Google leitet auf andere Suchmaschienen um (Firefox und Explorer)

El_Kimmo · 10.10.2010, 20:05

Habe schon einen Scan mit Malwarebytes und Antivir durchgeführt und es wurde nichts gefunden.

HiJackthis log ist hier
HiJackthis Logfile:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:31, on 10.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Motorola Media Link\NServiceEntry.exe
C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe
C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vsnpstd.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\iatsky\iatsky.exe
C:\Programme\Motorola\MotoConnectService\MotoConnect.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\Programme\ICQ7.2\ICQ.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IATSKY] C:\Programme\iatsky\iatsky.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Telefonauskunft und Rückwärtssuche auf CD-ROM - Schnellstarter.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?4d756034759342df9342eeac146bbd95
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?4d756034759342df9342eeac146bbd95
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177158109359
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: DeviceMonitorService - Nero AG - C:\Programme\Motorola Media Link\NServiceEntry.exe
O23 - Service: Google Update Service (gupdate1c9b3abc89374fa) (gupdate1c9b3abc89374fa) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: MotoConnect Service - Unknown owner - C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
 
--
End of file - 8390 bytes

--- --- ---

Bitte um Hilfe, schonmal Danke im Vorraus

AntiVir meldete gerade folgenden Fund den ich sofort gelöscht habe:

In der Datei 'C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir'
wurde ein Virus oder unerwünschtes Programm 'TR/Rootkit.Gen3' [trojan] gefunden.
Ausgeführte Aktion: Datei löschen

Malwarebytes meldete gerade folgendes

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

10.10.2010 23:34:55
mbam-log-2010-10-10 (23-34-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 72690
Laufzeit: 1 Stunde(n), 48 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus · 11.10.2010, 10:58

Zitat:

In der Datei 'C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir'

Wenn man schon CF aus eigene Faust ausführt postet man wenigstens unaufgefordert das Log!

El_Kimmo · 11.10.2010, 15:42

Ich hab Combofix nicht auf eigene Faust ausgeführt. Das habe ich noch auf dem Rechner vom letzten mal, da hab ich das unter Anleitung durchgeführt. Also was wird alles noch an logs benötigt

Antivir hat folgende Viren gefunden und kann diese nicht entfernen:

In der Datei 'C:\WINDOWS\system32\winlogon.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.513024.22' [trojan] gefunden.

In der Datei 'C:\WINDOWS\explorer.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Spy.1036800.8' [trojan] gefunden.

El_Kimmo · 11.10.2010, 17:46

Kann mir also keiner helfen ??

cosinus · 11.10.2010, 19:58

Zitat:

Das habe ich noch auf dem Rechner vom letzten mal, da hab ich das unter Anleitung durchgeführt.

Ok, ich dachte schon

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

El_Kimmo · 12.10.2010, 01:58

Hier nach langer Zeit schonmal das log von malwarebytes

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4796

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

12.10.2010 02:53:53
mbam-log-2010-10-12 (02-53-53).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 300448
Laufzeit: 3 Stunde(n), 38 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\appsecdll (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\Lea\Eigene Dateien\zurückgeholte\3277.jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Lea\Eigene Dateien\zurückgeholte\2d0nt6f.jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Lea\Eigene Dateien\zurückgeholte\MFT 39453\sklafja.jpg (Extension.Mismatch) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Lea\Lokale Einstellungen\Temp\RarSFX2\basic\guardgui.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\User\Desktop\Multimedia\hjsplit\hjsplit.exe (Trojan.Agent) -> Quarantined and deleted successfully.

El_Kimmo · 12.10.2010, 02:03

und die otl logs:OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 12.10.2010 03:00:45 - Run 1
OTL by OldTimer - Version 3.2.15.0     Folder = C:\Dokumente und Einstellungen\Detlef\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): D:\pagefile.sys 3072 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 5,13 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 154,75 Gb Total Space | 10,88 Gb Free Space | 7,03% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Detlef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"57203:TCP" = 57203:TCP:*:Enabled:Pando Media Booster
"57203:UDP" = 57203:UDP:*:Enabled:Pando Media Booster
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remoteunterstützung - Windows Messenger und Voice -- (Microsoft Corporation)
"C:\Programme\Sony\Media Manager for WALKMAN\MediaManager.exe" = C:\Programme\Sony\Media Manager for WALKMAN\MediaManager.exe:*:Enabled:Media Manager for WALKMAN 1.2 -- (Sony Creative Software Inc.)
"C:\Programme\Trillian\trillian.exe" = C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\Spiele\SteamApps\assi_the_trooper\condition zero deleted scenes\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Motorola Media Link\MML.exe" = C:\Programme\Motorola Media Link\MML.exe:*:Disabled:Motorola Media Link main -- (Nero corporation)
"D:\Spiele\SteamApps\assi_the_trooper\counter-strike\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\counter-strike\hl.exe:*:Enabled:Counter-Strike -- File not found
"D:\Spiele\SteamApps\assi_the_trooper\day of defeat\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\day of defeat\hl.exe:*:Enabled:Day of Defeat -- File not found
"D:\Spiele\SteamApps\assi_the_trooper\condition zero\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- File not found
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CLUR05IZ\svchost[1].exe" = C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CLUR05IZ\svchost[1].exe:*:Enabled:ldrsoft -- File not found
"D:\Spiele\DarkCrusade.exe" = D:\Spiele\DarkCrusade.exe:*:Disabled:DarkCrusade -- File not found
"D:\Spiele\Soulstorm.exe" = D:\Spiele\Soulstorm.exe:*:Disabled:Soulstorm -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510" = Canon MP510
"{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = PowerStarter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{3353CA25-78CC-4321-B67C-16F2933DC94B}" = Browsen mit Registerkarten (Windows Live Toolbar)
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AF0CCF7-3D25-470A-91D3-ABBBA7F30327}" = OneCare Advisor (Windows Live Toolbar)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D31F40D-78C1-48C4-B7C6-10844B7A6DF9}" = Telefonauskunft und Rückwärtssuche auf CD-ROM
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}" = iTunes
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5A6ED905-D19D-4954-8499-0DAF386460F7}" = Media Manager for WALKMAN 1.2
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6EFA70F2-D6C3-4ECA-BEA9-C1A31277C63A}_is1" = FLV Converter 2.5
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7677634B-E04E-4D2A-89CE-C6EF2370B498}" = Popupblocker (Windows Live Toolbar)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{7CDA2B02-E0A4-4EB5-8533-050D535BA43A}" = Media Converter for Philips
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A6AD979-8170-49ED-8529-14174317B281}" = SA60xx Device Manager
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8FB1A5EA-7DA8-4D57-80FB-BD923CCCC852}" = OpenOffice.org 2.1
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA9768AA-FF0B-4C66-A085-31E934F77841}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup 1.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BA02FAF3-7AEE-4B07-A7F8-5AF7F81EB940}" = DRAWings X3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{D9DC70B6-BE13-41DD-9053-9E617E72D085}" = MOTOROLA MEDIA LINK
"{DD133F7D-E484-45B7-BBB9-828FCA45BBDB}" = i@Sky Weather Information Centre
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy 1.0
"{EBA672FF-F80E-48B1-8FC4-616825318810}" = Feederkennung (Windows Live Toolbar)
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EFD8E454-EE12-402A-BFC1-7EA096599CBA}" = Windows Live Outlook-Toolbar (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F3220F3E-3B12-4B65-861D-B8EFCCA44A39}" = VideoCAM Trek
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Anti-Twin 2008-02-11 23.09.08" = Anti-Twin (Installation 11.02.2008)
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Canon MP510 Benutzerregistrierung" = Canon MP510 Benutzerregistrierung
"CCleaner" = CCleaner
"Diashow pro_is1" = Diashow pro
"Easy-WebPrint" = Easy-WebPrint
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 2.3
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"LingoPad_is1" = LingoPad 2.5.1 (Build 325)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"Mp3tag" = Mp3tag v2.46
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Nero 6
"NeroVision!UninstallKey" = Nero Digital
"Ninotech Date Edit" = Ninotech Date Edit 4.0
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PSP Video 9" = PSP Video 9 4.04
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Recuva" = Recuva (remove only)
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SUPER ©" = SUPER © Version 2008.bld.25 (Feb 5, 2008)
"Switch" = Switch
"Total Video Converter 3.14_is1" = Total Video Converter 3.14 080930
"Uninstall_is1" = Uninstall 1.0.0.0
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winexit_is1" = Winexit 3.5
"WinFF_is1" = WinFF 0.31
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.90.2
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD" = XviD MPEG-4 Codec
 
