere internetseiten nicht wie gewohnt. ewiges laden, etc...

beste grüße

sonor 71

cosinus · 05.09.2010, 21:45

Hallo und

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

sonor71 · 06.09.2010, 06:08

MBAM log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4551

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

05.09.2010 21:14:01
mbam-log-2010-09-05 (21-14-01).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 133622
Laufzeit: 2 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysReserve.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\krl32mainweq.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully.
_________________________________________________________________OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 06.09.2010 06:40:19 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Dokumente und Einstellungen\Uli\Desktop\MFTools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 87,00% Memory free
7,00 Gb Paging File | 7,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,73 Gb Total Space | 168,81 Gb Free Space | 72,54% Space Free | Partition Type: NTFS
Drive D: | 232,82 Gb Total Space | 201,45 Gb Free Space | 86,52% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BÜRO
Current User Name: Uli
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Uli\Desktop\MFTools\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Realtek\Diagnostics Utility\8169Diag.exe (Realtek)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Uli\Desktop\MFTools\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\asr_nime.dll ()
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Programme\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (catchme) -- C:\test2.com\catchme.sys File not found
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (Diag69xp) -- C:\WINDOWS\system32\drivers\diag69xp.sys (Realtek Semiconductor Corporation)
DRV - (RTLVLAN) -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS (Realtek Semiconductor Corporation)
DRV - (LANPkt) -- C:\WINDOWS\system32\drivers\LANPkt.sys (Realtek Semiconductor Corporation)
DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (MMRTKRNL) -- C:\WINDOWS\system32\drivers\mmrtkrnl.sys (ALCATech GmbH)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (MarxDev3) -- C:\WINDOWS\System32\drivers\MARXDEV3.SYS ()
DRV - (MarxDev2) -- C:\WINDOWS\System32\drivers\MARXDEV2.SYS ()
DRV - (MarxDev1) -- C:\WINDOWS\System32\drivers\MARXDEV1.SYS ()
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\ASPI32.SYS (Adaptec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=6080814
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=6080814
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.24 18:19:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.24 10:12:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.08.15 11:08:06 | 000,000,000 | ---D | M]
 
[2010.01.09 01:28:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Uli\Anwendungsdaten\Mozilla\Extensions
[2010.01.09 01:28:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Uli\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.02.26 01:11:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Uli\Anwendungsdaten\Mozilla\Firefox\Profiles\y7e5rgnc.default\extensions
[2010.02.26 01:11:28 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Uli\Anwendungsdaten\Mozilla\Firefox\Profiles\y7e5rgnc.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010.09.05 18:52:07 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.03.25 22:24:51 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.25 22:24:51 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.25 22:24:51 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.25 22:24:51 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.25 22:24:52 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.09.05 19:23:22 | 000,417,196 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 14422 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVD1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\tbDVD1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [8169Diag] C:\Programme\Realtek\Diagnostics Utility\8169Diag.exe (Realtek)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [dellsupportcenter] C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Programme\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 16
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Dell.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Dell.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.08.13 13:54:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{440f9c8c-73a4-11dd-9d16-002268b304ea}\Shell\AutoRun\command - "" = K:\Install FreeAgent Tools.exe -- File not found
O33 - MountPoints2\{e3ec2634-dceb-11dd-9e34-002268b304ea}\Shell\AutoRun\command - "" = K:\InstallSeagateManager.exe -- File not found
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\Install FreeAgent Tools.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: audipubw - (C:\WINDOWS\system32\asr_nime.dll) - C:\WINDOWS\system32\asr_nime.dll ()
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.05 21:01:46 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2010.09.05 20:58:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Uli\Anwendungsdaten\Malwarebytes
[2010.09.05 20:58:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.09.05 20:58:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.09.05 20:58:16 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.09.05 20:58:16 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.09.05 20:56:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Uli\Desktop\MFTools
[2010.09.03 22:33:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Uli\Eigene Dateien\Turbo Lister
[2010.09.03 18:59:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010.09.02 18:27:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Uli\Anwendungsdaten\Foxit Software
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.06 06:20:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.06 06:20:33 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2010.09.06 06:20:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.06 06:20:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.06 00:10:45 | 015,204,352 | ---- | M] () -- C:\Dokumente und Einstellungen\Uli\ntuser.dat
[2010.09.06 00:10:40 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Uli\ntuser.ini
[2010.09.05 21:18:22 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Uli\defogger_reenable
[2010.09.05 21:03:01 | 000,000,591 | ---- | M] () -- C:\Dokumente und Einstellungen\Uli\Desktop\NTREGOPT.lnk
[2010.09.05 21:03:01 | 000,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\Uli\Desktop\ERUNT.lnk
[2010.09.05 20:58:20 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.05 20:56:25 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Uli\Desktop\defogger.exe
[2010.09.05 20:56:06 | 000,284,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Uli\Desktop\Gmer.zip
[2010.09.05 20:43:18 | 000,388,197 | ---- | M] () -- C:\Dokumente und Einstellungen\Uli\Desktop\Load.exe
[2010.09.05 19:23:22 | 000,417,196 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.09.05 18:45:35 | 000,034,424 | ---- | M] () -- C:\Dokumente und Einstellungen\Uli\.recently-used.xbel
[2010.09.03 21:33:16 | 000,001,742 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\eBay Turbo Lister 2.lnk
[2010.09.02 17:51:36 | 000,046,592 | -H-- | M] () -- C:\WINDOWS\System32\asr_nime.dll
[2010.09.02 10:57:04 | 000,417,196 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100905-192322.backup
[2010.08.31 07:40:51 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\null
[2010.08.13 06:19:59 | 000,247,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.12 23:15:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.08.12 23:15:27 | 001,029,462 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.08.12 23:15:27 | 000,460,664 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.08.12 23:15:27 | 000,442,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.08.12 23:15:27 | 000,085,396 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.08.12 23:15:27 | 000,071,868 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2010.09.05 21:23:19 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\Desktop\gmer.exe
[2010.09.05 21:18:22 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\defogger_reenable
[2010.09.05 21:01:46 | 000,000,591 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\Desktop\NTREGOPT.lnk
[2010.09.05 21:01:46 | 000,000,572 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\Desktop\ERUNT.lnk
[2010.09.05 20:58:20 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.05 20:56:25 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\Desktop\defogger.exe
[2010.09.05 20:56:05 | 000,284,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\Desktop\Gmer.zip
[2010.09.05 20:44:01 | 000,388,197 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\Desktop\Load.exe
[2010.09.05 18:45:35 | 000,034,424 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\.recently-used.xbel
[2010.09.03 21:33:16 | 000,001,742 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\eBay Turbo Lister 2.lnk
[2010.08.30 14:15:42 | 000,046,592 | -H-- | C] () -- C:\WINDOWS\System32\asr_nime.dll
[2010.07.24 01:03:18 | 000,140,560 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.02.25 22:27:45 | 000,000,046 | ---- | C] () -- C:\WINDOWS\Goya.INI
[2010.02.17 19:50:07 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010.02.17 19:49:23 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009.11.22 21:49:01 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009.10.08 09:51:03 | 000,000,054 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI
[2009.07.28 23:43:37 | 000,537,110 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.05.30 00:34:35 | 000,000,083 | ---- | C] () -- C:\WINDOWS\GraphicsDesk.INI
[2009.04.13 15:49:55 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2009.04.08 15:25:44 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\BH_DATA120VC8.dll
[2009.04.08 07:17:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\FKStampPainter20.dll
[2009.02.07 23:55:10 | 000,000,404 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009.02.07 23:44:15 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLfNL.DLL
[2009.02.07 23:18:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\prestopm.INI
[2009.02.02 20:11:40 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\LXPrnUtil10.dll
[2009.02.02 20:10:14 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC8.dll
[2009.02.02 20:08:36 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC8.dll
[2009.02.02 20:08:22 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC8.dll
[2008.12.28 23:22:23 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\MARXDEV3.SYS
[2008.12.28 23:22:23 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\MARXDEV2.SYS
[2008.12.28 23:22:23 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\MARXDEV1.SYS
[2008.12.28 23:22:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2008.12.11 00:06:02 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2008.11.08 10:49:27 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI
[2008.08.27 21:25:42 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll
[2008.08.23 14:41:13 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.23 09:02:23 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6y.DLL
[2008.08.23 09:00:54 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2008.08.23 09:00:54 | 000,000,105 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI
[2008.08.23 09:00:48 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008.08.23 09:00:25 | 000,000,074 | ---- | C] () -- C:\WINDOWS\PMINI.ini
[2008.08.23 08:57:20 | 000,000,398 | ---- | C] () -- C:\WINDOWS\System32\CNCMP60.INI
[2008.08.21 18:25:15 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.08.21 09:17:56 | 000,014,852 | ---- | C] () -- C:\Programme\settings.dat
[2008.08.20 21:04:29 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Uli\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.08.14 12:52:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.08.14 12:48:03 | 000,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.08.14 12:46:47 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008.08.14 12:46:46 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008.08.14 12:24:41 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2008.08.14 12:23:30 | 000,001,507 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008.07.23 17:41:16 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\BH_DATA110VC8.dll
[2005.11.09 13:13:48 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC7.dll
[2005.11.09 13:11:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC7.dll
[2005.11.09 13:11:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC7.dll
[2004.08.13 14:04:30 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2000.04.12 07:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[1997.09.30 06:30:02 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\Dokumente und Einstellungen\Uli\Eigene Dateien\Adressen1.odb:SummaryInformation
< End of report >

--- --- ---

_________________________________________________________________

OTL EXTRAS Logfile:
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 06.09.2010 06:40:19 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Dokumente und Einstellungen\Uli\Desktop\MFTools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 87,00% Memory free
7,00 Gb Paging File | 7,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,73 Gb Total Space | 168,81 Gb Free Space | 72,54% Space Free | Partition Type: NTFS
Drive D: | 232,82 Gb Total Space | 201,45 Gb Free Space | 86,52% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BÜRO
Current User Name: Uli
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Dokumente und Einstellungen\Uli\Eigene Dateien\Media Player Classic\mplayerc_update_10_03_08_de\mplayerc_update_10_03_08_de\mplayerc.de.exe" = C:\Dokumente und Einstellungen\Uli\Eigene Dateien\Media Player Classic\mplayerc_update_10_03_08_de\mplayerc_update_10_03_08_de\mplayerc.de.exe:*:Enabled:Media Player Classic -- (Gabest)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX850_series" = Canon MX850 series
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{19B822A6-372A-43E2-9230-0AFA4EC84F8C}" = Lexware buchhalter 2009
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{62B7C52C-CAB6-48B1-8245-52356C141C92}" = RENESIS® Player Browser Plugins
"{66B4C110-8BEB-49B5-824E-C70AEEB20ECD}" = ScanSoft OmniPage SE 4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E9B276F-77BE-49F7-8676-C10017F9E20B}" = Lexware buchhalter Servicepack 2008, Version 13.50
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{88253B77-33C9-4A9D-9E4C-4579E39D9158}" = Diagnostics Utility
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{911A0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Outlook 2002
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{93567BBD-4369-47B2-A621-78E008F8EA33}" = Lexware Elster
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1031-7B44-A80000000002}" = Adobe Reader 8 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{BC63A4AC-435D-4AAD-9881-D0ED60804D1A}" = Lexware buchhalter Aktualisierung Februar 2008, Version 13.10
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB0694DF-0D74-44D2-8150-A1B435F6C041}" = 350.000 Power Clips auf DVD
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.20
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE688026-1C8C-4E50-889D-4B6607CADC24}" = Lexware buchhalter 2008
"7-Zip" = 7-Zip 4.57
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Album Art Downloader XUI" = Album Art Downloader XUI 0.33
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BPM-Studio 4 Profi" = BPM-Studio 4 Profi
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Canon MX850 series Benutzerregistrierung" = Canon MX850 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ERUNT_is1" = ERUNT 1.1j
"Exact Audio Copy" = Exact Audio Copy 0.99pb4
"FFDesktopIcon_is1" = FFDesktopIcon 2
"Finale NotePad 2005a" = Finale NotePad 2005a
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"foobar2000" = foobar2000 v0.9.6.9
"Foxit Reader" = Foxit Reader
"Free DVD Video Burner_is1" = Free DVD Video Burner version 2.1
"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 1.2
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{CB0694DF-0D74-44D2-8150-A1B435F6C041}" = 350.000 Power Clips auf DVD
"MAGIX Video deluxe SE D" = MAGIX Video deluxe SE 7.5.3.1 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Mozilla Thunderbird (3.1.2)" = Mozilla Thunderbird (3.1.2)
"MP Navigator EX 1.1" = Canon MP Navigator EX 1.1
"MuseScore 0.9" = MuseScore 0.9 MuseScore score typesetter
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PDFCreator Toolbar" = PDFCreator Toolbar
"qt7lite_is1" = QT Lite 2.7.0
"RealAlt_is1" = Real Alternative 1.8.2 Lite
"SearchAssist" = SearchAssist
"Uninstall_is1" = Uninstall 1.0.0.1
"WinGimp-2.0_is1" = GIMP 2.6.6
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 25.07.2010 14:22:23 | Computer Name = BÜRO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4063
 
Error - 25.07.2010 14:22:23 | Computer Name = BÜRO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4063
 
Error - 25.07.2010 14:40:58 | Computer Name = BÜRO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.07.2010 14:40:58 | Computer Name = BÜRO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1119297
 
Error - 25.07.2010 14:40:58 | Computer Name = BÜRO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1119297
 
Error - 28.07.2010 03:10:25 | Computer Name = BÜRO | Source = ESENT | ID = 490
Description = svchost (2036) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 09.08.2010 12:33:39 | Computer Name = BÜRO | Source = ESENT | ID = 490
Description = svchost (280) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 15.08.2010 08:23:31 | Computer Name = BÜRO | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung gimp-2.6.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul gimp-2.6.exe, Version 0.0.0.0, Fehleradresse 0x0005a4b5.
 