========== Last 10 Event Log Errors ==========
 
[ DRAWings Events ]
Error - 14.07.2008 09:59:07 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description = 
 
Error - 14.07.2008 10:00:21 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description = 
 
Error - 14.07.2008 10:00:42 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description = 
 
[ System Events ]
Error - 18.09.2010 15:46:47 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 18.09.2010 15:46:47 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
Error - 19.09.2010 07:06:00 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 19.09.2010 07:06:01 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
Error - 19.09.2010 14:43:00 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 19.09.2010 14:43:01 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
Error - 20.09.2010 08:39:04 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 20.09.2010 08:39:04 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
Error - 21.09.2010 11:55:50 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 21.09.2010 11:55:59 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
 
< End of report >

--- --- ---
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 12.10.2010 03:00:45 - Run 1
OTL by OldTimer - Version 3.2.15.0     Folder = C:\Dokumente und Einstellungen\Detlef\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): D:\pagefile.sys 3072 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 5,13 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 154,75 Gb Total Space | 10,88 Gb Free Space | 7,03% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Detlef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\iatsky\iatsky.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\vsnpstd.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MotoConnect Service) -- C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (DeviceMonitorService) -- C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\D.tmp File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\Cofi\catchme.sys File not found
DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (Motousbnet) -- C:\WINDOWS\system32\drivers\Motousbnet.sys (Motorola)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola)
DRV - (BTCFilterService) -- C:\WINDOWS\system32\drivers\motfilt.sys (Motorola Inc)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (MotoSwitchService) -- C:\WINDOWS\system32\drivers\motswch.sys (Motorola)
DRV - (VtcDrv) -- C:\WINDOWS\system32\drivers\vtcdrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (snpstd) -- C:\WINDOWS\system32\drivers\snpstd.sys ()
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.09.19 00:09:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.10.12 01:51:47 | 000,000,000 | ---D | M]
 
[2008.10.12 22:37:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Extensions
[2010.10.11 23:09:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions
[2010.10.11 23:09:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.04.06 22:55:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.08.12 20:10:39 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\searchplugins\icqplugin.xml
[2010.07.27 02:17:55 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.19 18:40:53 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.07.25 18:12:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.25 18:12:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.25 18:12:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.25 18:12:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.25 18:12:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.11.24 21:34:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IATSKY] C:\Programme\iatsky\iatsky.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D}] C:\WINDOWS\System32\win32GI\svhost.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Programme\MSN Messenger\msnmsgr.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177158109359 (MUWebControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.21 12:49:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: nlsfol32 - (C:\WINDOWS\system32\cidasec6.dll) - C:\WINDOWS\System32\cidasec6.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.12 02:58:48 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe
[2010.10.12 02:09:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\Adobe
[2010.10.12 01:52:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Apple Computer
[2010.10.12 00:06:43 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Detlef\Eigene Dateien\Eigene Videos
[2010.10.11 23:13:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Eigene Dateien\Downloads
[2010.10.11 23:12:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Malwarebytes
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.10 17:31:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.10.09 16:02:31 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.10.09 14:58:24 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Server
[2010.09.26 17:44:42 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2007.04.26 14:14:30 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2007.04.26 14:14:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2007.04.26 14:14:30 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.12 03:00:23 | 002,097,152 | -H-- | M] () -- C:\Dokumente und Einstellungen\Detlef\ntuser.dat
[2010.10.12 02:58:50 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe
[2010.10.12 02:56:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.12 02:56:19 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.10.12 02:56:04 | 000,088,556 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.10.12 02:56:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.12 02:56:02 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.12 02:56:01 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.12 02:55:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.12 02:55:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.12 02:54:45 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Detlef\ntuser.ini
[2010.10.12 02:50:36 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.10.12 02:50:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.12 01:52:06 | 000,273,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.10.12 00:06:57 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.09 17:16:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.07 15:09:05 | 001,024,808 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.07 15:09:05 | 000,458,808 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.07 15:09:05 | 000,440,998 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.07 15:09:05 | 000,084,666 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.07 15:09:05 | 000,071,316 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.04 18:20:02 | 004,632,029 | ---- | M] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:19:57 | 003,575,010 | ---- | M] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:19:54 | 003,371,882 | ---- | M] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:19:51 | 003,661,946 | ---- | M] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:19:48 | 004,018,465 | ---- | M] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.10.04 18:19:45 | 003,213,894 | ---- | M] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:19:42 | 002,800,532 | ---- | M] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:19:39 | 003,935,291 | ---- | M] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:19:36 | 003,017,453 | ---- | M] () -- C:\01 Club of Sons.wma.MP3
[2010.09.26 17:47:18 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.10.12 00:06:59 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.12 00:06:57 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.04 18:14:14 | 003,213,894 | ---- | C] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:14:01 | 002,800,532 | ---- | C] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:13:45 | 003,935,291 | ---- | C] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:13:33 | 003,017,453 | ---- | C] () -- C:\01 Club of Sons.wma.MP3
[2010.10.04 18:13:15 | 004,632,029 | ---- | C] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:13:00 | 003,575,010 | ---- | C] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:12:47 | 003,371,882 | ---- | C] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:12:30 | 003,661,946 | ---- | C] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:12:14 | 004,018,465 | ---- | C] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.09.26 17:47:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.05.31 18:14:16 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.24 19:06:21 | 000,000,158 | ---- | C] () -- C:\WINDOWS\civ.ini
[2009.11.24 22:24:29 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\Combo-Fix.sys
[2009.09.10 16:05:18 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.06.05 22:29:08 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2009.06.05 22:27:49 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.12.02 23:58:56 | 000,231,390 | ---- | C] () -- C:\Programme\RootkitRevealer.zip
[2008.11.27 16:24:25 | 000,027,626 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Svclog.log
[2008.10.31 17:02:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WorldBuilder.INI
[2008.05.30 16:00:35 | 000,000,253 | ---- | C] () -- C:\WINDOWS\ktel.ini
[2008.02.08 15:15:47 | 000,399,360 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008.02.08 15:15:46 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.02.08 15:15:38 | 000,151,040 | -HS- | C] () -- C:\WINDOWS\System32\VistaUltm.dll
[2008.02.08 15:15:38 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\Smab0.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2008.02.07 23:49:47 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.02.07 23:49:47 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.02.07 18:16:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.02.07 18:16:11 | 000,088,064 | ---- | C] () -- C:\WINDOWS\System32\AudioExCtl.dll
[2008.02.07 18:15:10 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2007.10.20 16:53:10 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.09.19 17:51:17 | 000,000,264 | ---- | C] () -- C:\WINDOWS\game.ini
[2007.08.07 23:21:10 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.07 22:11:59 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.07.12 01:43:26 | 000,006,537 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007.06.27 16:43:38 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\viscomqtde.dll
[2007.06.27 16:43:38 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.05.27 15:26:32 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.04.30 11:47:56 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLec.DAT
[2007.04.29 15:57:32 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.04.26 14:14:30 | 000,390,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2007.04.26 14:14:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2007.04.26 14:14:30 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2007.04.26 14:09:57 | 000,000,408 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007.04.25 17:58:29 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.04.21 14:00:43 | 000,000,469 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.04.21 13:51:17 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.04.21 13:09:03 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.04.21 12:55:22 | 000,005,042 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.04.21 12:55:18 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.08.11 22:45:20 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.08.11 22:43:10 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.08.11 22:43:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.08.11 22:43:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.08.11 22:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.08.11 22:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.08.11 22:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2002.09.10 17:10:05 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >

--- --- ---

El_Kimmo · 12.10.2010, 02:04

und die otl logs:OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 12.10.2010 03:00:45 - Run 1
OTL by OldTimer - Version 3.2.15.0     Folder = C:\Dokumente und Einstellungen\Detlef\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): D:\pagefile.sys 3072 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 5,13 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 154,75 Gb Total Space | 10,88 Gb Free Space | 7,03% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Detlef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"57203:TCP" = 57203:TCP:*:Enabled:Pando Media Booster
"57203:UDP" = 57203:UDP:*:Enabled:Pando Media Booster
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remoteunterstützung - Windows Messenger und Voice -- (Microsoft Corporation)
"C:\Programme\Sony\Media Manager for WALKMAN\MediaManager.exe" = C:\Programme\Sony\Media Manager for WALKMAN\MediaManager.exe:*:Enabled:Media Manager for WALKMAN 1.2 -- (Sony Creative Software Inc.)
"C:\Programme\Trillian\trillian.exe" = C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\Spiele\SteamApps\assi_the_trooper\condition zero deleted scenes\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Motorola Media Link\MML.exe" = C:\Programme\Motorola Media Link\MML.exe:*:Disabled:Motorola Media Link main -- (Nero corporation)
"D:\Spiele\SteamApps\assi_the_trooper\counter-strike\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\counter-strike\hl.exe:*:Enabled:Counter-Strike -- File not found
"D:\Spiele\SteamApps\assi_the_trooper\day of defeat\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\day of defeat\hl.exe:*:Enabled:Day of Defeat -- File not found
"D:\Spiele\SteamApps\assi_the_trooper\condition zero\hl.exe" = D:\Spiele\SteamApps\assi_the_trooper\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- File not found
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CLUR05IZ\svchost[1].exe" = C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CLUR05IZ\svchost[1].exe:*:Enabled:ldrsoft -- File not found
"D:\Spiele\DarkCrusade.exe" = D:\Spiele\DarkCrusade.exe:*:Disabled:DarkCrusade -- File not found
"D:\Spiele\Soulstorm.exe" = D:\Spiele\Soulstorm.exe:*:Disabled:Soulstorm -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510" = Canon MP510
"{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = PowerStarter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{3353CA25-78CC-4321-B67C-16F2933DC94B}" = Browsen mit Registerkarten (Windows Live Toolbar)
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AF0CCF7-3D25-470A-91D3-ABBBA7F30327}" = OneCare Advisor (Windows Live Toolbar)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D31F40D-78C1-48C4-B7C6-10844B7A6DF9}" = Telefonauskunft und Rückwärtssuche auf CD-ROM
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}" = iTunes
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5A6ED905-D19D-4954-8499-0DAF386460F7}" = Media Manager for WALKMAN 1.2
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6EFA70F2-D6C3-4ECA-BEA9-C1A31277C63A}_is1" = FLV Converter 2.5
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7677634B-E04E-4D2A-89CE-C6EF2370B498}" = Popupblocker (Windows Live Toolbar)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{7CDA2B02-E0A4-4EB5-8533-050D535BA43A}" = Media Converter for Philips
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A6AD979-8170-49ED-8529-14174317B281}" = SA60xx Device Manager
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8FB1A5EA-7DA8-4D57-80FB-BD923CCCC852}" = OpenOffice.org 2.1
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0673E9E-4510-4AA0-B860-58FD5A7212A1}" = Motorola Driver Installation 4.5.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA9768AA-FF0B-4C66-A085-31E934F77841}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup 1.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BA02FAF3-7AEE-4B07-A7F8-5AF7F81EB940}" = DRAWings X3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{D9DC70B6-BE13-41DD-9053-9E617E72D085}" = MOTOROLA MEDIA LINK
"{DD133F7D-E484-45B7-BBB9-828FCA45BBDB}" = i@Sky Weather Information Centre
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy 1.0
"{EBA672FF-F80E-48B1-8FC4-616825318810}" = Feederkennung (Windows Live Toolbar)
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EFD8E454-EE12-402A-BFC1-7EA096599CBA}" = Windows Live Outlook-Toolbar (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F3220F3E-3B12-4B65-861D-B8EFCCA44A39}" = VideoCAM Trek
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Anti-Twin 2008-02-11 23.09.08" = Anti-Twin (Installation 11.02.2008)
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Canon MP510 Benutzerregistrierung" = Canon MP510 Benutzerregistrierung
"CCleaner" = CCleaner
"Diashow pro_is1" = Diashow pro
"Easy-WebPrint" = Easy-WebPrint
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 2.3
"Freez FLV to AVI/MPEG/WMV Converter 1.5_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"LingoPad_is1" = LingoPad 2.5.1 (Build 325)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"Mp3tag" = Mp3tag v2.46
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Nero 6
"NeroVision!UninstallKey" = Nero Digital
"Ninotech Date Edit" = Ninotech Date Edit 4.0
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PSP Video 9" = PSP Video 9 4.04
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Recuva" = Recuva (remove only)
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SUPER ©" = SUPER © Version 2008.bld.25 (Feb 5, 2008)
"Switch" = Switch
"Total Video Converter 3.14_is1" = Total Video Converter 3.14 080930
"Uninstall_is1" = Uninstall 1.0.0.0
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winexit_is1" = Winexit 3.5
"WinFF_is1" = WinFF 0.31
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.90.2
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD" = XviD MPEG-4 Codec
 
========== Last 10 Event Log Errors ==========
 
[ DRAWings Events ]
Error - 14.07.2008 09:59:07 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description = 
 
Error - 14.07.2008 10:00:21 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description = 
 
Error - 14.07.2008 10:00:42 | Computer Name = PC | Source = DRAWingsApp | ID = 4001
Description = 
 
[ System Events ]
Error - 18.09.2010 15:46:47 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 18.09.2010 15:46:47 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
Error - 19.09.2010 07:06:00 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 19.09.2010 07:06:01 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
Error - 19.09.2010 14:43:00 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 19.09.2010 14:43:01 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
Error - 20.09.2010 08:39:04 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 20.09.2010 08:39:04 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
Error - 21.09.2010 11:55:50 | Computer Name = PC | Source = SRService | ID = 104
Description = Die Initialisierung der Systemwiederherstellung ist fehlgeschlagen.
 
Error - 21.09.2010 11:55:59 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%2
 
 
< End of report >

--- --- ---

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 12.10.2010 03:00:45 - Run 1
OTL by OldTimer - Version 3.2.15.0     Folder = C:\Dokumente und Einstellungen\Detlef\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 80,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): D:\pagefile.sys 3072 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 5,13 Gb Free Space | 6,57% Space Free | Partition Type: NTFS
Drive D: | 154,75 Gb Total Space | 10,88 Gb Free Space | 7,03% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Detlef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnect.exe (Motorola)
PRC - C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
PRC - C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\iatsky\iatsky.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\vsnpstd.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MotoConnect Service) -- C:\Programme\Motorola\MotoConnectService\MotoConnectService.exe ()
SRV - (DeviceMonitorService) -- C:\Programme\Motorola Media Link\NServiceEntry.exe (Nero AG)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\D.tmp File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\Cofi\catchme.sys File not found
DRV - (MxlW2k) -- C:\WINDOWS\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (Motousbnet) -- C:\WINDOWS\system32\drivers\Motousbnet.sys (Motorola)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (motmodem) -- C:\WINDOWS\system32\drivers\motmodem.sys (Motorola)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (motccgp) -- C:\WINDOWS\system32\drivers\motccgp.sys (Motorola)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (motccgpfl) -- C:\WINDOWS\system32\drivers\motccgpfl.sys (Motorola)
DRV - (BTCFilterService) -- C:\WINDOWS\system32\drivers\motfilt.sys (Motorola Inc)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (MotoSwitchService) -- C:\WINDOWS\system32\drivers\motswch.sys (Motorola)
DRV - (VtcDrv) -- C:\WINDOWS\system32\drivers\vtcdrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (snpstd) -- C:\WINDOWS\system32\drivers\snpstd.sys ()
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.09.19 00:09:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.10.12 01:51:47 | 000,000,000 | ---D | M]
 