Error - 24.08.2010 02:10:57 | Computer Name = BÜRO | Source = ESENT | ID = 490
Description = svchost (2000) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 01.09.2010 15:33:05 | Computer Name = BÜRO | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
 WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
 
[ System Events ]
Error - 05.09.2010 14:59:09 | Computer Name = BÜRO | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Starten Sie den Dienst neu..
 
Error - 05.09.2010 14:59:09 | Computer Name = BÜRO | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 05.09.2010 14:59:09 | Computer Name = BÜRO | Source = Service Control Manager | ID = 7034
Description = Dienst "SupportSoft Sprocket Service (dellsupportcenter)" wurde unerwartet
 beendet. Dies ist bereits 1 Mal passiert.
 
Error - 05.09.2010 14:59:09 | Computer Name = BÜRO | Source = Service Control Manager | ID = 7034
Description = Dienst "TuneUp Program Statistics Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 05.09.2010 14:59:09 | Computer Name = BÜRO | Source = Service Control Manager | ID = 7034
Description = Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 05.09.2010 14:59:09 | Computer Name = BÜRO | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 05.09.2010 14:59:09 | Computer Name = BÜRO | Source = Service Control Manager | ID = 7034
Description = Dienst "NMSAccessU" wurde unerwartet beendet. Dies ist bereits 1 Mal
 passiert.
 
Error - 05.09.2010 15:16:13 | Computer Name = BÜRO | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume2" ist im 
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
 wurde angehalten.
 
Error - 05.09.2010 15:16:13 | Computer Name = BÜRO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   iaStor
 
Error - 05.09.2010 15:32:20 | Computer Name = BÜRO | Source = System Error | ID = 1003
Description = Fehlercode 10000050, 1. Parameter e1186000, 2. Parameter 00000000,
 3. Parameter 8052ba48, 4. Parameter 00000001.
 
[ TuneUp Events ]
Error - 05.09.2010 14:58:32 | Computer Name = BÜRO | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-09-05 20:58:32', '\device\harddiskvolume2\programme\malwarebytes'
 anti-malware\mbam.exe','3920',0)
 
 
< End of report >

--- --- ---

--- --- ---

cosinus · 06.09.2010, 09:40

Zitat:

Art des Suchlaufs: Quick-Scan

Ich wollte einen Vollscan sehen.

sonor71 · 06.09.2010, 11:04

meinst Du den mit GMER?

PS: bin die nächsten ca 5 Stunden unterwegs... bis denne!

cosinus · 06.09.2010, 11:23

Ich meinte den Vollscan mit Malwarebytes.

sonor71 · 06.09.2010, 20:51

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4556

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

06.09.2010 21:46:12
Hallo, hoffe es ist jetzt der richtige scan!?

mbam-log-2010-09-06 (21-46-12).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 210458
Laufzeit: 22 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\System Volume Information\_restore{DF867C4F-0E0D-4E20-9F25-BC2B2DFBD84A}\RP160\A0014414.exe (Spyware.Zbot) -> Quarantined and deleted successfully.

cosinus · 06.09.2010, 21:17

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:

ATTFilter

:OTL
MOD - C:\WINDOWS\system32\asr_nime.dll ()
O33 - MountPoints2\{440f9c8c-73a4-11dd-9d16-002268b304ea}\Shell\AutoRun\command - "" = K:\Install FreeAgent Tools.exe -- File not found
O33 - MountPoints2\{e3ec2634-dceb-11dd-9e34-002268b304ea}\Shell\AutoRun\command - "" = K:\InstallSeagateManager.exe -- File not found
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\Install FreeAgent Tools.exe -- File not found
O36 - AppCertDlls: audipubw - (C:\WINDOWS\system32\asr_nime.dll) - C:\WINDOWS\system32\asr_nime.dll ()
:Commands
[purity]
[resethosts]
[emptytemp]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

sonor71 · 07.09.2010, 06:41

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{440f9c8c-73a4-11dd-9d16-002268b304ea}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{440f9c8c-73a4-11dd-9d16-002268b304ea}\ not found.
File K:\Install FreeAgent Tools.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3ec2634-dceb-11dd-9e34-002268b304ea}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e3ec2634-dceb-11dd-9e34-002268b304ea}\ not found.
File K:\InstallSeagateManager.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ deleted successfully.
File K:\Install FreeAgent Tools.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\audipubw:C:\WINDOWS\system32\asr_nime.dll deleted successfully.
C:\WINDOWS\system32\asr_nime.dll moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Uli
->Temp folder emptied: 1366807 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 3612 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49635 bytes
RecycleBin emptied: 152243911 bytes

Total Files Cleaned = 147,00 mb

OTL by OldTimer - Version 3.2.11.0 log created on 09072010_073617

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus · 07.09.2010, 09:30

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.

Dann folgende Anleitung durchlesen und abarbeiten -> CCleaner Systembereinigung

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

sonor71 · 07.09.2010, 20:28

ComboFix 10-09-07.01 - Uli 07.09.2010 21:14:15.2.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.3326.2882 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Uli\Desktop\cofi.exe.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\1.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\a.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\b.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\c.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\d.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\e.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\f.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\g.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\h.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\i.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\J.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\k.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\l.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\m.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\n.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\o.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\p.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\q.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\r.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\s.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\t.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\u.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\v.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\w.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\x.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\y.xml
c:\dokumente und einstellungen\Uli\Anwendungsdaten\PriceGong\Data\z.xml

.
\\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected
\\.\PhysicalDrive1 - Bootkit Whistler was found and disinfected
.
((((((((((((((((((((((( Dateien erstellt von 2010-08-07 bis 2010-09-07 ))))))))))))))))))))))))))))))
.

2010-09-07 14:32 . 2010-09-07 14:32 46592 ---ha-w- c:\windows\system32\asr_nime.dll
2010-09-07 05:36 . 2010-09-07 05:36 -------- d-----w- C:\_OTL
2010-09-05 19:01 . 2010-09-05 19:03 -------- d-----w- c:\programme\ERUNT
2010-09-05 18:58 . 2010-09-05 18:58 -------- d-----w- c:\dokumente und einstellungen\Uli\Anwendungsdaten\Malwarebytes
2010-09-05 18:58 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-05 18:58 . 2010-09-05 18:58 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-05 18:58 . 2010-09-05 18:58 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2010-09-05 18:58 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-02 16:27 . 2010-09-02 16:27 -------- d-----w- c:\dokumente und einstellungen\Uli\Anwendungsdaten\Foxit Software
2010-09-01 02:38 . 2010-07-09 14:26 475136 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Dell\RMC\RMCCreationInfo.exe
2010-09-01 02:38 . 2010-07-02 14:25 1118208 ------w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Dell\RMC\Libxml2.dll
2010-09-01 02:38 . 2010-07-02 14:25 60416 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Dell\RMC\ZLib1.dll
2010-09-01 02:37 . 2010-08-17 18:10 372736 ------w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Dell\DSL\DSLCheck.exe
2010-08-15 09:09 . 2010-06-20 02:21 214016 ----a-w- c:\dokumente und einstellungen\Uli\Anwendungsdaten\Thunderbird\Profiles\yje1miwg.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\components\calbscmp.dll

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 19:04 . 2008-08-23 08:19 -------- d-----w- c:\dokumente und einstellungen\Uli\Anwendungsdaten\Media Player Classic
2010-09-07 19:04 . 2008-08-21 08:02 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2010-09-07 19:03 . 2010-01-09 13:17 -------- d-----w- c:\programme\CCleaner
2010-09-07 18:57 . 2008-08-28 06:35 -------- d-----w- c:\dokumente und einstellungen\Uli\Anwendungsdaten\foobar2000
2010-09-06 06:27 . 2008-08-23 11:16 -------- d-----w- c:\dokumente und einstellungen\Uli\Anwendungsdaten\gtk-2.0
2010-09-06 05:16 . 2009-06-16 21:11 1 ----a-w- c:\dokumente und einstellungen\Uli\Anwendungsdaten\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-05 16:43 . 2008-08-14 10:51 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Dell
2010-09-02 09:49 . 2009-03-18 06:02 -------- d-----w- c:\dokumente und einstellungen\Uli\Anwendungsdaten\Ebfui
2010-08-18 09:55 . 2009-07-18 13:33 -------- d-----w- c:\dokumente und einstellungen\Uli\Anwendungsdaten\BOM
2010-08-15 09:08 . 2008-08-21 07:20 -------- d-----w- c:\programme\Mozilla Thunderbird
2010-08-12 21:15 . 2004-08-13 11:40 85396 ----a-w- c:\windows\system32\perfc007.dat
2010-08-12 21:15 . 2004-08-13 11:40 460664 ----a-w- c:\windows\system32\perfh007.dat
2010-07-31 07:47 . 2009-06-21 11:25 -------- d-----w- c:\programme\CDBurnerXP
2010-07-23 23:03 . 2010-07-23 23:03 140560 ----a-w- c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2010-06-30 12:28 . 2004-08-13 11:40 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:15 . 2004-08-13 11:40 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15 . 2004-08-13 11:40 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15 . 2004-08-13 11:40 17408 ------w- c:\windows\system32\corpol.dll
2010-06-24 09:02 . 2004-08-13 11:40 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 21:29 . 2009-10-29 07:13 2568656 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\NOS\Adobe_Downloads\install_flash_player.exe
2010-06-21 15:27 . 2004-08-13 11:40 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-13 11:40 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2004-08-13 11:53 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-13 11:40 1172480 ----a-w- c:\windows\system32\msxml3.dll
2008-08-21 07:17 . 2008-08-21 07:17 14852 -c--a-w- c:\programme\settings.dat
.