[2008.10.12 22:37:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Extensions
[2010.10.11 23:09:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions
[2010.10.11 23:09:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.04.06 22:55:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.08.12 20:10:39 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\searchplugins\icqplugin.xml
[2010.07.27 02:17:55 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.19 18:40:53 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.07.25 18:12:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.25 18:12:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.25 18:12:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.25 18:12:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.25 18:12:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.11.24 21:34:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IATSKY] C:\Programme\iatsky\iatsky.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D}] C:\WINDOWS\System32\win32GI\svhost.exe File not found
O4 - HKCU..\Run: [msnmsgr] C:\Programme\MSN Messenger\msnmsgr.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177158109359 (MUWebControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.21 12:49:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: nlsfol32 - (C:\WINDOWS\system32\cidasec6.dll) - C:\WINDOWS\System32\cidasec6.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.12 02:58:48 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe
[2010.10.12 02:09:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\Adobe
[2010.10.12 01:52:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Apple Computer
[2010.10.12 00:06:43 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Detlef\Eigene Dateien\Eigene Videos
[2010.10.11 23:13:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Eigene Dateien\Downloads
[2010.10.11 23:12:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Detlef\Anwendungsdaten\Malwarebytes
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.11 20:57:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DBControl
[2010.10.10 17:31:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.10.09 16:02:31 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.10.09 14:58:24 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Server
[2010.09.26 17:44:42 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2007.04.26 14:14:30 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2007.04.26 14:14:30 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2007.04.26 14:14:30 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.12 03:00:23 | 002,097,152 | -H-- | M] () -- C:\Dokumente und Einstellungen\Detlef\ntuser.dat
[2010.10.12 02:58:50 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Detlef\Desktop\OTL.exe
[2010.10.12 02:56:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.12 02:56:19 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.10.12 02:56:04 | 000,088,556 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.10.12 02:56:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.12 02:56:02 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.12 02:56:01 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.12 02:55:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.12 02:55:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.12 02:54:45 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Detlef\ntuser.ini
[2010.10.12 02:50:36 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.10.12 02:50:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.12 01:52:06 | 000,273,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.10.12 00:06:57 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.09 17:16:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1004.job
[2010.10.07 15:09:05 | 001,024,808 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.07 15:09:05 | 000,458,808 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.07 15:09:05 | 000,440,998 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.07 15:09:05 | 000,084,666 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.07 15:09:05 | 000,071,316 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.04 18:20:02 | 004,632,029 | ---- | M] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:19:57 | 003,575,010 | ---- | M] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:19:54 | 003,371,882 | ---- | M] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:19:51 | 003,661,946 | ---- | M] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:19:48 | 004,018,465 | ---- | M] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.10.04 18:19:45 | 003,213,894 | ---- | M] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:19:42 | 002,800,532 | ---- | M] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:19:39 | 003,935,291 | ---- | M] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:19:36 | 003,017,453 | ---- | M] () -- C:\01 Club of Sons.wma.MP3
[2010.09.26 17:47:18 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.10.12 00:06:59 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.12 00:06:57 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.11 20:57:34 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.04 18:14:14 | 003,213,894 | ---- | C] () -- C:\04 Thousand Doors.wma.MP3
[2010.10.04 18:14:01 | 002,800,532 | ---- | C] () -- C:\03 Follow the Patron.wma.MP3
[2010.10.04 18:13:45 | 003,935,291 | ---- | C] () -- C:\02 Dying Ants.wma.MP3
[2010.10.04 18:13:33 | 003,017,453 | ---- | C] () -- C:\01 Club of Sons.wma.MP3
[2010.10.04 18:13:15 | 004,632,029 | ---- | C] () -- C:\09 The Black Mirror.wma.MP3
[2010.10.04 18:13:00 | 003,575,010 | ---- | C] () -- C:\08 About Hope.wma.MP3
[2010.10.04 18:12:47 | 003,371,882 | ---- | C] () -- C:\07 Inside your Lies.wma.MP3
[2010.10.04 18:12:30 | 003,661,946 | ---- | C] () -- C:\06 Just One Tear.wma.MP3
[2010.10.04 18:12:14 | 004,018,465 | ---- | C] () -- C:\05 Grey Bleeding Heart.wma.MP3
[2010.09.26 17:47:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.09.26 13:51:59 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.05.31 18:14:16 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.04.24 19:06:21 | 000,000,158 | ---- | C] () -- C:\WINDOWS\civ.ini
[2009.11.24 22:24:29 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\Combo-Fix.sys
[2009.09.10 16:05:18 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.06.05 22:29:08 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2009.06.05 22:27:49 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.12.02 23:58:56 | 000,231,390 | ---- | C] () -- C:\Programme\RootkitRevealer.zip
[2008.11.27 16:24:25 | 000,027,626 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Svclog.log
[2008.10.31 17:02:17 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WorldBuilder.INI
[2008.05.30 16:00:35 | 000,000,253 | ---- | C] () -- C:\WINDOWS\ktel.ini
[2008.02.08 15:15:47 | 000,399,360 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008.02.08 15:15:46 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.02.08 15:15:38 | 000,151,040 | -HS- | C] () -- C:\WINDOWS\System32\VistaUltm.dll
[2008.02.08 15:15:38 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\Smab0.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2008.02.07 23:49:47 | 003,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2008.02.07 23:49:47 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.02.07 23:49:47 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.02.07 18:16:13 | 000,000,024 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.02.07 18:16:11 | 000,088,064 | ---- | C] () -- C:\WINDOWS\System32\AudioExCtl.dll
[2008.02.07 18:15:10 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2007.10.20 16:53:10 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.09.19 17:51:17 | 000,000,264 | ---- | C] () -- C:\WINDOWS\game.ini
[2007.08.07 23:21:10 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.07 22:11:59 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.07.12 01:43:26 | 000,006,537 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007.06.27 16:43:38 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\viscomqtde.dll
[2007.06.27 16:43:38 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.05.27 15:26:32 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.04.30 11:47:56 | 000,000,020 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLec.DAT
[2007.04.29 15:57:32 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.04.26 14:14:30 | 000,390,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2007.04.26 14:14:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2007.04.26 14:14:30 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2007.04.26 14:09:57 | 000,000,408 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007.04.25 17:58:29 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.04.21 14:00:43 | 000,000,469 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.04.21 13:51:17 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2007.04.21 13:09:03 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.04.21 12:55:22 | 000,005,042 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.04.21 12:55:18 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.08.11 22:45:20 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.08.11 22:43:10 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.08.11 22:43:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.08.11 22:43:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.08.11 22:43:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.08.11 22:43:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.08.11 22:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2002.09.10 17:10:05 | 000,495,616 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >

--- --- ---

cosinus · 12.10.2010, 11:31

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
PRC - C:\Programme\iatsky\iatsky.exe ()
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\D.tmp File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
O4 - HKLM..\Run: [IATSKY] C:\Programme\iatsky\iatsky.exe ()
O4 - HKCU..\Run: [{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D}] C:\WINDOWS\System32\win32GI\svhost.exe File not found
O36 - AppCertDlls: nlsfol32 - (C:\WINDOWS\system32\cidasec6.dll) - C:\WINDOWS\System32\cidasec6.dll File not found
[2010.10.09 14:58:24 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Server
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
:Files
C:\Programme\iatsky
C:\WINDOWS\System32\win32GI
:Commands
[purity]
[resethosts]
[emptytemp]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

El_Kimmo · 12.10.2010, 12:09

All processes killed
========== OTL ==========
No active process named iatsky.exe was found!
Error: No service named MEMSWEEP2 was found to stop!
Service\Driver key MEMSWEEP2 not found.
File C:\WINDOWS\System32\D.tmp File not found not found.
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\System32\drivers\EagleNT.sys File not found not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IATSKY deleted successfully.
C:\Programme\iatsky\iatsky.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5FFA5C2-F80C-EB92-15E5-50CB6D007E4D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\nlsfol32:C:\WINDOWS\system32\cidasec6.dll deleted successfully.
Folder move failed. C:\Dokumente und Einstellungen\All Users\Dokumente\Server scheduled to be moved on reboot.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

FC5A2B2 deleted successfully.
========== FILES ==========
C:\Programme\iatsky\resources folder moved successfully.
C:\Programme\iatsky folder moved successfully.
File\Folder C:\WINDOWS\System32\win32GI not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 5899320 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes

User: Detlef
->Temp folder emptied: 134947 bytes
->Temporary Internet Files folder emptied: 45503 bytes
->FireFox cache emptied: 32948597 bytes
->Flash cache emptied: 1219 bytes

User: Lea

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: User

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134333 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 78302011 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 114,00 mb

OTL by OldTimer - Version 3.2.15.0 log created on 10122010_130344

Files\Folders moved on Reboot...
Folder move failed. C:\Dokumente und Einstellungen\All Users\Dokumente\Server scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus · 12.10.2010, 13:12

Dann bitte jetzt CF (neu) ausführen, cofi.exe neu herunterladen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.