((((((((((((((((((((((((((((( SnapShot@2010-01-14_08.14.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-07 19:13 . 2010-09-07 19:13 16384 c:\windows\Temp\Perflib_Perfdata_3c4.dat
+ 2010-02-18 06:37 . 2008-04-14 02:22 54272 c:\windows\system32\vfwwdm32.dll
- 2009-07-28 22:56 . 2009-07-15 09:48 29000 c:\windows\system32\uxtuneup.dll
+ 2010-01-22 19:47 . 2009-11-16 11:25 29000 c:\windows\system32\uxtuneup.dll
- 2008-08-14 10:41 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
+ 2008-08-14 10:41 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2010-02-17 17:51 . 2003-03-14 10:32 24576 c:\windows\system32\TTIC32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:32 24576 c:\windows\system32\TTI32.dll
+ 2010-02-17 17:51 . 2007-07-31 18:58 32768 c:\windows\system32\STRING32.dll
- 2008-08-14 10:44 . 2007-07-27 08:41 26488 c:\windows\system32\spupdsvc.exe
+ 2008-08-14 10:44 . 2007-07-27 21:11 26488 c:\windows\system32\spupdsvc.exe
- 2008-08-14 10:51 . 2008-07-08 13:00 18808 c:\windows\system32\spmsg.dll
+ 2008-08-14 10:51 . 2010-02-22 14:22 18808 c:\windows\system32\spmsg.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 69632 c:\windows\system32\PXTTool70VC8.dll
+ 2010-03-30 22:16 . 2010-03-30 22:16 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 44544 c:\windows\system32\pngfilt.dll
- 2004-08-13 11:40 . 2009-10-29 07:41 44544 c:\windows\system32\pngfilt.dll
- 2004-08-13 11:40 . 2010-01-12 17:40 71868 c:\windows\system32\perfc009.dat
+ 2004-08-13 11:40 . 2010-08-12 21:15 71868 c:\windows\system32\perfc009.dat
+ 2009-11-06 23:07 . 2009-11-06 23:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-05 20:17 . 2009-11-05 20:17 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-03 23:57 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2002-02-04 01:43 . 2003-04-18 15:29 82432 c:\windows\system32\msxml4r.dll
- 2002-02-04 01:43 . 2002-02-04 01:43 82432 c:\windows\system32\msxml4r.dll
+ 2010-02-17 17:51 . 2003-04-18 15:29 44544 c:\windows\system32\msxml4a.dll
+ 2004-08-13 11:40 . 2009-11-27 16:08 28672 c:\windows\system32\msvidc32.dll
+ 2004-08-13 11:40 . 2009-11-27 16:08 11264 c:\windows\system32\msrle32.dll
- 2004-08-13 11:40 . 2008-04-14 02:22 11264 c:\windows\system32\msrle32.dll
- 2007-08-13 16:54 . 2009-10-29 07:40 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 16:54 . 2010-06-24 12:15 52224 c:\windows\system32\msfeedsbs.dll
+ 2009-04-08 15:57 . 2009-04-08 15:57 98304 c:\windows\system32\LxUISettings10VC8.dll
- 2008-07-17 11:48 . 2008-07-17 11:48 98304 c:\windows\system32\LxUISettings10VC8.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 27648 c:\windows\system32\LXTPSW20VC8.dll
- 2008-07-17 11:48 . 2008-07-17 11:48 27648 c:\windows\system32\LXTPSW20VC8.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 61440 c:\windows\system32\LXCurr12VC8.dll
- 2008-07-17 11:48 . 2008-07-17 11:48 61440 c:\windows\system32\LXCurr12VC8.dll
- 2008-07-17 11:48 . 2008-07-17 11:48 81920 c:\windows\system32\LxCI12.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 81920 c:\windows\system32\LxCI12.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 27648 c:\windows\system32\jsproxy.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-03 23:57 . 2009-11-27 16:08 48128 c:\windows\system32\iyuv_32.dll
- 2007-08-13 16:39 . 2009-10-28 14:35 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-13 16:39 . 2010-06-23 12:06 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-13 11:40 . 2010-06-24 12:15 44544 c:\windows\system32\iernonce.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 44544 c:\windows\system32\iernonce.dll
+ 2004-08-13 11:40 . 2010-06-23 12:06 70656 c:\windows\system32\ie4uinit.exe
- 2004-08-13 11:40 . 2009-10-28 14:35 70656 c:\windows\system32\ie4uinit.exe
- 2007-08-13 16:36 . 2009-10-29 07:40 63488 c:\windows\system32\icardie.dll
+ 2007-08-13 16:36 . 2010-06-24 12:15 63488 c:\windows\system32\icardie.dll
- 2007-11-13 08:39 . 2007-11-13 08:39 57344 c:\windows\system32\FKStampPainter20.dll
+ 2009-04-08 05:17 . 2009-04-08 05:17 57344 c:\windows\system32\FKStampPainter20.dll
+ 2010-04-16 08:28 . 2009-10-16 00:33 41472 c:\windows\system32\DRVSTORE\usbaapl_E0F497D6C8B1C59AEB6422181BF0AFABD8356D47\usbaapl.sys
+ 2010-04-16 08:28 . 2010-03-16 17:53 17408 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\netaapl.sys
+ 2010-04-16 08:30 . 2009-05-18 11:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
+ 2010-02-18 06:37 . 2008-04-13 18:46 19200 c:\windows\system32\drivers\WSTCODEC.SYS
+ 2010-04-16 08:28 . 2009-10-16 00:33 41472 c:\windows\system32\drivers\usbaapl.sys
+ 2010-02-18 06:38 . 2008-04-13 18:46 15232 c:\windows\system32\drivers\StreamIP.sys
+ 2010-02-18 06:37 . 2008-04-13 18:46 11136 c:\windows\system32\drivers\SLIP.sys
+ 2010-02-18 06:38 . 2008-04-13 18:46 10880 c:\windows\system32\drivers\NdisIP.sys
+ 2010-02-18 06:37 . 2008-04-13 18:46 85248 c:\windows\system32\drivers\NABTSFEC.sys
+ 2010-02-18 06:37 . 2008-04-13 18:46 51200 c:\windows\system32\drivers\msdv.sys
+ 2010-04-16 08:30 . 2009-05-18 11:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2010-02-18 06:37 . 2008-04-13 18:46 17024 c:\windows\system32\drivers\CCDECODE.sys
+ 2010-02-18 06:37 . 2008-04-13 18:46 38912 c:\windows\system32\drivers\avc.sys
+ 2010-02-18 06:37 . 2008-04-13 18:46 48128 c:\windows\system32\drivers\61883.sys
+ 2009-02-02 18:08 . 2009-02-02 18:08 90112 c:\windows\system32\dntvmc27VC8.dll
- 2007-11-15 20:25 . 2007-11-15 20:25 90112 c:\windows\system32\dntvmc27VC8.dll
- 2007-11-15 20:25 . 2007-11-15 20:25 86016 c:\windows\system32\dntvm27VC8.dll
+ 2009-02-02 18:08 . 2009-02-02 18:08 86016 c:\windows\system32\dntvm27VC8.dll
+ 2010-02-12 09:46 . 2010-02-12 09:46 91424 c:\windows\system32\dnssd.dll
+ 2010-02-17 17:51 . 2003-03-14 10:32 57344 c:\windows\system32\DLLTPO32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:35 40960 c:\windows\system32\DLLRD32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:32 65536 c:\windows\system32\DLLPTL32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:33 53248 c:\windows\system32\DLLPRJ32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:32 49152 c:\windows\system32\DLLPRF32.dll
+ 2010-02-17 17:51 . 2007-07-31 18:58 36864 c:\windows\system32\DLLPNT32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:32 32768 c:\windows\system32\DLLMSC32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:32 24576 c:\windows\system32\DLLIX.dll
+ 2010-02-17 17:51 . 2003-03-14 10:32 32768 c:\windows\system32\DLLISO32.dll
+ 2010-02-17 17:51 . 2007-07-31 18:58 53248 c:\windows\system32\DLLIO32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:33 45056 c:\windows\system32\DLLIMG32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:32 32768 c:\windows\system32\DLLDIR32.dll
+ 2010-02-17 17:51 . 2007-07-31 18:58 98304 c:\windows\system32\DLLCPY32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:33 61440 c:\windows\system32\DLLCDF32.dll
+ 2010-02-18 06:37 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2010-02-18 06:37 . 2008-04-14 02:22 54272 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2010-02-18 06:38 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2010-02-18 06:37 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys
- 2008-08-14 10:39 . 2009-10-29 07:41 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2010-02-18 06:38 . 2008-04-13 18:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2010-02-18 06:37 . 2008-04-13 18:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-10-05 18:52 . 2010-06-24 12:15 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-10-05 18:52 . 2009-10-29 07:40 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-02-18 06:37 . 2008-04-13 18:46 51200 c:\windows\system32\dllcache\msdv.sys
- 2008-08-14 10:39 . 2009-10-29 07:40 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll
- 2008-10-05 18:52 . 2009-10-28 14:35 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-05 18:52 . 2010-06-23 12:06 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2004-08-13 11:40 . 2010-06-24 12:15 44544 c:\windows\system32\dllcache\iernonce.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2009-02-20 16:49 . 2010-06-24 12:15 78336 c:\windows\system32\dllcache\ieencode.dll
- 2009-02-20 16:49 . 2009-10-29 07:40 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-13 16:39 . 2010-06-23 12:06 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-13 16:39 . 2009-10-28 14:35 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-05 18:52 . 2010-06-24 12:15 63488 c:\windows\system32\dllcache\icardie.dll
- 2008-10-05 18:52 . 2009-10-29 07:40 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2009-06-29 15:55 . 2010-06-24 12:15 17408 c:\windows\system32\dllcache\corpol.dll
- 2009-06-29 15:55 . 2009-10-29 07:40 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-02-18 06:37 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2010-01-13 14:00 . 2010-01-13 14:00 86528 c:\windows\system32\dllcache\cabview.dll
- 2009-06-10 14:13 . 2009-06-10 14:13 85504 c:\windows\system32\dllcache\avifil32.dll
+ 2009-06-10 14:13 . 2009-11-27 16:08 85504 c:\windows\system32\dllcache\avifil32.dll
+ 2010-02-18 06:37 . 2008-04-13 18:46 38912 c:\windows\system32\dllcache\avc.sys
+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2010-02-18 06:37 . 2008-04-13 18:46 48128 c:\windows\system32\dllcache\61883.sys
+ 2004-08-13 11:40 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-13 11:40 . 2010-01-13 14:00 86528 c:\windows\system32\cabview.dll
- 2004-08-13 11:40 . 2009-06-10 14:13 85504 c:\windows\system32\avifil32.dll
+ 2004-08-13 11:40 . 2009-11-27 16:08 85504 c:\windows\system32\avifil32.dll
+ 2004-08-13 11:40 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
+ 1999-08-09 13:39 . 1999-08-09 13:39 14832 c:\windows\system32\asfsipc.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-03-23 03:31 . 2010-03-23 03:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-04-01 09:42 . 2010-04-01 09:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-03-31 13:32 . 2010-03-31 13:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 18:19 . 2003-02-20 18:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-02-13 15:02 . 2010-02-13 15:02 84992 c:\windows\Installer\15c250b.msi
+ 2010-04-16 08:28 . 2010-04-16 08:28 27136 c:\windows\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
+ 2010-02-13 15:04 . 2010-02-13 15:04 10134 c:\windows\Installer\{93567BBD-4369-47B2-A621-78E008F8EA33}\ARPPRODUCTICON.exe
+ 2010-09-03 19:33 . 2010-09-03 19:33 45056 c:\windows\Installer\{8927E07C-97F7-4A54-88FB-D976F50DD46E}\NewShortcut11_98B583D780BC466EB9903ECA06AD09F1.exe
+ 2010-09-03 19:33 . 2010-09-03 19:33 45056 c:\windows\Installer\{8927E07C-97F7-4A54-88FB-D976F50DD46E}\NewShortcut1_A8873ADDBA0E42A0BF89BC75994F6A78.exe
+ 2010-09-03 19:33 . 2010-09-03 19:33 45056 c:\windows\Installer\{8927E07C-97F7-4A54-88FB-D976F50DD46E}\ARPPRODUCTICON.exe
+ 2010-02-13 15:04 . 2010-02-13 15:04 73728 c:\windows\Installer\{59624372-3B85-47f4-9B04-4911E551DF1E}\NewShortcut1.E478996E_1F9C_4900_988E_F8A470FEA557.exe
+ 2010-02-13 15:04 . 2010-02-13 15:04 10134 c:\windows\Installer\{59624372-3B85-47f4-9B04-4911E551DF1E}\ARPPRODUCTICON.exe
+ 2010-02-13 15:04 . 2010-02-13 15:17 57344 c:\windows\Installer\{19B822A6-372A-43E2-9230-0AFA4EC84F8C}\NewShortcut2.C5C62008_87C8_4C2F_ABF4_46914027DD45.exe
+ 2010-02-13 15:04 . 2010-02-13 15:04 45056 c:\windows\Installer\{19B822A6-372A-43E2-9230-0AFA4EC84F8C}\NewShortcut2.C3689185_4222_4F18_9E97_15FEFA5BB00F.exe
+ 2010-02-13 15:04 . 2010-02-13 15:17 40960 c:\windows\Installer\{19B822A6-372A-43E2-9230-0AFA4EC84F8C}\NewShortcut2.77753B3D_26FB_4DBC_81A5_15B1AD0AA28D.exe
+ 2010-02-13 15:04 . 2010-02-13 15:17 57344 c:\windows\Installer\{19B822A6-372A-43E2-9230-0AFA4EC84F8C}\NewShortcut2.306E0A24_77CC_4859_BD8E_90EF2434B1E8.exe
+ 2010-02-13 15:17 . 2010-02-13 15:17 45056 c:\windows\Installer\{19B822A6-372A-43E2-9230-0AFA4EC84F8C}\NewShortcut1.C3689185_4222_4F18_9E97_15FEFA5BB00F.exe
+ 2010-06-13 00:00 . 2010-03-11 12:31 44544 c:\windows\ie7updates\KB982381-IE7\pngfilt.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 52224 c:\windows\ie7updates\KB982381-IE7\msfeedsbs.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 27648 c:\windows\ie7updates\KB982381-IE7\jsproxy.dll
+ 2010-06-13 00:00 . 2010-03-10 13:17 13824 c:\windows\ie7updates\KB982381-IE7\ieudinit.exe
+ 2010-06-13 00:00 . 2010-03-11 12:31 44544 c:\windows\ie7updates\KB982381-IE7\iernonce.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 78336 c:\windows\ie7updates\KB982381-IE7\ieencode.dll
+ 2010-06-13 00:00 . 2010-03-10 13:17 70656 c:\windows\ie7updates\KB982381-IE7\ie4uinit.exe
+ 2010-06-13 00:00 . 2010-03-11 12:31 63488 c:\windows\ie7updates\KB982381-IE7\icardie.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 17408 c:\windows\ie7updates\KB982381-IE7\corpol.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 44544 c:\windows\ie7updates\KB980182-IE7\pngfilt.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 52224 c:\windows\ie7updates\KB980182-IE7\msfeedsbs.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 27648 c:\windows\ie7updates\KB980182-IE7\jsproxy.dll
+ 2010-03-31 01:40 . 2009-12-31 15:32 13824 c:\windows\ie7updates\KB980182-IE7\ieudinit.exe
+ 2010-03-31 01:40 . 2010-01-05 09:52 44544 c:\windows\ie7updates\KB980182-IE7\iernonce.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 78336 c:\windows\ie7updates\KB980182-IE7\ieencode.dll
+ 2010-03-31 01:40 . 2009-12-31 15:32 70656 c:\windows\ie7updates\KB980182-IE7\ie4uinit.exe
+ 2010-03-31 01:40 . 2010-01-05 09:52 63488 c:\windows\ie7updates\KB980182-IE7\icardie.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 17408 c:\windows\ie7updates\KB980182-IE7\corpol.dll
+ 2010-01-22 17:20 . 2009-10-29 07:41 44544 c:\windows\ie7updates\KB978207-IE7\pngfilt.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 52224 c:\windows\ie7updates\KB978207-IE7\msfeedsbs.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 27648 c:\windows\ie7updates\KB978207-IE7\jsproxy.dll
+ 2010-01-22 17:20 . 2009-10-28 14:35 13824 c:\windows\ie7updates\KB978207-IE7\ieudinit.exe
+ 2010-01-22 17:20 . 2009-10-29 07:40 44544 c:\windows\ie7updates\KB978207-IE7\iernonce.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 78336 c:\windows\ie7updates\KB978207-IE7\ieencode.dll
+ 2010-01-22 17:20 . 2009-10-28 14:35 70656 c:\windows\ie7updates\KB978207-IE7\ie4uinit.exe
+ 2010-01-22 17:20 . 2009-10-29 07:40 63488 c:\windows\ie7updates\KB978207-IE7\icardie.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 17408 c:\windows\ie7updates\KB978207-IE7\corpol.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 44544 c:\windows\ie7updates\KB2183461-IE7\pngfilt.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 52224 c:\windows\ie7updates\KB2183461-IE7\msfeedsbs.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 27648 c:\windows\ie7updates\KB2183461-IE7\jsproxy.dll
+ 2010-08-12 21:16 . 2010-05-04 12:39 13824 c:\windows\ie7updates\KB2183461-IE7\ieudinit.exe
+ 2010-08-12 21:16 . 2010-05-04 17:14 44544 c:\windows\ie7updates\KB2183461-IE7\iernonce.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 78336 c:\windows\ie7updates\KB2183461-IE7\ieencode.dll
+ 2010-08-12 21:16 . 2010-05-04 12:39 70656 c:\windows\ie7updates\KB2183461-IE7\ie4uinit.exe
+ 2010-08-12 21:16 . 2010-05-04 17:14 63488 c:\windows\ie7updates\KB2183461-IE7\icardie.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 17408 c:\windows\ie7updates\KB2183461-IE7\corpol.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_5840dac1\System.Drawing.Design.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_b1ec74a3\CustomMarshalers.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aada360296a42e0413579a19c771ec2d\System.Web.DynamicData.Design.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-08-12 21:16 . 2010-08-12 21:16 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-08-12 21:16 . 2010-08-12 21:16 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-08-13 04:27 . 2010-08-13 04:27 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-06-13 00:03 . 2010-06-13 00:03 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-08-09 13:12 . 2009-08-09 13:12 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-03-30 07:33 . 2010-03-30 07:33 11264 c:\windows\assembly\GAC_MSIL\cli_basetypes\1.0.15.0__ce2cb7e279207b9e\cli_basetypes.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-03-30 07:34 . 2010-03-30 07:34 64000 c:\windows\assembly\GAC_32\cli_cppuhelper\1.0.18.0__ce2cb7e279207b9e\cli_cppuhelper.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-05-26 06:05 . 2010-01-23 08:11 46080 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-26 06:05 . 2010-04-22 22:21 16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-06-13 00:03 . 2008-04-14 02:22 65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-04-14 10:54 . 2008-04-14 02:22 84992 c:\windows\$NtUninstallKB979309$\cabview.dll
+ 2010-02-24 08:19 . 2009-10-28 15:07 46080 c:\windows\$NtUninstallKB979306$\tzchange.exe
+ 2010-02-24 08:19 . 2010-01-23 10:40 16896 c:\windows\$NtUninstallKB979306$\spuninst\tzchange.dll
+ 2010-02-10 08:42 . 2008-04-14 02:22 32256 c:\windows\$NtUninstallKB978037$\csrsrv.dll
+ 2010-02-10 08:41 . 2004-08-04 13:00 25600 c:\windows\$NtUninstallKB977914$\msvidc32.dll
+ 2010-02-10 08:41 . 2008-04-14 02:22 11264 c:\windows\$NtUninstallKB977914$\msrle32.dll
+ 2010-02-10 08:41 . 2008-04-14 02:22 47616 c:\windows\$NtUninstallKB977914$\iyuv_32.dll
+ 2010-02-10 08:41 . 2009-06-10 14:13 85504 c:\windows\$NtUninstallKB977914$\avifil32.dll
+ 2010-02-10 08:41 . 2008-04-14 02:22 16896 c:\windows\$NtUninstallKB975560$\msyuv.dll
+ 2010-06-13 00:00 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB982381-IE7\update\spcustom.dll
+ 2010-06-13 00:00 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB982381-IE7\spmsg.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 44544 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\pngfilt.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 52224 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msfeedsbs.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 27648 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\jsproxy.dll
+ 2010-05-04 13:19 . 2010-05-04 13:19 13824 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieudinit.exe
+ 2010-05-04 16:48 . 2010-05-04 16:48 44544 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iernonce.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 78336 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieencode.dll
+ 2010-05-04 13:19 . 2010-05-04 13:19 70656 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ie4uinit.exe
+ 2010-05-04 16:48 . 2010-05-04 16:48 63488 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\icardie.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 17408 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\corpol.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981349\update\spcustom.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB981349\spmsg.dll
+ 2010-04-15 07:08 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB980232\update\spcustom.dll
+ 2010-04-15 07:08 . 2009-05-26 09:01 18808 c:\windows\$hf_mig$\KB980232\spmsg.dll
+ 2010-06-13 00:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980218\update\spcustom.dll
+ 2010-06-13 00:05 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB980218\spmsg.dll
+ 2010-06-13 00:05 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll
+ 2010-06-13 00:05 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB980195\spmsg.dll
+ 2010-03-31 01:40 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980182-IE7\update\spcustom.dll
+ 2010-03-31 01:40 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB980182-IE7\spmsg.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 44544 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\pngfilt.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 52224 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\msfeedsbs.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 27648 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\jsproxy.dll
+ 2010-03-10 14:05 . 2010-03-10 14:05 13824 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\ieudinit.exe
+ 2010-03-11 11:42 . 2010-03-11 11:42 44544 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\iernonce.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 78336 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\ieencode.dll
+ 2010-03-10 14:05 . 2010-03-10 14:05 70656 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\ie4uinit.exe
+ 2010-03-11 11:42 . 2010-03-11 11:42 63488 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\icardie.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 17408 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\corpol.dll
+ 2010-04-15 07:08 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979683\update\spcustom.dll
+ 2010-04-15 07:03 . 2010-03-05 14:53 16896 c:\windows\$hf_mig$\KB979683\update\mpsyschk.dll
+ 2010-04-15 07:08 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB979683\spmsg.dll
+ 2010-06-13 00:04 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll
+ 2010-06-13 00:04 . 2009-05-26 09:01 18808 c:\windows\$hf_mig$\KB979559\spmsg.dll
+ 2010-06-13 00:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-06-13 00:03 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-03-05 14:50 . 2010-03-05 14:50 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-04-14 10:54 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB979309\update\spcustom.dll
+ 2010-04-14 10:54 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB979309\spmsg.dll
+ 2010-01-13 13:48 . 2010-01-13 13:48 86528 c:\windows\$hf_mig$\KB979309\SP3QFE\cabview.dll
+ 2010-04-14 10:54 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB978601\update\spcustom.dll
+ 2010-04-14 10:54 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB978601\spmsg.dll
+ 2010-05-12 07:17 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-05-12 07:17 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978338\update\spcustom.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978338\spmsg.dll
+ 2010-02-10 08:43 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978262\update\spcustom.dll
+ 2010-02-10 08:43 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978262\spmsg.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978251\update\spcustom.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978251\spmsg.dll
+ 2010-01-22 17:20 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978207-IE7\update\spcustom.dll
+ 2010-01-22 17:20 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978207-IE7\spmsg.dll
+ 2010-01-05 09:46 . 2010-01-05 09:46 44544 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\pngfilt.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 52224 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msfeedsbs.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 27648 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\jsproxy.dll
+ 2010-01-01 06:55 . 2010-01-01 06:55 13824 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieudinit.exe
+ 2010-01-05 09:45 . 2010-01-05 09:45 44544 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iernonce.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 78336 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieencode.dll
+ 2010-01-01 06:55 . 2010-01-01 06:55 70656 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ie4uinit.exe
+ 2010-01-05 09:45 . 2010-01-05 09:45 63488 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\icardie.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 17408 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\corpol.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978037\update\spcustom.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978037\spmsg.dll
+ 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\$hf_mig$\KB978037\SP3QFE\csrsrv.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977914\update\spcustom.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB977914\spmsg.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 28672 c:\windows\$hf_mig$\KB977914\SP3QFE\msvidc32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 11264 c:\windows\$hf_mig$\KB977914\SP3QFE\msrle32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 48128 c:\windows\$hf_mig$\KB977914\SP3QFE\iyuv_32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 85504 c:\windows\$hf_mig$\KB977914\SP3QFE\avifil32.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977816\update\spcustom.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB977816\spmsg.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977165\update\spcustom.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB977165\spmsg.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975713\update\spcustom.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB975713\spmsg.dll
+ 2010-06-13 00:03 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-06-13 00:03 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2010-03-09 23:28 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB975561\update\spcustom.dll
+ 2010-03-09 23:28 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB975561\spmsg.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975560\update\spcustom.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB975560\spmsg.dll
+ 2009-11-27 17:23 . 2009-11-27 17:23 17920 c:\windows\$hf_mig$\KB975560\SP3QFE\msyuv.dll
+ 2010-02-10 08:43 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB971468\update\spcustom.dll
+ 2010-02-10 08:43 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB971468\spmsg.dll
+ 2010-08-03 09:35 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-08-03 09:35 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-07-16 13:11 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-07-16 13:11 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2001-08-18 03:54 . 2009-11-27 16:08 8704 c:\windows\system32\tsbyuv.dll
+ 2009-11-22 19:49 . 2009-11-12 12:48 7168 c:\windows\system32\drivers\StarOpen.sys
- 2009-11-22 19:49 . 2009-09-28 19:57 7168 c:\windows\system32\drivers\StarOpen.sys
+ 2010-02-18 06:38 . 2008-04-13 18:39 5504 c:\windows\system32\drivers\MSTEE.sys
+ 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2010-02-18 06:38 . 2008-04-13 18:39 5504 c:\windows\system32\dllcache\mstee.sys
+ 2010-09-05 19:03 . 2010-09-05 19:03 8192 c:\windows\ERDNT\05.09.2010\Users\00000004\UsrClass.dat
+ 2010-09-05 19:03 . 2010-09-05 19:03 8192 c:\windows\ERDNT\05.09.2010\Users\00000002\UsrClass.dat
+ 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2010-03-30 07:34 . 2010-03-30 07:34 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_uretypes\4.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_uretypes.dll
+ 2010-03-30 07:34 . 2010-03-30 07:34 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_ure\18.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
+ 2010-03-30 07:34 . 2010-03-30 07:34 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_oootypes\4.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_oootypes.dll
+ 2010-03-30 07:34 . 2010-03-30 07:34 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_basetypes\15.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-15 13:14 . 2009-10-15 13:14 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-15 13:14 . 2009-10-15 13:14 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-03-30 07:33 . 2010-03-30 07:33 7680 c:\windows\assembly\GAC_MSIL\cli_ure\1.0.18.0__ce2cb7e279207b9e\cli_ure.dll
+ 2010-03-30 07:34 . 2010-03-30 07:34 3072 c:\windows\assembly\GAC_32\policy.1.0.cli_cppuhelper\18.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
+ 2010-02-10 08:41 . 2004-08-04 13:00 8192 c:\windows\$NtUninstallKB977914$\tsbyuv.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-11 23:12 . 2009-07-11 23:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-11 23:09 . 2009-07-11 23:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-11 23:08 . 2009-07-11 23:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 552960 c:\windows\system32\zvkonline70VC8.dll
+ 2010-02-17 17:52 . 2001-05-16 16:54 309616 c:\windows\system32\wmv8dmod.dll
+ 1999-08-09 13:40 . 1999-08-09 13:40 163600 c:\windows\system32\wmaudsdk.dll
+ 2004-08-13 11:40 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 233472 c:\windows\system32\webcheck.dll
- 2004-08-13 11:40 . 2009-10-29 07:41 233472 c:\windows\system32\webcheck.dll
+ 2004-08-13 11:40 . 2010-03-09 11:09 430080 c:\windows\system32\vbscript.dll
- 2004-08-13 11:40 . 2008-05-09 10:54 430080 c:\windows\system32\vbscript.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 105984 c:\windows\system32\url.dll
- 2004-08-13 11:40 . 2009-10-29 07:41 105984 c:\windows\system32\url.dll
+ 2010-01-22 19:47 . 2010-01-22 19:47 604488 c:\windows\system32\TUProgSt.exe
- 2008-12-31 16:32 . 2009-07-28 22:56 604488 c:\windows\system32\TUProgSt.exe
+ 2010-01-22 19:47 . 2010-01-22 19:47 361288 c:\windows\system32\TuneUpDefragService.exe
- 2009-07-28 22:56 . 2009-07-28 22:56 361288 c:\windows\system32\TuneUpDefragService.exe
+ 2004-08-13 11:40 . 2009-12-08 09:23 474624 c:\windows\system32\shlwapi.dll
- 2004-08-13 11:40 . 2008-04-14 02:22 474624 c:\windows\system32\shlwapi.dll
+ 2010-03-30 22:10 . 2010-03-30 22:10 295264 c:\windows\system32\PresentationHost.exe
+ 2004-08-13 11:40 . 2010-08-12 21:15 442602 c:\windows\system32\perfh009.dat
- 2004-08-13 11:40 . 2010-01-12 17:40 442602 c:\windows\system32\perfh009.dat
+ 2004-08-13 11:40 . 2010-06-24 12:15 102912 c:\windows\system32\occache.dll
- 2004-08-13 11:40 . 2009-10-29 07:41 102912 c:\windows\system32\occache.dll
+ 2010-02-17 17:51 . 2006-07-21 16:16 430080 c:\windows\system32\MXRestore.exe
- 2004-08-13 11:40 . 2009-10-29 07:41 671232 c:\windows\system32\mstime.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 671232 c:\windows\system32\mstime.dll
- 2004-08-13 11:40 . 2009-10-29 07:41 193024 c:\windows\system32\msrating.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 193024 c:\windows\system32\msrating.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 477696 c:\windows\system32\mshtmled.dll
- 2004-08-13 11:40 . 2009-10-29 07:41 477696 c:\windows\system32\mshtmled.dll
- 2007-08-13 16:54 . 2009-10-29 07:40 459264 c:\windows\system32\msfeeds.dll
+ 2007-08-13 16:54 . 2010-06-24 12:15 459264 c:\windows\system32\msfeeds.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 297808 c:\windows\system32\mscoree.dll
+ 2010-02-17 17:52 . 2001-05-11 12:18 420240 c:\windows\system32\mpg4c32.dll
+ 2010-02-17 17:49 . 2008-04-15 15:14 700416 c:\windows\system32\mgxoschk.dll
+ 2010-08-17 15:09 . 2010-08-17 15:09 232912 c:\windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe
+ 2009-04-08 15:57 . 2009-04-08 15:57 110592 c:\windows\system32\LxUISettings20Native.dll
- 2008-07-17 11:48 . 2008-07-17 11:48 716800 c:\windows\system32\lxter20VC8.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 716800 c:\windows\system32\lxter20VC8.dll
+ 2009-02-02 18:11 . 2009-02-02 18:11 208896 c:\windows\system32\LXPrnUtil10.dll
- 2007-11-09 14:18 . 2007-11-09 14:18 208896 c:\windows\system32\LXPrnUtil10.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 135168 c:\windows\system32\LxMail30VC8.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 323584 c:\windows\system32\LxImport70VC8.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 192512 c:\windows\system32\LXDasi70VC8.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 258048 c:\windows\system32\LXBtr70VC8.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 212992 c:\windows\system32\LxBasics70VC8.dll
+ 2010-03-30 07:31 . 2010-03-30 07:31 153376 c:\windows\system32\javaws.exe
+ 2010-03-30 07:31 . 2010-03-30 07:31 145184 c:\windows\system32\javaw.exe
+ 2010-03-30 07:31 . 2010-03-30 07:31 145184 c:\windows\system32\java.exe
- 2004-08-13 11:53 . 2008-04-11 19:04 691712 c:\windows\system32\inetcomm.dll
+ 2004-08-13 11:53 . 2010-01-29 14:59 691712 c:\windows\system32\inetcomm.dll
- 2007-08-13 16:34 . 2009-10-29 07:40 268288 c:\windows\system32\iertutil.dll
+ 2007-08-13 16:34 . 2010-06-24 12:15 268288 c:\windows\system32\iertutil.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 192512 c:\windows\system32\iepeers.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 385024 c:\windows\system32\iedkcs32.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 385024 c:\windows\system32\iedkcs32.dll
+ 2007-07-11 10:27 . 2010-06-24 12:15 380928 c:\windows\system32\ieapfltr.dll
- 2007-07-11 10:27 . 2009-10-29 07:40 380928 c:\windows\system32\ieapfltr.dll
- 2004-08-13 11:40 . 2009-10-28 06:52 161792 c:\windows\system32\ieakui.dll
+ 2004-08-13 11:40 . 2010-06-17 15:11 161792 c:\windows\system32\ieakui.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 153088 c:\windows\system32\ieakeng.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 153088 c:\windows\system32\ieakeng.dll
+ 2010-04-16 08:30 . 2008-04-17 10:12 107368 c:\windows\system32\GEARAspi.dll
+ 2004-08-13 11:46 . 2010-08-13 04:19 247104 c:\windows\system32\FNTCACHE.DAT
- 2004-08-13 11:40 . 2009-10-29 07:40 133120 c:\windows\system32\extmgr.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 133120 c:\windows\system32\extmgr.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 214528 c:\windows\system32\dxtrans.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 347136 c:\windows\system32\dxtmsft.dll
+ 2010-04-16 08:30 . 2008-04-17 10:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll
+ 2004-08-13 11:40 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-13 11:40 . 2010-02-24 13:11 455680 c:\windows\system32\drivers\mrxsmb.sys
- 2007-11-15 20:27 . 2007-11-15 20:27 303104 c:\windows\system32\dnt27VC8.dll
+ 2009-02-02 18:10 . 2009-02-02 18:10 303104 c:\windows\system32\dnt27VC8.dll
+ 2010-02-12 09:46 . 2010-02-12 09:46 107808 c:\windows\system32\dns-sd.exe
+ 2010-02-17 17:51 . 2007-07-31 18:58 192512 c:\windows\system32\DLLRES32.dll
+ 2010-02-17 17:51 . 2007-07-31 18:58 151552 c:\windows\system32\DLLDRV32.dll
+ 2010-02-17 17:50 . 2007-04-27 09:43 120200 c:\windows\system32\DLLDEV32i.dll
+ 2010-02-17 17:51 . 2007-07-31 18:58 167936 c:\windows\system32\DLLDEV32.dll