Dann folgende Anleitung durchlesen und abarbeiten -> CCleaner Systembereinigung

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

El_Kimmo · 12.10.2010, 13:52

ComboFix 10-10-11.04 - Detlef 12.10.2010 14:35:54.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.2047.1660 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Detlef\Desktop\cofi.exe.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\dokumente und einstellungen\All Users\Dokumente\Server\server.dat
C:\hasdfkasif.exe
c:\hasdfkasif.exe\config.bin
c:\hasdfkasif.exe\hasdfkasif.exe
.
---- Vorheriger Suchlauf -------
.
c:\dokumente und einstellungen\User\Anwendungsdaten\.Tribler\isdn.dll
c:\dokumente und einstellungen\User\Anwendungsdaten\Adobe\pup.exe
c:\dokumente und einstellungen\User\Anwendungsdaten\Ahead\ven32.exe
c:\dokumente und einstellungen\User\Anwendungsdaten\Apple Computer\kls.dll
c:\dokumente und einstellungen\User\Anwendungsdaten\ArcSoft\regs32.exe

Infizierte Kopie von c:\windows\system32\winlogon.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\ERDNT\cache\winlogon.exe wurde wiederhergestellt

Infizierte Kopie von c:\windows\explorer.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\ERDNT\cache\explorer.exe wurde wiederhergestellt

.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_31FF
-------\Legacy_3AEB
-------\Legacy_6406
-------\Legacy_989A
-------\Legacy_A9910
-------\Legacy_AD37
-------\Legacy_D3BE
-------\Legacy_E098
-------\Legacy_EB32
-------\Legacy_F4F4
-------\Legacy_FF5C
-------\Legacy_MEMSWEEP2
-------\Service_31fF
-------\Service_3aeB
-------\Service_6406
-------\Service_989A
-------\Service_a9910
-------\Service_ad37
-------\Service_d3bE
-------\Service_e098
-------\Service_eb32
-------\Service_f4f4
-------\Service_ff5C
-------\Service_MEMSWEEP2
-------\Service_No30oiaschp
-------\Legacy_31FF
-------\Legacy_3AEB
-------\Legacy_6406
-------\Legacy_989A
-------\Legacy_A9910
-------\Legacy_AD37
-------\Legacy_D3BE
-------\Legacy_E098
-------\Legacy_EB32
-------\Legacy_F4F4
-------\Legacy_FF5C

((((((((((((((((((((((( Dateien erstellt von 2010-09-12 bis 2010-10-12 ))))))))))))))))))))))))))))))
.

2010-10-12 11:54 . 2010-10-12 12:29 -------- d-----w- c:\dokumente und einstellungen\Detlef\Anwendungsdaten\ICQ
2010-10-12 11:54 . 2010-10-12 11:54 -------- d-----w- c:\dokumente und einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\AOL
2010-10-12 10:58 . 2010-10-12 10:58 -------- d-----w- C:\_OTL
2010-10-12 00:09 . 2010-10-12 00:09 -------- d-----w- c:\dokumente und einstellungen\Detlef\Lokale Einstellungen\Anwendungsdaten\Adobe
2010-10-11 23:52 . 2010-10-11 23:52 -------- d-----w- c:\dokumente und einstellungen\Detlef\Anwendungsdaten\Apple Computer
2010-10-11 21:12 . 2010-10-11 21:12 -------- d-----w- c:\dokumente und einstellungen\Detlef\Anwendungsdaten\Malwarebytes
2010-10-11 18:57 . 2010-10-11 18:57 -------- d-----w- c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DBControl
2010-10-11 18:57 . 2010-10-11 18:57 -------- d-----w- c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DBControl
2010-09-26 15:44 . 2010-09-26 15:44 -------- d-----w- c:\programme\Gemeinsame Dateien\Skype