+ 2010-02-17 17:51 . 2003-03-14 10:33 114688 c:\windows\system32\DLLCDA32.dll
+ 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 832512 c:\windows\system32\dllcache\wininet.dll
- 2008-08-14 10:39 . 2009-10-29 07:41 832512 c:\windows\system32\dllcache\wininet.dll
- 2007-08-13 16:54 . 2009-10-29 07:41 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-13 16:54 . 2010-06-24 12:15 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-05-09 10:54 . 2008-05-09 10:54 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2008-05-09 10:54 . 2010-03-09 11:09 430080 c:\windows\system32\dllcache\vbscript.dll
- 2007-08-13 16:44 . 2009-10-29 07:41 105984 c:\windows\system32\dllcache\url.dll
+ 2007-08-13 16:44 . 2010-06-24 12:15 105984 c:\windows\system32\dllcache\url.dll
+ 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2008-10-16 06:22 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys
+ 2009-12-08 09:23 . 2009-12-08 09:23 474624 c:\windows\system32\dllcache\shlwapi.dll
+ 2008-12-05 06:55 . 2010-06-30 12:28 149504 c:\windows\system32\dllcache\schannel.dll
- 2007-08-13 16:44 . 2009-10-29 07:41 102912 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 16:44 . 2010-06-24 12:15 102912 c:\windows\system32\dllcache\occache.dll
- 2008-08-14 10:39 . 2009-10-29 07:41 671232 c:\windows\system32\dllcache\mstime.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 671232 c:\windows\system32\dllcache\mstime.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 193024 c:\windows\system32\dllcache\msrating.dll
- 2008-08-14 10:39 . 2009-10-29 07:41 193024 c:\windows\system32\dllcache\msrating.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-14 10:39 . 2009-10-29 07:41 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-05 18:52 . 2010-06-24 12:15 459264 c:\windows\system32\dllcache\msfeeds.dll
- 2008-10-05 18:52 . 2009-10-29 07:40 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-11-12 08:03 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys
- 2008-08-23 11:10 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-08-23 11:10 . 2010-01-29 14:59 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2007-08-13 16:43 . 2010-06-17 15:12 634656 c:\windows\system32\dllcache\iexplore.exe
- 2008-10-05 18:52 . 2009-10-29 07:40 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-05 18:52 . 2010-06-24 12:15 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 16:39 . 2010-06-24 12:15 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-13 16:39 . 2009-10-29 07:40 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-05 18:52 . 2009-10-29 07:40 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-05 18:52 . 2010-06-24 12:15 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2004-08-13 11:40 . 2010-06-17 15:11 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-13 11:40 . 2009-10-28 06:52 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2010-07-16 13:04 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
- 2008-08-14 10:39 . 2009-10-29 07:40 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-14 10:39 . 2009-10-29 07:40 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-14 10:39 . 2009-10-29 07:40 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2010-04-20 05:29 . 2010-04-20 05:29 285696 c:\windows\system32\dllcache\atmfd.dll
- 2007-08-13 16:39 . 2009-10-29 07:40 124928 c:\windows\system32\dllcache\advpack.dll
+ 2007-08-13 16:39 . 2010-06-24 12:15 124928 c:\windows\system32\dllcache\advpack.dll
+ 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2010-02-17 17:51 . 2007-07-31 18:58 618496 c:\windows\system32\DLLAV32.dll
+ 2009-06-16 20:36 . 2010-03-30 07:31 411368 c:\windows\system32\deploytk.dll
- 2009-06-16 20:36 . 2009-10-11 03:17 411368 c:\windows\system32\deploytk.dll
+ 2010-03-18 07:26 . 2010-02-12 10:03 293376 c:\windows\system32\browserchoice.exe
+ 2009-04-08 13:25 . 2009-04-08 13:25 364544 c:\windows\system32\BH_DATA120VC8.dll
- 2004-08-13 11:40 . 2008-04-14 02:20 285696 c:\windows\system32\atmfd.dll
+ 2004-08-13 11:40 . 2010-04-20 05:29 285696 c:\windows\system32\atmfd.dll
- 2004-08-13 11:40 . 2009-10-29 07:40 124928 c:\windows\system32\advpack.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 124928 c:\windows\system32\advpack.dll
+ 2004-08-13 11:40 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
+ 2010-03-30 22:16 . 2010-03-30 22:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-03-23 03:31 . 2010-03-23 03:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 10:22 . 2010-02-09 10:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2009-08-07 21:51 . 2009-08-07 21:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 12:49 . 2010-03-31 12:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\7bcefd.msp
+ 2010-04-16 08:28 . 2010-04-16 08:28 791552 c:\windows\Installer\5e67ee.msi
+ 2010-03-30 07:32 . 2010-03-30 07:32 178176 c:\windows\Installer\2a7dda.msi
+ 2010-03-30 07:31 . 2010-03-30 07:31 577536 c:\windows\Installer\2a7dd3.msi
+ 2010-02-13 15:04 . 2010-02-13 15:04 653824 c:\windows\Installer\15c2698.msi
+ 2010-02-13 15:01 . 2010-02-13 15:01 295606 c:\windows\Installer\{AC76BA86-7AD7-1031-7B44-A80000000002}\SC_Reader.exe
+ 2010-04-16 08:30 . 2010-04-16 08:30 372736 c:\windows\Installer\{996A2FAA-7514-4628-9D12-A8FC34A0016E}\iTunesIco.exe
+ 2010-02-13 15:04 . 2010-02-13 15:17 172032 c:\windows\Installer\{19B822A6-372A-43E2-9230-0AFA4EC84F8C}\NewShortcut11.F207EE89_63A7_4F89_8D5A_61A70CCCD4F1.exe
+ 2010-02-13 15:04 . 2010-02-13 15:17 172032 c:\windows\Installer\{19B822A6-372A-43E2-9230-0AFA4EC84F8C}\NewShortcut1.F207EE89_63A7_4F89_8D5A_61A70CCCD4F1.exe
+ 2010-06-13 00:00 . 2010-03-11 12:31 832512 c:\windows\ie7updates\KB982381-IE7\wininet.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 233472 c:\windows\ie7updates\KB982381-IE7\webcheck.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 105984 c:\windows\ie7updates\KB982381-IE7\url.dll
+ 2010-06-13 00:00 . 2009-05-26 11:40 388984 c:\windows\ie7updates\KB982381-IE7\spuninst\updspapi.dll
+ 2010-06-13 00:00 . 2008-07-08 13:00 234872 c:\windows\ie7updates\KB982381-IE7\spuninst\spuninst.exe
+ 2010-06-13 00:00 . 2010-03-11 12:31 102912 c:\windows\ie7updates\KB982381-IE7\occache.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 671232 c:\windows\ie7updates\KB982381-IE7\mstime.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 193024 c:\windows\ie7updates\KB982381-IE7\msrating.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 477696 c:\windows\ie7updates\KB982381-IE7\mshtmled.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 459264 c:\windows\ie7updates\KB982381-IE7\msfeeds.dll
+ 2010-06-13 00:00 . 2010-02-23 05:20 634648 c:\windows\ie7updates\KB982381-IE7\iexplore.exe
+ 2010-06-13 00:00 . 2010-03-11 12:31 268288 c:\windows\ie7updates\KB982381-IE7\iertutil.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 192512 c:\windows\ie7updates\KB982381-IE7\iepeers.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 385024 c:\windows\ie7updates\KB982381-IE7\iedkcs32.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 380928 c:\windows\ie7updates\KB982381-IE7\ieapfltr.dll
+ 2010-06-13 00:00 . 2010-02-23 05:18 161792 c:\windows\ie7updates\KB982381-IE7\ieakui.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 230400 c:\windows\ie7updates\KB982381-IE7\ieaksie.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 153088 c:\windows\ie7updates\KB982381-IE7\ieakeng.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 133120 c:\windows\ie7updates\KB982381-IE7\extmgr.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 214528 c:\windows\ie7updates\KB982381-IE7\dxtrans.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 347136 c:\windows\ie7updates\KB982381-IE7\dxtmsft.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 124928 c:\windows\ie7updates\KB982381-IE7\advpack.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 832512 c:\windows\ie7updates\KB980182-IE7\wininet.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 233472 c:\windows\ie7updates\KB980182-IE7\webcheck.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 105984 c:\windows\ie7updates\KB980182-IE7\url.dll
+ 2010-03-31 01:40 . 2009-05-26 11:40 388984 c:\windows\ie7updates\KB980182-IE7\spuninst\updspapi.dll
+ 2010-03-31 01:40 . 2009-05-26 11:40 234872 c:\windows\ie7updates\KB980182-IE7\spuninst\spuninst.exe
+ 2010-03-31 01:40 . 2010-01-05 09:52 102912 c:\windows\ie7updates\KB980182-IE7\occache.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 671232 c:\windows\ie7updates\KB980182-IE7\mstime.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 193024 c:\windows\ie7updates\KB980182-IE7\msrating.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 477696 c:\windows\ie7updates\KB980182-IE7\mshtmled.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 459264 c:\windows\ie7updates\KB980182-IE7\msfeeds.dll
+ 2010-03-31 01:40 . 2009-12-18 13:05 634648 c:\windows\ie7updates\KB980182-IE7\iexplore.exe
+ 2010-03-31 01:40 . 2010-01-05 09:52 268288 c:\windows\ie7updates\KB980182-IE7\iertutil.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 192512 c:\windows\ie7updates\KB980182-IE7\iepeers.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 385024 c:\windows\ie7updates\KB980182-IE7\iedkcs32.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 380928 c:\windows\ie7updates\KB980182-IE7\ieapfltr.dll
+ 2010-03-31 01:40 . 2009-12-18 13:04 161792 c:\windows\ie7updates\KB980182-IE7\ieakui.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 230400 c:\windows\ie7updates\KB980182-IE7\ieaksie.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 153088 c:\windows\ie7updates\KB980182-IE7\ieakeng.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 133120 c:\windows\ie7updates\KB980182-IE7\extmgr.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 214528 c:\windows\ie7updates\KB980182-IE7\dxtrans.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 347136 c:\windows\ie7updates\KB980182-IE7\dxtmsft.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 124928 c:\windows\ie7updates\KB980182-IE7\advpack.dll
+ 2010-01-22 17:20 . 2009-10-29 07:41 832512 c:\windows\ie7updates\KB978207-IE7\wininet.dll
+ 2010-01-22 17:20 . 2009-10-29 07:41 233472 c:\windows\ie7updates\KB978207-IE7\webcheck.dll
+ 2010-01-22 17:20 . 2009-10-29 07:41 105984 c:\windows\ie7updates\KB978207-IE7\url.dll
+ 2010-01-22 17:20 . 2009-05-26 11:40 388984 c:\windows\ie7updates\KB978207-IE7\spuninst\updspapi.dll
+ 2010-01-22 17:20 . 2009-05-26 11:40 234872 c:\windows\ie7updates\KB978207-IE7\spuninst\spuninst.exe
+ 2010-01-22 17:20 . 2009-10-29 07:41 102912 c:\windows\ie7updates\KB978207-IE7\occache.dll
+ 2010-01-22 17:20 . 2009-10-29 07:41 671232 c:\windows\ie7updates\KB978207-IE7\mstime.dll
+ 2010-01-22 17:20 . 2009-10-29 07:41 193024 c:\windows\ie7updates\KB978207-IE7\msrating.dll
+ 2010-01-22 17:20 . 2009-10-29 07:41 477696 c:\windows\ie7updates\KB978207-IE7\mshtmled.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 459264 c:\windows\ie7updates\KB978207-IE7\msfeeds.dll
+ 2010-01-22 17:20 . 2009-10-28 06:54 634632 c:\windows\ie7updates\KB978207-IE7\iexplore.exe
+ 2010-01-22 17:20 . 2009-10-29 07:40 268288 c:\windows\ie7updates\KB978207-IE7\iertutil.dll
+ 2010-01-22 17:20 . 2007-08-13 16:54 191488 c:\windows\ie7updates\KB978207-IE7\iepeers.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 385024 c:\windows\ie7updates\KB978207-IE7\iedkcs32.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 380928 c:\windows\ie7updates\KB978207-IE7\ieapfltr.dll
+ 2010-01-22 17:20 . 2009-10-28 06:52 161792 c:\windows\ie7updates\KB978207-IE7\ieakui.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 230400 c:\windows\ie7updates\KB978207-IE7\ieaksie.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 153088 c:\windows\ie7updates\KB978207-IE7\ieakeng.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 133120 c:\windows\ie7updates\KB978207-IE7\extmgr.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 214528 c:\windows\ie7updates\KB978207-IE7\dxtrans.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 347136 c:\windows\ie7updates\KB978207-IE7\dxtmsft.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 124928 c:\windows\ie7updates\KB978207-IE7\advpack.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 832512 c:\windows\ie7updates\KB2183461-IE7\wininet.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 233472 c:\windows\ie7updates\KB2183461-IE7\webcheck.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 105984 c:\windows\ie7updates\KB2183461-IE7\url.dll
+ 2010-08-12 21:16 . 2010-02-22 14:22 388984 c:\windows\ie7updates\KB2183461-IE7\spuninst\updspapi.dll
+ 2010-08-12 21:16 . 2010-02-22 14:22 234872 c:\windows\ie7updates\KB2183461-IE7\spuninst\spuninst.exe
+ 2010-08-12 21:16 . 2010-05-04 17:14 102912 c:\windows\ie7updates\KB2183461-IE7\occache.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 671232 c:\windows\ie7updates\KB2183461-IE7\mstime.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 193024 c:\windows\ie7updates\KB2183461-IE7\msrating.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 477696 c:\windows\ie7updates\KB2183461-IE7\mshtmled.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 459264 c:\windows\ie7updates\KB2183461-IE7\msfeeds.dll
+ 2010-08-12 21:16 . 2010-04-16 11:43 634656 c:\windows\ie7updates\KB2183461-IE7\iexplore.exe
+ 2010-08-12 21:16 . 2010-05-04 17:14 268288 c:\windows\ie7updates\KB2183461-IE7\iertutil.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 192512 c:\windows\ie7updates\KB2183461-IE7\iepeers.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 385024 c:\windows\ie7updates\KB2183461-IE7\iedkcs32.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 380928 c:\windows\ie7updates\KB2183461-IE7\ieapfltr.dll
+ 2010-08-12 21:16 . 2010-04-16 11:43 161792 c:\windows\ie7updates\KB2183461-IE7\ieakui.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 230400 c:\windows\ie7updates\KB2183461-IE7\ieaksie.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 153088 c:\windows\ie7updates\KB2183461-IE7\ieakeng.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 133120 c:\windows\ie7updates\KB2183461-IE7\extmgr.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 214528 c:\windows\ie7updates\KB2183461-IE7\dxtrans.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 347136 c:\windows\ie7updates\KB2183461-IE7\dxtmsft.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 124928 c:\windows\ie7updates\KB2183461-IE7\advpack.dll
+ 2010-09-05 19:03 . 2010-09-05 19:03 262144 c:\windows\ERDNT\05.09.2010\Users\00000006\UsrClass.dat
+ 2010-09-05 19:03 . 2010-09-05 19:03 237568 c:\windows\ERDNT\05.09.2010\Users\00000003\ntuser.dat
+ 2010-09-05 19:03 . 2010-09-05 19:03 233472 c:\windows\ERDNT\05.09.2010\Users\00000001\NTUSER.DAT
+ 2010-09-05 19:02 . 2005-10-20 10:02 163328 c:\windows\ERDNT\05.09.2010\ERDNT.EXE
+ 2008-11-12 08:03 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-06-13 00:05 . 2010-06-13 00:05 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_2193f57e\System.Drawing.dll
+ 2010-06-13 05:30 . 2010-06-13 05:30 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_3c981671\System.Drawing.Design.dll
+ 2010-06-13 05:30 . 2010-06-13 05:30 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_e7c1324e\CustomMarshalers.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-08-13 04:21 . 2010-08-13 04:21 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\5e16c279496a553c988c6199f0cee8aa\System.Web.Routing.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\720b28d81e987b889180b291ea19b821\System.Web.Extensions.Design.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\da36fd678161cd3444ef547c894e3f35\System.Web.Entity.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\49ae7c73fac8827123d5db1714c22599\System.Web.Entity.Design.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ce3aa27d3c4c052845ac5abb1374defa\System.Web.DynamicData.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\95fab896ef2af14876e3e1524379773b\System.Web.Abstractions.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.d ll
+ 2010-08-13 04:28 . 2010-08-13 04:28 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\488c4017d45e861644a34fae557aa80f\System.Data.Entity.Design.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-08-13 04:27 . 2010-08-13 04:27 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5aeb40ff7128df2881fb03c01d070b20\ServiceModelReg.ni.exe
+ 2010-08-13 04:21 . 2010-08-13 04:21 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-08-13 04:27 . 2010-08-13 04:27 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-08-13 04:27 . 2010-08-13 04:27 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\56aec0938ef1bbdeca65b07a5fe8cd39\AspNetMMCExt.ni.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-13 00:03 . 2010-06-13 00:03 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-13 00:03 . 2010-06-13 00:03 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-09 13:12 . 2009-08-09 13:12 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-06-13 00:03 . 2010-06-13 00:03 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility

sonor71 · 07.09.2010, 20:31

TEIL 2 Combofix.txt

2009-10-15 13:14 . 2009-10-15 13:14 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-03-30 07:34 . 2010-03-30 07:34 118784 c:\windows\assembly\GAC_MSIL\cli_uretypes\1.0.4.0__ce2cb7e279207b9e\cli_uretypes.dll
+ 2010-03-30 07:34 . 2010-03-30 07:34 856064 c:\windows\assembly\GAC_MSIL\cli_oootypes\1.0.4.0__ce2cb7e279207b9e\cli_oootypes.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-02-25 23:11 . 2010-02-25 23:11 726456 c:\windows\assembly\GAC_32\NMSDVDNet\1.0.1007.2002__2ff9184220f553d5\NMSDVDNet.dll
+ 2010-02-25 23:11 . 2010-02-25 23:11 573952 c:\windows\assembly\GAC_32\DVSCommon\1.0.0.3__f82a82905f938a77\DVSCommon.dll
+ 2010-05-26 06:05 . 2009-05-26 09:01 388984 c:\windows\$NtUninstallKB981793$\spuninst\updspapi.dll
+ 2010-05-26 06:05 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB981793$\spuninst\spuninst.exe
+ 2010-04-15 07:06 . 2008-05-09 10:54 430080 c:\windows\$NtUninstallKB981349$\vbscript.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB981349$\spuninst\updspapi.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB981349$\spuninst\spuninst.exe
+ 2010-04-15 07:08 . 2009-05-26 09:01 388984 c:\windows\$NtUninstallKB980232$\spuninst\updspapi.dll
+ 2010-04-15 07:08 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB980232$\spuninst\spuninst.exe
+ 2010-04-15 07:08 . 2009-12-04 18:22 455424 c:\windows\$NtUninstallKB980232$\mrxsmb.sys
+ 2010-06-13 00:05 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB980218$\spuninst\updspapi.dll
+ 2010-06-13 00:05 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB980218$\spuninst\spuninst.exe
+ 2010-06-13 00:05 . 2008-04-14 02:20 285696 c:\windows\$NtUninstallKB980218$\atmfd.dll
+ 2010-06-13 00:05 . 2008-07-08 13:00 388984 c:\windows\$NtUninstallKB980195$\spuninst\updspapi.dll
+ 2010-06-13 00:05 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB980195$\spuninst\spuninst.exe
+ 2010-04-15 07:08 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979683$\spuninst\updspapi.dll
+ 2010-04-15 07:08 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979683$\spuninst\spuninst.exe
+ 2010-06-13 00:04 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979559$\spuninst\updspapi.dll
+ 2010-06-13 00:04 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB979559$\spuninst\spuninst.exe
+ 2010-06-13 00:03 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979482$\spuninst\updspapi.dll
+ 2010-06-13 00:03 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979482$\spuninst\spuninst.exe
+ 2010-04-15 07:08 . 2007-07-27 21:11 382840 c:\windows\$NtUninstallKB979402_WM9$\spuninst\updspapi.dll
+ 2010-04-15 07:08 . 2007-07-27 18:46 234872 c:\windows\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe
+ 2010-04-14 10:54 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979309$\spuninst\updspapi.dll
+ 2010-04-14 10:54 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB979309$\spuninst\spuninst.exe
+ 2010-02-24 08:19 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979306$\spuninst\updspapi.dll
+ 2010-02-24 08:19 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979306$\spuninst\spuninst.exe
+ 2010-06-13 00:03 . 2007-07-27 21:11 382840 c:\windows\$NtUninstallKB978695_WM9$\spuninst\updspapi.dll
+ 2010-06-13 00:03 . 2007-07-27 18:46 234872 c:\windows\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe
+ 2010-04-14 10:54 . 2008-04-14 02:22 176640 c:\windows\$NtUninstallKB978601$\wintrust.dll
+ 2010-04-14 10:54 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978601$\spuninst\updspapi.dll
+ 2010-04-14 10:54 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB978601$\spuninst\spuninst.exe
+ 2010-05-12 07:17 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-05-12 07:17 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-05-12 07:17 . 2008-04-11 19:04 691712 c:\windows\$NtUninstallKB978542$\inetcomm.dll
+ 2010-04-15 07:06 . 2008-06-20 11:08 225856 c:\windows\$NtUninstallKB978338$\tcpip6.sys
+ 2010-04-15 07:06 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978338$\spuninst\updspapi.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978338$\spuninst\spuninst.exe
+ 2010-04-15 07:06 . 2008-04-14 02:22 100352 c:\windows\$NtUninstallKB978338$\6to4svc.dll
+ 2010-02-10 08:43 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978262$\spuninst\updspapi.dll
+ 2010-02-10 08:43 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978262$\spuninst\spuninst.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978251$\spuninst\updspapi.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978251$\spuninst\spuninst.exe
+ 2010-02-10 08:41 . 2008-10-24 11:21 455296 c:\windows\$NtUninstallKB978251$\mrxsmb.sys
+ 2010-02-10 08:42 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978037$\spuninst\updspapi.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978037$\spuninst\spuninst.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB977914$\spuninst\updspapi.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB977914$\spuninst\spuninst.exe
+ 2010-04-15 07:06 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB977816$\spuninst\updspapi.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB977816$\spuninst\spuninst.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB977165$\spuninst\updspapi.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB977165$\spuninst\spuninst.exe
+ 2010-02-10 08:42 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975713$\spuninst\updspapi.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB975713$\spuninst\spuninst.exe
+ 2010-02-10 08:42 . 2008-04-14 02:22 474624 c:\windows\$NtUninstallKB975713$\shlwapi.dll
+ 2010-06-13 00:03 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975562$\spuninst\updspapi.dll
+ 2010-06-13 00:03 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB975562$\spuninst\spuninst.exe
+ 2010-03-09 23:28 . 2009-05-26 16:10 388984 c:\windows\$NtUninstallKB975561$\spuninst\updspapi.dll
+ 2010-03-09 23:28 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB975561$\spuninst\spuninst.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975560$\spuninst\updspapi.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB975560$\spuninst\spuninst.exe
+ 2010-02-10 08:43 . 2008-12-11 10:57 333952 c:\windows\$NtUninstallKB971468$\srv.sys
+ 2010-02-10 08:43 . 2008-07-08 13:00 388984 c:\windows\$NtUninstallKB971468$\spuninst\updspapi.dll
+ 2010-02-10 08:43 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB971468$\spuninst\spuninst.exe
+ 2010-08-03 09:35 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll
+ 2010-08-03 09:35 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe
+ 2010-07-16 13:11 . 2010-02-22 17:52 388984 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-07-16 13:11 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-07-16 13:11 . 2008-04-14 02:22 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-06-13 00:00 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB982381-IE7\update\updspapi.dll
+ 2010-06-13 00:00 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB982381-IE7\update\update.exe
+ 2010-06-13 00:00 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB982381-IE7\spuninst.exe
+ 2010-05-04 16:48 . 2010-05-04 16:48 841216 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\wininet.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 233472 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\webcheck.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 105984 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\url.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 102912 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\occache.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 671232 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mstime.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 193024 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msrating.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 477696 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtmled.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 459264 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\msfeeds.dll
+ 2010-04-16 11:08 . 2010-04-16 11:08 634648 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
+ 2010-05-04 16:48 . 2010-05-04 16:48 268288 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iertutil.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 193024 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iepeers.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 388608 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iedkcs32.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 380928 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieapfltr.dll
+ 2010-04-16 11:06 . 2010-04-16 11:06 161792 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieakui.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 230400 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieaksie.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 153088 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieakeng.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 132608 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\extmgr.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 214528 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\dxtrans.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 347136 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\dxtmsft.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 124928 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\advpack.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB981349\update\updspapi.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB981349\update\update.exe
+ 2010-04-15 07:06 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB981349\spuninst.exe
+ 2010-03-09 11:07 . 2010-03-09 11:07 430080 c:\windows\$hf_mig$\KB981349\SP3QFE\vbscript.dll
+ 2010-04-15 07:08 . 2009-05-26 09:01 388984 c:\windows\$hf_mig$\KB980232\update\updspapi.dll
+ 2010-04-15 07:08 . 2009-05-26 09:01 765304 c:\windows\$hf_mig$\KB980232\update\update.exe
+ 2010-04-15 07:08 . 2009-05-26 09:01 234872 c:\windows\$hf_mig$\KB980232\spuninst.exe
+ 2010-04-15 07:03 . 2010-02-24 11:57 457216 c:\windows\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys
+ 2010-06-13 00:05 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB980218\update\updspapi.dll
+ 2010-06-13 00:05 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB980218\update\update.exe
+ 2010-06-13 00:05 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB980218\spuninst.exe
+ 2010-04-20 05:37 . 2010-04-20 05:37 285824 c:\windows\$hf_mig$\KB980218\SP3QFE\atmfd.dll
+ 2010-06-13 00:05 . 2008-07-08 13:00 388984 c:\windows\$hf_mig$\KB980195\update\updspapi.dll
+ 2010-06-13 00:05 . 2008-07-08 13:00 765304 c:\windows\$hf_mig$\KB980195\update\update.exe
+ 2010-06-13 00:05 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB980195\spuninst.exe
+ 2010-03-31 01:40 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB980182-IE7\update\updspapi.dll
+ 2010-03-31 01:40 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB980182-IE7\update\update.exe
+ 2010-03-31 01:40 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB980182-IE7\spuninst.exe
+ 2010-03-11 11:42 . 2010-03-11 11:42 841216 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\wininet.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 233472 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\webcheck.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 105984 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\url.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 102912 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\occache.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 671232 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\mstime.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 193024 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\msrating.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 477696 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\mshtmled.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 459264 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\msfeeds.dll
+ 2010-02-23 05:19 . 2010-02-23 05:19 634648 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\iexplore.exe
+ 2010-03-11 11:42 . 2010-03-11 11:42 268288 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\iertutil.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 193024 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\iepeers.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 388608 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\iedkcs32.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 380928 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\ieapfltr.dll
+ 2010-02-23 05:18 . 2010-02-23 05:18 161792 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\ieakui.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 230400 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\ieaksie.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 153088 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\ieakeng.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 132608 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\extmgr.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 214528 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\dxtrans.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 347136 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\dxtmsft.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 124928 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\advpack.dll
+ 2010-04-15 07:08 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979683\update\updspapi.dll
+ 2010-04-15 07:08 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979683\update\update.exe
+ 2010-04-15 07:08 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB979683\spuninst.exe
+ 2010-06-13 00:04 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979559\update\updspapi.dll
+ 2010-06-13 00:04 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979559\update\update.exe
+ 2010-06-13 00:04 . 2009-05-26 09:01 234872 c:\windows\$hf_mig$\KB979559\spuninst.exe
+ 2010-06-13 00:03 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-06-13 00:03 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-06-13 00:03 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-04-14 10:54 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979309\update\updspapi.dll
+ 2010-04-14 10:54 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979309\update\update.exe
+ 2010-04-14 10:54 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB979309\spuninst.exe
+ 2010-04-14 10:54 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978601\update\updspapi.dll
+ 2010-04-14 10:54 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978601\update\update.exe
+ 2010-04-14 10:54 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB978601\spuninst.exe
+ 2009-12-24 06:42 . 2009-12-24 06:42 178176 c:\windows\$hf_mig$\KB978601\SP3QFE\wintrust.dll
+ 2010-05-12 07:17 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-05-12 07:17 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-05-12 07:17 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978338\update\updspapi.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978338\update\update.exe
+ 2010-04-15 07:06 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978338\spuninst.exe
+ 2010-02-11 11:36 . 2010-02-11 11:36 226880 c:\windows\$hf_mig$\KB978338\SP3QFE\tcpip6.sys
+ 2010-02-12 04:28 . 2010-02-12 04:28 100864 c:\windows\$hf_mig$\KB978338\SP3QFE\6to4svc.dll
+ 2010-02-10 08:43 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978262\update\updspapi.dll
+ 2010-02-10 08:43 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978262\update\update.exe
+ 2010-02-10 08:43 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978262\spuninst.exe
+ 2010-02-10 08:42 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978251\update\updspapi.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978251\update\update.exe
+ 2010-02-10 08:42 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978251\spuninst.exe
+ 2010-02-10 08:29 . 2009-12-04 17:25 456832 c:\windows\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys
+ 2010-01-22 17:20 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978207-IE7\update\updspapi.dll
+ 2010-01-22 17:20 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978207-IE7\update\update.exe
+ 2010-01-22 17:20 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978207-IE7\spuninst.exe
+ 2010-01-05 09:46 . 2010-01-05 09:46 841216 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
+ 2010-01-05 09:46 . 2010-01-05 09:46 233472 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\webcheck.dll
+ 2010-01-05 09:46 . 2010-01-05 09:46 105984 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\url.dll
+ 2010-01-05 09:46 . 2010-01-05 09:46 102912 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\occache.dll
+ 2010-01-05 09:46 . 2010-01-05 09:46 671232 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mstime.dll
+ 2010-01-05 09:46 . 2010-01-05 09:46 193024 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msrating.dll
+ 2010-01-05 09:46 . 2010-01-05 09:46 477696 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtmled.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 459264 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msfeeds.dll
+ 2009-12-18 07:00 . 2009-12-18 07:00 634632 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
+ 2010-01-05 09:45 . 2010-01-05 09:45 268288 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iertutil.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 193024 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iepeers.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 388608 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iedkcs32.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 380928 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieapfltr.dll
+ 2009-12-18 06:58 . 2009-12-18 06:58 161792 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieakui.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 230400 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieaksie.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 153088 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieakeng.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 132608 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\extmgr.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 214528 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\dxtrans.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 347136 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\dxtmsft.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 124928 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\advpack.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978037\update\updspapi.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978037\update\update.exe
+ 2010-02-10 08:42 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978037\spuninst.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB977914\update\updspapi.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB977914\update\update.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB977914\spuninst.exe
+ 2010-04-15 07:06 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB977816\update\updspapi.dll
+ 2010-04-15 07:06 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB977816\update\update.exe