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2007-12-17 13:43 27648 --sh--w- c:\windows\system32\Smab0.dll
2008-02-04 19:26 151040 --sh--w- c:\windows\system32\VistaUltm.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-11-24_19.34.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 19:54 . 2009-07-11 19:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-12 00:07 . 2009-07-12 00:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 00:19 . 2009-07-12 00:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2010-04-24 17:06 . 1994-09-20 22:00 12800 c:\windows\system32\WING32.DLL
+ 2007-01-29 08:58 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
- 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2004-08-04 12:00 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 75776 c:\windows\system32\strmfilt.dll
+ 2004-08-04 12:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2010-03-08 21:30 . 2008-03-21 12:57 14640 c:\windows\system32\spmsgXP_2k3.dll
- 2008-01-29 21:46 . 2008-07-08 13:00 18808 c:\windows\system32\spmsg.dll
+ 2008-01-29 21:46 . 2010-02-22 14:22 18808 c:\windows\system32\spmsg.dll
+ 2004-08-04 12:00 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 79872 c:\windows\system32\raschap.dll
+ 2010-03-30 22:16 . 2010-03-30 22:16 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2010-05-31 16:14 . 2010-05-31 16:14 66872 c:\windows\system32\PnkBstrA.exe
- 2004-08-04 12:00 . 2009-10-25 19:23 71316 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2010-10-07 13:09 71316 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2010-10-07 13:09 84666 c:\windows\system32\perfc007.dat
- 2004-08-04 12:00 . 2009-10-25 19:23 84666 c:\windows\system32\perfc007.dat
+ 2009-11-06 23:07 . 2009-11-06 23:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-05 20:17 . 2009-11-05 20:17 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-04 00:57 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2007-04-21 12:07 . 2008-08-13 09:22 24576 c:\windows\system32\msxml3a.dll
+ 2004-08-04 12:00 . 2009-11-27 16:08 28672 c:\windows\system32\msvidc32.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 11264 c:\windows\system32\msrle32.dll
+ 2004-08-04 12:00 . 2009-11-27 16:08 11264 c:\windows\system32\msrle32.dll
+ 2004-08-04 12:00 . 2008-05-19 05:33 18944 c:\windows\system32\msisip.dll
+ 2004-08-04 12:00 . 2008-05-19 00:57 95744 c:\windows\system32\msiexec.exe
+ 2006-07-28 06:10 . 2009-12-21 13:42 15616 c:\windows\system32\mot_ci.dll
+ 2009-06-12 18:38 . 2010-05-12 11:42 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2004-08-04 00:57 . 2009-11-27 16:08 48128 c:\windows\system32\iyuv_32.dll
- 2004-08-04 12:00 . 2009-09-25 05:35 81920 c:\windows\system32\ieencode.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 81920 c:\windows\system32\ieencode.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 80384 c:\windows\system32\iccvid.dll
+ 2004-08-04 12:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
+ 2004-08-04 12:00 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll
- 2004-08-04 12:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2004-08-04 12:00 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
+ 2010-03-09 17:48 . 2009-10-27 11:02 23936 c:\windows\system32\DRVSTORE\motport_8D8D33AD41012F86EAEB5F1E61B6042B8F506586\motport.sys
+ 2010-03-09 17:48 . 2009-12-22 09:00 23552 c:\windows\system32\DRVSTORE\motousbnet_6D791DAFE11EF3F28FC4B4204124883A85101411\Motousbnet.sys
+ 2010-03-09 17:48 . 2009-05-08 10:56 42752 c:\windows\system32\DRVSTORE\motodrv_D06C801EA18A8B7745FF946C777072E286BBC9E8\motodrv.sys
+ 2010-03-09 17:48 . 2009-12-21 13:42 15616 c:\windows\system32\DRVSTORE\motodrv_D06C801EA18A8B7745FF946C777072E286BBC9E8\mot_ci.dll
+ 2010-03-09 17:48 . 2009-07-10 12:01 25856 c:\windows\system32\DRVSTORE\motoandroi_9C5ADBB3F416A3229DD948F7BBC46ECA50A38AC1\motoandroid.sys
+ 2010-03-09 17:48 . 2009-10-27 11:02 23936 c:\windows\system32\DRVSTORE\motmodem_0AFD2376E9CEC21E2C9824A1713C17124B94ACE8\motmodem.sys
+ 2010-03-08 21:30 . 2009-06-19 15:59 19712 c:\windows\system32\DRVSTORE\motccgp_A0FA88AB3B3F3737224F9CFABDF26194C9F2A878\motccgp.sys
+ 2006-11-02 06:22 . 2008-03-27 15:27 35040 c:\windows\system32\drivers\wdfldr.sys
+ 2010-05-31 16:14 . 2010-05-31 16:14 22328 c:\windows\system32\drivers\PnkBstrK.sys
+ 2007-04-21 12:03 . 2010-06-25 23:06 28256 c:\windows\system32\drivers\MxlW2k.sys
- 2007-04-21 12:03 . 2008-02-20 12:17 28256 c:\windows\system32\drivers\MxlW2k.sys
+ 2010-03-09 17:48 . 2009-12-22 09:00 23552 c:\windows\system32\drivers\Motousbnet.sys
+ 2010-03-09 17:48 . 2009-10-27 11:02 23936 c:\windows\system32\drivers\motmodem.sys
+ 2010-03-08 21:30 . 2009-06-19 15:59 19712 c:\windows\system32\drivers\motccgp.sys
+ 2008-12-01 20:18 . 2010-04-29 10:19 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2008-12-01 20:18 . 2010-04-29 10:19 20952 c:\windows\system32\drivers\mbam.sys
+ 2010-06-16 16:28 . 2008-04-13 17:45 10368 c:\windows\system32\drivers\hidusb.sys
+ 2009-10-30 11:59 . 2009-12-07 19:13 56816 c:\windows\system32\drivers\avgntflt.sys
+ 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2004-08-04 12:00 . 2009-11-27 16:08 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-05-19 05:33 . 2008-05-19 05:33 18944 c:\windows\system32\dllcache\msisip.dll
+ 2008-05-19 00:57 . 2008-05-19 00:57 95744 c:\windows\system32\dllcache\msiexec.exe
+ 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll
- 2009-02-20 08:09 . 2009-09-25 05:35 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-02-20 08:09 . 2010-06-24 12:10 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll
+ 2010-06-16 16:28 . 2008-04-13 17:45 10368 c:\windows\system32\dllcache\hidusb.sys
- 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-01-13 14:00 . 2010-01-13 14:00 86528 c:\windows\system32\dllcache\cabview.dll
- 2009-06-10 14:13 . 2009-06-10 14:13 85504 c:\windows\system32\dllcache\avifil32.dll
+ 2009-06-10 14:13 . 2009-11-27 16:08 85504 c:\windows\system32\dllcache\avifil32.dll
+ 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-04 12:00 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
- 2007-04-21 10:54 . 2009-11-24 18:02 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat
+ 2007-04-21 10:54 . 2010-05-18 17:43 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat
+ 2007-04-21 10:54 . 2010-05-18 17:43 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat
- 2007-04-21 10:54 . 2009-11-24 18:02 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat
+ 2010-05-10 20:39 . 2010-05-18 17:43 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2004-08-04 12:00 . 2010-01-13 14:00 86528 c:\windows\system32\cabview.dll
+ 2004-08-04 12:00 . 2009-11-27 16:08 85504 c:\windows\system32\avifil32.dll
- 2004-08-04 12:00 . 2009-06-10 14:13 85504 c:\windows\system32\avifil32.dll
+ 2004-08-04 12:00 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
+ 2010-04-24 17:06 . 1994-09-20 22:00 92208 c:\windows\system\WING.DLL
+ 2010-04-24 17:06 . 1993-11-18 22:00 43520 c:\windows\system\MSVIDC.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 11776 c:\windows\system\MSRLE.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 22816 c:\windows\system\MSACM.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 49616 c:\windows\system\MSACM.DLL
+ 2010-04-24 17:06 . 1995-03-21 22:00 50096 c:\windows\system\IYVU9.DLL
+ 2010-04-24 17:06 . 1994-09-01 22:00 65408 c:\windows\system\ICCVID.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 14208 c:\windows\system\CTL3D.DLL
+ 2010-04-24 17:06 . 1993-11-18 22:00 12800 c:\windows\system\ACMCMPRS.DLL
+ 2010-04-07 21:48 . 2010-04-07 21:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-09-22 07:43 . 2010-09-22 07:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-09-23 13:55 . 2010-09-23 13:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-09-23 01:17 . 2010-09-23 01:17 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 17:19 . 2003-02-20 17:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-09-23 01:17 . 2010-09-23 01:17 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-03-06 16:55 . 2010-03-06 16:55 20480 c:\windows\Installer\289c2.msi
+ 2010-03-18 19:45 . 2010-03-18 19:45 22528 c:\windows\Installer\1efbe9.msi
+ 2010-05-19 17:52 . 2010-05-19 17:52 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-11-24 23:43 . 2009-11-24 23:43 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2010-03-08 21:33 . 2010-03-09 17:51 54576 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\UNINST_Uninstall_N_9478A81BBD0A41A094DC4C1702BA87D8.exe
+ 2009-12-24 19:41 . 2009-12-24 19:41 25214 c:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-07-05 18:40 . 2010-09-18 22:44 40960 c:\windows\Installer\{90850407-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2009-12-03 13:42 . 2009-12-03 13:42 25214 c:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-09-18 22:44 . 2010-09-18 22:44 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-06-04 14:00 . 2010-09-29 17:07 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-09-26 11:52 . 2010-09-26 11:52 25214 c:\windows\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\ARPPRODUCTICON.exe
+ 2010-02-11 13:43 . 2010-02-11 13:43 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-04-12 16:52 . 2010-04-12 16:52 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2003-07-15 04:57 . 2003-07-15 04:57 58944 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\SEQCHK10.DLL
+ 2003-07-15 04:52 . 2003-07-15 04:52 55360 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\MSOHTMED.EXE
+ 2003-07-15 04:52 . 2003-07-15 04:52 67128 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\MSOHEV.DLL
+ 2009-10-12 09:48 . 2009-10-12 09:48 66856 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\webaccessproxy.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 38184 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\usbdevice.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 46888 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\transfertranscoding.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 49448 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\transcodermgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 17704 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\threadmgt.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 16168 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\prescandirectory.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 79144 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\photoeditor.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 20776 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\pctransfermgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 17704 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nwmplaylist.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 42792 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nthumbnailmgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 87336 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nserviceentry.exe