+ 2010-04-15 07:06 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB977816\spuninst.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB977165\update\updspapi.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB977165\update\update.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB977165\spuninst.exe
+ 2010-02-10 08:42 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975713\update\updspapi.dll
+ 2010-02-10 08:42 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975713\update\update.exe
+ 2010-02-10 08:42 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB975713\spuninst.exe
+ 2009-12-08 09:01 . 2009-12-08 09:01 474624 c:\windows\$hf_mig$\KB975713\SP3QFE\shlwapi.dll
+ 2010-06-13 00:03 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-06-13 00:03 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-06-13 00:03 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2010-03-09 23:28 . 2009-05-26 16:10 388984 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2010-03-09 23:28 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975561\update\update.exe
+ 2010-03-09 23:28 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB975561\spuninst.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-02-10 08:41 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975560\update\update.exe
+ 2010-02-10 08:41 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB975560\spuninst.exe
+ 2010-02-10 08:43 . 2008-07-08 13:00 388984 c:\windows\$hf_mig$\KB971468\update\updspapi.dll
+ 2010-02-10 08:43 . 2008-07-08 13:00 765304 c:\windows\$hf_mig$\KB971468\update\update.exe
+ 2010-02-10 08:43 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB971468\spuninst.exe
+ 2010-02-10 08:29 . 2010-01-01 07:58 353792 c:\windows\$hf_mig$\KB971468\SP3QFE\srv.sys
+ 2010-08-03 09:35 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll
+ 2010-08-03 09:35 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB2286198\update\update.exe
+ 2010-08-03 09:35 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB2286198\spuninst.exe
+ 2010-07-16 13:11 . 2010-02-22 17:52 388984 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-07-16 13:11 . 2010-02-22 14:21 765304 c:\windows\$hf_mig$\KB2229593\update\update.exe
+ 2010-07-16 13:11 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-07-16 13:04 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2004-08-13 11:41 . 2010-04-08 12:03 2113536 c:\windows\system32\WMVCore.dll
+ 2004-08-13 11:41 . 2010-03-19 16:05 4874240 c:\windows\system32\wmp.dll
- 2004-08-13 11:41 . 2009-07-12 10:21 4874240 c:\windows\system32\wmp.dll
+ 2010-04-16 08:28 . 2009-10-16 00:33 3003680 c:\windows\system32\usbaaplrc.dll
- 2004-08-13 11:40 . 2009-10-29 07:41 1168384 c:\windows\system32\urlmon.dll
+ 2004-08-13 11:40 . 2010-06-24 12:15 1168384 c:\windows\system32\urlmon.dll
+ 2004-08-13 11:40 . 2010-07-27 06:29 8503296 c:\windows\system32\shell32.dll
+ 2004-08-13 11:40 . 2010-02-05 18:25 1297408 c:\windows\system32\quartz.dll
+ 2004-08-13 11:40 . 2010-04-28 05:41 2148864 c:\windows\system32\ntoskrnl.exe
+ 2004-08-03 23:50 . 2010-04-28 05:41 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-13 11:40 . 2010-06-24 12:15 3600896 c:\windows\system32\mshtml.dll
+ 2010-01-27 01:07 . 2010-08-17 15:09 5969360 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 7311360 c:\windows\system32\LxXtreme60VC8.dll
- 2008-07-17 11:48 . 2008-07-17 11:48 5701632 c:\windows\system32\LxXtreme50VC8.dll
+ 2009-04-08 16:07 . 2009-04-08 16:07 5701632 c:\windows\system32\LxXtreme50VC8.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 1245184 c:\windows\system32\LxTool70VC8.dll
+ 2009-04-08 16:24 . 2009-04-08 16:24 1257472 c:\windows\system32\LXTool70NSVC8.dll
- 2007-08-13 16:54 . 2009-10-29 07:40 6067200 c:\windows\system32\ieframe.dll
+ 2007-08-13 16:54 . 2010-06-24 12:15 6067200 c:\windows\system32\ieframe.dll
+ 2009-04-08 17:14 . 2009-04-08 17:14 1421312 c:\windows\system32\FormAssi50.dll
+ 2010-04-16 08:28 . 2009-10-16 00:33 3003680 c:\windows\system32\DRVSTORE\usbaapl_E0F497D6C8B1C59AEB6422181BF0AFABD8356D47\usbaaplrc.dll
+ 2010-04-16 08:28 . 2010-03-16 17:53 1419232 c:\windows\system32\DRVSTORE\netaapl_F433E854B3FF3BEE74986FDE8E16A64162342BFF\wdfcoinstaller01005.dll
+ 2006-12-07 17:02 . 2010-04-08 12:03 2113536 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-25 06:48 . 2010-03-19 16:05 4874240 c:\windows\system32\dllcache\wmp.dll
- 2008-10-25 06:48 . 2009-07-12 10:21 4874240 c:\windows\system32\dllcache\wmp.dll
+ 2008-10-16 06:21 . 2010-06-24 09:02 1852032 c:\windows\system32\dllcache\win32k.sys
- 2008-08-14 10:39 . 2009-10-29 07:41 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-14 10:39 . 2010-06-24 12:15 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:00 . 2010-07-27 06:29 8503296 c:\windows\system32\dllcache\shell32.dll
+ 2008-05-07 05:10 . 2010-02-05 18:25 1297408 c:\windows\system32\dllcache\quartz.dll
+ 2008-10-16 06:21 . 2010-04-28 18:11 2192256 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-16 06:21 . 2010-04-28 05:41 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-16 06:21 . 2010-04-28 05:41 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-16 06:21 . 2010-04-28 05:41 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-11-12 08:02 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2008-11-12 08:02 . 2009-07-31 04:32 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2004-08-13 11:53 . 2010-01-29 14:59 1315328 c:\windows\system32\dllcache\msoe.dll
- 2004-08-13 11:53 . 2009-07-10 13:26 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-02-17 02:59 . 2010-06-24 12:15 3600896 c:\windows\system32\dllcache\mshtml.dll
+ 2010-03-09 19:39 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2008-10-05 18:52 . 2010-06-24 12:15 6067200 c:\windows\system32\dllcache\ieframe.dll
- 2008-10-05 18:52 . 2009-10-29 07:40 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2009-11-06 23:06 . 2009-11-06 23:06 1130824 c:\windows\system32\dfshim.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-11-25 02:59 . 2008-11-25 02:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2009-08-07 21:51 . 2009-08-07 21:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-09-03 19:33 . 2010-09-03 19:33 2026496 c:\windows\Installer\ffe17.msi
+ 2009-11-16 15:02 . 2009-11-16 15:02 1092096 c:\windows\Installer\86488.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 2607104 c:\windows\Installer\7bcf0a.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 4210688 c:\windows\Installer\7bcf09.msp
+ 2009-11-08 22:25 . 2009-11-08 22:25 1935360 c:\windows\Installer\6ff2d8.msp
+ 2010-04-16 08:30 . 2010-04-16 08:30 4911104 c:\windows\Installer\5e685a.msi
+ 2010-04-16 08:29 . 2010-04-16 08:29 9472000 c:\windows\Installer\5e6856.msi
+ 2010-04-16 08:28 . 2010-04-16 08:28 1554944 c:\windows\Installer\5e6803.msi
+ 2010-04-16 08:28 . 2010-04-16 08:28 3165184 c:\windows\Installer\5e67fc.msi
+ 2010-04-16 08:28 . 2010-04-16 08:28 1984000 c:\windows\Installer\5e67f5.msi
+ 2010-02-13 15:04 . 2010-02-13 15:04 1744896 c:\windows\Installer\15c263c.msi
+ 2010-02-13 15:04 . 2010-02-13 15:04 3045888 c:\windows\Installer\15c2614.msi
+ 2010-02-13 15:01 . 2010-02-13 15:01 3588608 c:\windows\Installer\15c2505.msi
+ 2010-03-30 07:34 . 2010-03-30 07:34 7424000 c:\windows\Installer\{192A107E-C6B9-41B9-BDBF-38E3AA226054}\soffice.exe
+ 2010-06-13 00:00 . 2010-03-11 12:31 1168384 c:\windows\ie7updates\KB982381-IE7\urlmon.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 3599872 c:\windows\ie7updates\KB982381-IE7\mshtml.dll
+ 2010-06-13 00:00 . 2010-03-11 12:31 6067200 c:\windows\ie7updates\KB982381-IE7\ieframe.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 1168384 c:\windows\ie7updates\KB980182-IE7\urlmon.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 3599360 c:\windows\ie7updates\KB980182-IE7\mshtml.dll
+ 2010-03-31 01:40 . 2010-01-05 09:52 6067200 c:\windows\ie7updates\KB980182-IE7\ieframe.dll
+ 2010-01-22 17:20 . 2009-10-29 07:41 1168384 c:\windows\ie7updates\KB978207-IE7\urlmon.dll
+ 2010-01-22 17:20 . 2009-10-29 07:41 3598336 c:\windows\ie7updates\KB978207-IE7\mshtml.dll
+ 2010-01-22 17:20 . 2009-10-29 07:40 6067200 c:\windows\ie7updates\KB978207-IE7\ieframe.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 1168384 c:\windows\ie7updates\KB2183461-IE7\urlmon.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 3600384 c:\windows\ie7updates\KB2183461-IE7\mshtml.dll
+ 2010-08-12 21:16 . 2010-05-04 17:14 6067200 c:\windows\ie7updates\KB2183461-IE7\ieframe.dll
+ 2008-10-16 06:21 . 2010-04-28 18:11 2192256 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-16 06:21 . 2010-04-28 05:41 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-16 06:21 . 2010-04-28 05:41 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-16 06:21 . 2010-04-28 05:41 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-06-13 05:30 . 2010-06-13 05:30 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_87daa420\System.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_76826ccd\System.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_78a0469d\System.Xml.dll
+ 2010-06-13 05:31 . 2010-06-13 05:31 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3607abe2\System.Xml.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_cbc1b153\System.Windows.Forms.dll
+ 2010-06-13 05:30 . 2010-06-13 05:30 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_b61b73ab\System.Windows.Forms.dll
+ 2010-06-13 05:31 . 2010-06-13 05:31 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_54ee9053\System.Drawing.dll
+ 2010-06-13 05:31 . 2010-06-13 05:31 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_c8039eec\System.Design.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_0ea2f709\System.Design.dll
+ 2010-06-13 05:31 . 2010-06-13 05:31 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_af797f1f\mscorlib.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_53f781f1\mscorlib.dll
+ 2010-08-12 21:16 . 2010-08-12 21:16 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-06-13 00:03 . 2010-06-13 00:03 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40C.tmp\System.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\60b3c9a63b2065a6952d16256545c25d\System.WorkflowServices.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5cc2a23ce8ac371c7a97b5e542ee27ed\System.Workflow.Runtime.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c0aabf67e7ef98dc10c3e174c136731b\System.Workflow.ComponentModel.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\66682c8a064608ba4ffd0463cf09aef9\System.Workflow.Activities.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2d662564b8d9c57a34c588cc2970902b\System.Web.Services.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\9b455702c9b7b02c5708406f87986751\System.Web.Mobile.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\49c7a1c78ed9502ba97c11e6bd993f63\System.Web.Extensions.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\f5790a1b7b41e7b8d05f01b549c80f39\System.ServiceModel.Web.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\0885f31c21b796465fde6297dba20981\System.IdentityModel.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\23cf0498f2ebe4c8ffa5cc79efca2dc5\System.Data.Services.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\9732a7c993055f82040642966db07ccf\Microsoft.VisualBasic.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-06-23 11:28 . 2010-06-23 11:28 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-06-13 00:03 . 2010-06-13 00:03 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-06-23 11:28 . 2010-06-23 11:28 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-15 13:14 . 2009-10-15 13:14 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-06-23 11:28 . 2010-06-23 11:28 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2009-08-09 13:12 . 2009-08-09 13:12 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-10-15 13:11 . 2009-10-15 13:11 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-10-15 13:11 . 2009-10-15 13:11 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-06-13 00:05 . 2010-06-13 00:05 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-04-15 07:08 . 2009-12-09 10:05 2147840 c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
+ 2010-04-15 07:08 . 2009-12-09 10:05 2026496 c:\windows\$NtUninstallKB979683$\ntkrpamp.exe
+ 2010-04-15 07:08 . 2009-12-09 10:05 2026496 c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
+ 2010-04-15 07:08 . 2009-12-09 10:05 2147840 c:\windows\$NtUninstallKB979683$\ntkrnlmp.exe
+ 2010-06-13 00:04 . 2009-08-14 15:10 1850752 c:\windows\$NtUninstallKB979559$\win32k.sys
+ 2010-04-15 07:08 . 2009-07-12 10:21 4874240 c:\windows\$NtUninstallKB979402_WM9$\wmp.dll
+ 2010-06-13 00:03 . 2009-05-26 14:53 2174976 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll
+ 2010-05-12 07:17 . 2009-07-10 13:26 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-02-10 08:41 . 2009-08-04 17:26 2147840 c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
+ 2010-02-10 08:41 . 2009-08-04 17:25 2026496 c:\windows\$NtUninstallKB977165$\ntkrpamp.exe
+ 2010-02-10 08:41 . 2009-08-04 17:25 2026496 c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
+ 2010-02-10 08:41 . 2009-08-04 17:26 2147840 c:\windows\$NtUninstallKB977165$\ntkrnlmp.exe
+ 2010-06-13 00:03 . 2009-11-27 17:11 1297408 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2010-03-09 23:28 . 2008-04-14 02:22 3558912 c:\windows\$NtUninstallKB975561$\moviemk.exe
+ 2010-02-10 08:41 . 2009-06-03 19:09 1296896 c:\windows\$NtUninstallKB975560$\quartz.dll
+ 2010-08-03 09:35 . 2008-06-17 19:00 8502272 c:\windows\$NtUninstallKB2286198$\shell32.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 1171968 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\urlmon.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 3603456 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtml.dll
+ 2010-05-04 16:48 . 2010-05-04 16:48 6071296 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieframe.dll
+ 2010-06-12 21:57 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\ieapfltr.dat
+ 2010-03-11 11:42 . 2010-03-11 11:42 1171968 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\urlmon.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 3602944 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\mshtml.dll
+ 2010-03-11 11:42 . 2010-03-11 11:42 6070784 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\ieframe.dll
+ 2010-03-31 01:31 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\ieapfltr.dat
+ 2010-04-15 07:03 . 2010-02-16 18:58 2192384 c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
+ 2010-04-15 07:03 . 2010-02-16 18:58 2027008 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrpamp.exe
+ 2010-04-15 07:03 . 2010-02-16 18:58 2069248 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
+ 2010-04-15 07:03 . 2010-02-16 18:58 2148864 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlmp.exe
+ 2010-05-02 08:00 . 2010-05-02 08:00 1860480 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys
+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2010-01-05 09:46 . 2010-01-05 09:46 1170944 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\urlmon.dll
+ 2010-01-05 09:46 . 2010-01-05 09:46 3602944 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
+ 2010-01-05 09:45 . 2010-01-05 09:45 6071296 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieframe.dll
+ 2010-01-22 17:15 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieapfltr.dat
+ 2009-12-09 14:29 . 2009-12-09 14:29 2191616 c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
+ 2010-02-10 08:29 . 2009-12-09 09:58 2026496 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrpamp.exe
+ 2009-12-09 14:29 . 2009-12-09 14:29 2068480 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
+ 2010-02-10 08:29 . 2009-12-09 09:58 2147840 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlmp.exe
+ 2010-02-05 18:28 . 2010-02-05 18:28 1297408 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2010-03-09 19:39 . 2009-10-23 14:53 3558912 c:\windows\$hf_mig$\KB975561\SP3QFE\moviemk.exe
+ 2009-11-27 17:23 . 2009-11-27 17:23 1297408 c:\windows\$hf_mig$\KB975560\SP3QFE\quartz.dll
+ 2010-07-27 06:27 . 2010-07-27 06:27 8504320 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll
+ 2008-08-22 05:42 . 2010-08-03 18:09 35962312 c:\windows\system32\MRT.exe
+ 2010-04-02 17:29 . 2010-04-02 17:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-02-13 15:02 . 2008-11-14 16:27 73009664 c:\windows\Installer\LxCache\{8E9A0A1E-84C6-4ED7-865D-3591180C6AC8}\Lexware_buchhalter.msi
+ 2010-04-02 10:30 . 2010-04-02 10:30 17456640 c:\windows\Installer\7bcf38.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 14599680 c:\windows\Installer\7bcf19.msp
+ 2010-03-30 23:23 . 2010-03-30 23:23 15638528 c:\windows\Installer\6ff2e5.msp
+ 2010-03-30 07:34 . 2010-03-30 07:34 10179072 c:\windows\Installer\2a8cf6.msi
+ 2010-05-19 11:08 . 2010-05-19 11:08 11408896 c:\windows\Installer\188949.msp
+ 2009-04-29 08:26 . 2009-04-29 08:26 15371776 c:\windows\Installer\15c2a02.msp
+ 2010-09-05 19:03 . 2010-09-05 19:03 15048704 c:\windows\ERDNT\05.09.2010\Users\00000005\ntuser.dat
+ 2010-06-13 00:02 . 2010-06-13 00:02 13725184 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP32D.tmp\PresentationFramework.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-08-13 04:28 . 2010-08-13 04:28 11798016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\411a627d6f5cb83509332253406988e5\System.Web.ni.dll
+ 2010-08-13 04:27 . 2010-08-13 04:27 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f523a69e7c93ee4f245c996eac4b3a57\System.ServiceModel.ni.dll
+ 2010-08-13 04:21 . 2010-08-13 04:21 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\b307acf63075b997d02a97a7492d0d9c\System.Design.ni.dll
+ 2010-08-13 04:20 . 2010-08-13 04:20 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-08-12 21:16 . 2010-08-12 21:16 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-08-12 21:15 . 2010-08-12 21:15 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\programme\DVDVideoSoft\tbDVD1.dll" [2010-07-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2010-07-03 23:20 2736736 ----a-w- c:\programme\DVDVideoSoft\tbDVD1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\programme\DVDVideoSoft\tbDVD1.dll" [2010-07-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\programme\DVDVideoSoft\tbDVD1.dll" [2010-07-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-09 8523776]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-05 1392640]
"8169Diag"="c:\programme\Realtek\Diagnostics Utility\8169Diag.exe" [2008-02-26 909312]
"RTHDCPL"="RTHDCPL.EXE" [2008-01-31 16860672]
"dscactivate"="c:\programme\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"LexwareInfoService"="c:\programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe" [2008-11-03 339240]
"dellsupportcenter"="c:\programme\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 16 (0x10)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ISUSPM"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"SpybotSD TeaTimer"=c:\programme\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
"DellSupportCenter"="c:\programme\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
"CanonSolutionMenu"=c:\programme\Canon\SolutionMenu\CNSLMAIN.exe /logon
"OpwareSE4"="c:\programme\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"CanonMyPrinter"=c:\programme\Canon\MyPrinter\BJMyPrt.exe /logon
"ECenter"=c:\dell\E-Center\EULALauncher.exe
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\programme\QT Lite\QTTask.exe" -atboottime