+ 2009-10-12 09:48 . 2009-10-12 09:48 34088 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nsdi.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 99624 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nplayback.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 42280 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nlog.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 52520 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nexternplaylist.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 42280 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nevp6dec.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 62760 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nefileid.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 95528 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ned3d9rendering.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 20264 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ndevicemonitor.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 21800 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.store.dll
+ 2009-10-12 09:42 . 2009-10-12 09:42 31104 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.dashboard.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 86824 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.applications.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 83240 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmdb.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 37160 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\massenc.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 66856 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ituneplaylist.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 46376 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\interop.pimmgtlib.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 11048 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\interop.nthumbnailmgtlib.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 15656 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\interop.nplaybacklib.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 15656 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\interop.nmediaeditinglib.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 21288 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\fileplugin_wpd.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 16168 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\fileplugin_win.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 26408 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\fileplugin_cd.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 18728 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\filemonitor.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 15656 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\errorhandling.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 23848 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\dbaccess.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_f29fc1d6\System.Drawing.Design.dll
+ 2010-10-07 13:06 . 2010-10-07 13:06 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_431aaa2b\CustomMarshalers.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\dd5ce29ac227f3d0fd81b84621a57477\WindowsLiveWriter.ni.exe
+ 2010-08-11 16:26 . 2010-08-11 16:26 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\67a565eaa748e11f0953953cbdcd4e72\WindowsLive.Writer.Api.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-08-11 16:28 . 2010-08-11 16:28 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\9eba4732354d330d1d86f0416fd40817\stdole.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 29184 c:\windows\assembly\NativeImages_v2.0.50727_32\SFMARKETLib\898c9256ffaa39ac35f45b30ff6952e0\SFMARKETLib.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-08-11 01:10 . 2010-08-11 01:10 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 43008 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Store\7ff8156172cda90a7a9137e29ae56f5c\MML.Modules.Store.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 74240 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.DashBoa#\9cc0bfce93c4c2940f0149241e55e788\MML.Modules.DashBoard.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\db075fbeb39bc6ea1e26681f53bc6bc6\Microsoft.Practices.ServiceLocation.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 40960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\2f2065ec9a37162fb295124d052a9599\Microsoft.Practices.Composite.UnityExtensions.ni. dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.QTOControlL#\dadbf611053f0d02879b38026f3b7a10\Interop.QTOControlLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 76800 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.PortableDev#\a4502dca169ba72d83a999ffddc96760\Interop.PortableDeviceTypesLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 77312 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.PortableDev#\3864c153b210d87e0c50f484e199db42\Interop.PortableDeviceApiLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 77312 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.PimMgtLib\945f8ab91de25c29f88a1ea4054f94e7\interop.PimMgtLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.NThumbnailM#\0ff069c250ee961629a09b19a5fc1dc1\interop.NThumbnailMgtLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 29696 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.NPlaybackLib\2c5191dd63a615fd9a318f749d619836\interop.NPlaybackLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.NMetaDataLib\111284f634fe394b55b1b7ec5509b5d8\interop.NMetaDataLib.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 28672 c:\windows\assembly\NativeImages_v2.0.50727_32\interop.NMediaEditi#\cd331d2505b803916a42a7e3ac0a2996\interop.NMediaEditingLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBUICONTR#\6fd33218b948fe194cd822d9623b60fe\Interop.CDDBUICONTROLLibSMS.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 72192 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBLINKLib#\92bca08c28bb23d2f46f0c6783a35ce0\Interop.CDDBLINKLibSMS.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 31744 c:\windows\assembly\NativeImages_v2.0.50727_32\Interfaces\4bca70a1883e0f7e9304b33f8da2aafd\Interfaces.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-08-11 16:26 . 2010-08-11 16:26 59904 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.QTOContro#\2a057e9da8c6bb98caf7a741e5171f30\AxInterop.QTOControlLib.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-08-22 12:43 . 2009-08-22 12:43 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-10-07 13:06 . 2010-10-07 13:06 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-03-08 21:30 . 2006-11-02 06:22 32224 c:\windows\$NtUninstallWdf01007$\wdfldr.sys
+ 2010-08-11 01:05 . 2008-04-14 02:22 80384 c:\windows\$NtUninstallKB982665$\iccvid.dll
+ 2010-06-08 23:38 . 2010-02-26 05:41 81920 c:\windows\$NtUninstallKB982381$\ieencode.dll
+ 2010-05-27 13:27 . 2010-01-23 08:11 46080 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-27 13:27 . 2010-04-22 22:21 16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-03-30 22:26 . 2009-12-22 05:07 81920 c:\windows\$NtUninstallKB980182$\ieencode.dll
+ 2010-06-08 23:44 . 2008-04-14 02:22 65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-04-14 23:18 . 2008-04-14 02:22 84992 c:\windows\$NtUninstallKB979309$\cabview.dll
+ 2010-02-24 17:36 . 2009-10-28 15:07 46080 c:\windows\$NtUninstallKB979306$\tzchange.exe
+ 2010-02-24 17:36 . 2010-01-23 10:40 16896 c:\windows\$NtUninstallKB979306$\spuninst\tzchange.dll
+ 2010-01-22 20:37 . 2009-09-25 05:35 81920 c:\windows\$NtUninstallKB978207$\ieencode.dll
+ 2010-02-09 22:51 . 2008-04-14 02:22 32256 c:\windows\$NtUninstallKB978037$\csrsrv.dll
+ 2010-02-09 22:51 . 2004-08-04 12:00 25600 c:\windows\$NtUninstallKB977914$\msvidc32.dll
+ 2010-02-09 22:51 . 2008-04-14 02:22 11264 c:\windows\$NtUninstallKB977914$\msrle32.dll
+ 2010-02-09 22:51 . 2008-04-14 02:22 47616 c:\windows\$NtUninstallKB977914$\iyuv_32.dll
+ 2010-02-09 22:51 . 2009-06-10 14:13 85504 c:\windows\$NtUninstallKB977914$\avifil32.dll
+ 2009-11-24 23:44 . 2009-07-14 11:03 46080 c:\windows\$NtUninstallKB976098-v2$\tzchange.exe
+ 2009-11-24 23:44 . 2009-10-29 02:03 16896 c:\windows\$NtUninstallKB976098-v2$\spuninst\tzchange.dll
+ 2010-02-09 22:51 . 2008-04-14 02:22 16896 c:\windows\$NtUninstallKB975560$\msyuv.dll
+ 2009-12-09 21:02 . 2008-04-14 02:22 79872 c:\windows\$NtUninstallKB974318$\raschap.dll
+ 2010-01-13 23:08 . 2009-06-16 14:36 81920 c:\windows\$NtUninstallKB972270$\fontsub.dll
+ 2009-12-09 21:02 . 2008-04-14 02:22 75776 c:\windows\$NtUninstallKB970430$\strmfilt.dll
+ 2009-12-09 21:02 . 2008-04-14 02:22 24576 c:\windows\$NtUninstallKB970430$\httpapi.dll
+ 2010-03-08 21:27 . 2008-04-14 02:22 15360 c:\windows\$NtUninstallKB942288-v3$\msisip.dll
+ 2010-03-08 21:27 . 2008-04-14 02:22 78848 c:\windows\$NtUninstallKB942288-v3$\msiexec.exe
+ 2010-08-11 01:10 . 2010-04-16 16:06 81920 c:\windows\$NtUninstallKB2183461$\ieencode.dll
+ 2010-08-11 01:05 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB982665\update\spcustom.dll
+ 2010-08-11 01:05 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB982665\spmsg.dll
+ 2010-06-17 14:00 . 2010-06-17 14:00 80384 c:\windows\$hf_mig$\KB982665\SP3QFE\iccvid.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB982381\update\spcustom.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB982381\spmsg.dll
+ 2010-04-16 15:59 . 2010-04-16 15:59 81920 c:\windows\$hf_mig$\KB982381\SP3QFE\ieencode.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB982214\update\spcustom.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB982214\spmsg.dll
+ 2010-08-11 01:05 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981997\update\spcustom.dll
+ 2010-08-11 01:05 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB981997\spmsg.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB981852\update\spcustom.dll
+ 2010-08-10 19:56 . 2010-06-17 13:45 16896 c:\windows\$hf_mig$\KB981852\update\mpsyschk.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB981852\spmsg.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB981349\update\spcustom.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB981349\spmsg.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980436\update\spcustom.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB980436\spmsg.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB980232\update\spcustom.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 18808 c:\windows\$hf_mig$\KB980232\spmsg.dll
+ 2010-06-08 23:47 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980218\update\spcustom.dll