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=
"c:\\Dokumente und Einstellungen\\Uli\\Eigene Dateien\\Media Player Classic\\mplayerc_update_10_03_08_de\\mplayerc_update_10_03_08_de\\mplayerc.de.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [12.01.2010 19:16 108289]
R2 LANPkt;Realtek LANPkt Protocol Driver;c:\windows\system32\drivers\LANPkt.sys [14.08.2008 12:47 8960]
R2 MarxDev1;MarxDev1;c:\windows\system32\drivers\MARXDEV1.SYS [28.12.2008 23:22 8864]
R2 MarxDev2;MarxDev2;c:\windows\system32\drivers\MARXDEV2.SYS [28.12.2008 23:22 8864]
R2 MarxDev3;MarxDev3;c:\windows\system32\drivers\MARXDEV3.SYS [28.12.2008 23:22 8864]
S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [14.08.2008 12:47 11264]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\programme\MAGIX\Common\Database\bin\fbserver.exe [17.02.2010 19:51 1527900]
S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [14.08.2008 12:47 16640]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners

2010-09-07 c:\windows\Tasks\1-Klick-Wartung.job
- c:\programme\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 11:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\dokumente und einstellungen\Uli\Anwendungsdaten\Mozilla\Firefox\Profiles\y7e5rgnc.default\
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-09-07 21:18
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-1672193358-1993206540-2074963698-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(1456)
c:\windows\System32\BCMLogon.dll
.
Zeit der Fertigstellung: 2010-09-07 21:20:13
ComboFix-quarantined-files.txt 2010-09-07 19:20
ComboFix2.txt 2010-01-14 08:17

Vor Suchlauf: 14 Verzeichnis(se), 181.187.854.336 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 181.214.081.024 Bytes frei

WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Current=15 Default=15 Failed=14 LastKnownGood=16 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
- - End Of File - - 5FD4A741965B0D80816456B6874B449F

sonor71 · 08.09.2010, 17:23

@cosinus:

hi, ist nun alles ok. oder gibt es weiteren handlungsbedarf oder auch tipps???

danke

cosinus · 08.09.2010, 19:46

Zitat:

c:\windows\system32\asr_nime.dll

Bitte diese Datei bei Virustotal auswerten lassen und den Ergebnislink posten. Falls Du die Datei nicht siehst, musst Du sie evtl. vorher sichtbar machen.
Wenn die Datei schon ausgewertet sein sollte, bitte eine weitere Auswertung starten.

sonor71 · 08.09.2010, 21:44

hier der link:
hxxp://www.virustotal.com/file-scan/report.html?id=1912ce3ad5558834684498fa8b89c0968988b695f7a46155d7b26eca0c191fe7-1283978498

06.09.2010, 11:23	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	20 tans werden abgefragt onlinebanking => rootkit? Ich meinte den Vollscan mit Malwarebytes. __________________ --> 20 tans werden abgefragt onlinebanking => rootkit?

20 tans werden abgefragt onlinebanking => rootkit?

Plagegeister aller Art und deren Bekämpfung: 20 tans werden abgefragt onlinebanking => rootkit?