+ 2010-06-08 23:47 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB980218\spmsg.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB980195\spmsg.dll
+ 2010-03-30 22:26 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB980182\update\spcustom.dll
+ 2010-03-30 22:26 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB980182\spmsg.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 81920 c:\windows\$hf_mig$\KB980182\SP3QFE\ieencode.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979683\update\spcustom.dll
+ 2010-04-14 19:13 . 2010-03-05 14:53 16896 c:\windows\$hf_mig$\KB979683\update\mpsyschk.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB979683\spmsg.dll
+ 2010-06-08 23:46 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll
+ 2010-06-08 23:46 . 2009-05-26 09:01 18808 c:\windows\$hf_mig$\KB979559\spmsg.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-03-05 14:50 . 2010-03-05 14:50 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB979309\update\spcustom.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB979309\spmsg.dll
+ 2010-01-13 13:48 . 2010-01-13 13:48 86528 c:\windows\$hf_mig$\KB979309\SP3QFE\cabview.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978706\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978706\spmsg.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB978601\update\spcustom.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB978601\spmsg.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978338\update\spcustom.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978338\spmsg.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978262\update\spcustom.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978262\spmsg.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978251\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978251\spmsg.dll
+ 2010-01-22 20:37 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB978207\update\spcustom.dll
+ 2010-01-22 20:37 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB978207\spmsg.dll
+ 2009-12-22 05:05 . 2009-12-22 05:05 81920 c:\windows\$hf_mig$\KB978207\SP3QFE\ieencode.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978037\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978037\spmsg.dll
+ 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\$hf_mig$\KB978037\SP3QFE\csrsrv.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977914\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB977914\spmsg.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 28672 c:\windows\$hf_mig$\KB977914\SP3QFE\msvidc32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 11264 c:\windows\$hf_mig$\KB977914\SP3QFE\msrle32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 48128 c:\windows\$hf_mig$\KB977914\SP3QFE\iyuv_32.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 85504 c:\windows\$hf_mig$\KB977914\SP3QFE\avifil32.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977816\update\spcustom.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB977816\spmsg.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB977165\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB977165\spmsg.dll
+ 2009-12-09 21:02 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB976325\update\spcustom.dll
+ 2009-12-09 21:02 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB976325\spmsg.dll
+ 2009-09-25 05:32 . 2009-09-25 05:32 81920 c:\windows\$hf_mig$\KB976325\SP3QFE\ieencode.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975713\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB975713\spmsg.dll
+ 2010-06-08 23:44 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-06-08 23:44 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2010-03-11 15:01 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB975561\update\spcustom.dll
+ 2010-03-11 15:01 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB975561\spmsg.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975560\update\spcustom.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB975560\spmsg.dll
+ 2009-11-27 17:23 . 2009-11-27 17:23 17920 c:\windows\$hf_mig$\KB975560\SP3QFE\msyuv.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974392\update\spcustom.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB974392\spmsg.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974318\update\spcustom.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB974318\spmsg.dll
+ 2009-10-12 13:29 . 2009-10-12 13:29 79872 c:\windows\$hf_mig$\KB974318\SP3QFE\raschap.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973904\update\spcustom.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB973904\spmsg.dll
+ 2009-11-24 23:44 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB973687\update\spcustom.dll
+ 2009-11-24 23:44 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB973687\spmsg.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB972270\update\spcustom.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB972270\spmsg.dll
+ 2010-01-13 20:35 . 2009-10-15 16:38 81920 c:\windows\$hf_mig$\KB972270\SP3QFE\fontsub.dll
+ 2009-12-09 21:01 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB971737\update\spcustom.dll
+ 2009-12-09 21:01 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB971737\spmsg.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB971468\update\spcustom.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB971468\spmsg.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB970430\update\spcustom.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB970430\spmsg.dll
+ 2009-10-21 05:41 . 2009-10-21 05:41 75776 c:\windows\$hf_mig$\KB970430\SP3QFE\strmfilt.dll
+ 2009-10-21 05:41 . 2009-10-21 05:41 25088 c:\windows\$hf_mig$\KB970430\SP3QFE\httpapi.dll
+ 2010-01-13 23:08 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB955759\update\spcustom.dll
+ 2010-01-13 23:08 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB955759\spmsg.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB2286198\update\spcustom.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB2286198\spmsg.dll
+ 2010-07-14 14:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-07-14 14:02 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB2183461\update\spcustom.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB2183461\spmsg.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 81920 c:\windows\$hf_mig$\KB2183461\SP3QFE\ieencode.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 26488 c:\windows\$hf_mig$\KB2160329\update\spcustom.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 18808 c:\windows\$hf_mig$\KB2160329\spmsg.dll
+ 2010-08-11 01:10 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2115168\update\spcustom.dll
+ 2010-08-11 01:10 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB2115168\spmsg.dll
+ 2010-08-11 01:09 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2079403\update\spcustom.dll
+ 2010-08-11 01:09 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB2079403\spmsg.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-05-05 05:25 . 2010-07-22 06:19 5632 c:\windows\system32\xpsp4res.dll
+ 2001-08-18 04:54 . 2009-11-27 16:08 8704 c:\windows\system32\tsbyuv.dll
- 2009-11-01 14:07 . 2009-11-01 14:07 5632 c:\windows\system32\pndx5032.dll
+ 2009-11-01 14:07 . 2010-03-06 16:55 5632 c:\windows\system32\pndx5032.dll
+ 2009-11-01 14:07 . 2010-03-06 16:55 6656 c:\windows\system32\pndx5016.dll
- 2009-11-01 14:07 . 2009-11-01 14:07 6656 c:\windows\system32\pndx5016.dll
+ 2004-08-04 12:00 . 2008-04-17 00:43 2560 c:\windows\system32\msimsg.dll
+ 2010-03-09 17:48 . 2010-01-25 18:56 9472 c:\windows\system32\DRVSTORE\motusbdevi_4F7E6DAFBCC5BFBD9F5E79EE8F9E5A7CAA4E99DA\motusbdevice.sys
+ 2010-03-09 17:48 . 2007-11-02 14:51 6400 c:\windows\system32\DRVSTORE\motousbnet_6D791DAFE11EF3F28FC4B4204124883A85101411\motswch.sys
+ 2010-03-09 17:48 . 2009-01-29 16:11 6016 c:\windows\system32\DRVSTORE\motousbnet_6D791DAFE11EF3F28FC4B4204124883A85101411\motfilt.sys
+ 2010-03-08 21:30 . 2007-11-02 14:51 6400 c:\windows\system32\DRVSTORE\motccgp_A0FA88AB3B3F3737224F9CFABDF26194C9F2A878\motswch.sys
+ 2010-03-08 21:30 . 2009-01-29 16:18 8320 c:\windows\system32\DRVSTORE\motccgp_A0FA88AB3B3F3737224F9CFABDF26194C9F2A878\motccgpfl.sys
+ 2010-03-08 21:30 . 2007-11-02 14:51 6400 c:\windows\system32\drivers\motswch.sys
+ 2010-03-08 21:30 . 2009-01-29 16:11 6016 c:\windows\system32\drivers\motfilt.sys
+ 2010-03-08 21:30 . 2009-01-29 16:18 8320 c:\windows\system32\drivers\motccgpfl.sys
+ 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2008-04-17 00:43 . 2008-04-17 00:43 2560 c:\windows\system32\dllcache\msimsg.dll
+ 2010-04-24 17:06 . 1994-09-20 22:00 6736 c:\windows\system\WINGDIB.DRV
+ 2010-04-24 17:06 . 1993-11-18 22:00 7168 c:\windows\system\DISPDIB.DLL
+ 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-16 21:17 . 2009-10-16 21:17 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-10-16 21:17 . 2009-10-16 21:17 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-02-09 22:51 . 2004-08-04 12:00 8192 c:\windows\$NtUninstallKB977914$\tsbyuv.dll
+ 2009-11-27 16:28 . 2009-11-27 16:28 8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 00:12 . 2009-07-12 00:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 00:09 . 2009-07-12 00:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 00:08 . 2009-07-12 00:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2004-08-04 12:00 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 293888 c:\windows\system32\winsrv.dll
+ 2004-08-04 12:00 . 2010-06-18 17:44 293888 c:\windows\system32\winsrv.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 672768 c:\windows\system32\wininet.dll
- 2004-08-04 12:00 . 2009-09-25 05:35 672768 c:\windows\system32\wininet.dll
+ 2004-08-04 12:00 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll
- 2004-08-04 12:00 . 2008-05-09 10:54 430080 c:\windows\system32\vbscript.dll
+ 2004-08-04 12:00 . 2010-03-09 11:09 430080 c:\windows\system32\vbscript.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 406016 c:\windows\system32\usp10.dll
+ 2004-08-04 12:00 . 2010-04-16 15:36 406016 c:\windows\system32\usp10.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 628736 c:\windows\system32\urlmon.dll
- 2004-08-04 12:00 . 2009-09-25 05:35 628736 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed.dll
- 2004-08-04 12:00 . 2009-06-16 14:36 119808 c:\windows\system32\t2embed.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 474624 c:\windows\system32\shlwapi.dll
+ 2004-08-04 12:00 . 2009-12-08 09:23 474624 c:\windows\system32\shlwapi.dll
+ 2004-08-04 12:00 . 2010-06-30 12:28 149504 c:\windows\system32\schannel.dll
+ 2004-08-04 12:00 . 2010-07-22 15:48 590848 c:\windows\system32\rpcrt4.dll
- 2009-11-01 14:07 . 2009-11-01 14:07 185920 c:\windows\system32\rmoc3260.dll
+ 2010-03-06 16:56 . 2010-03-06 16:56 185920 c:\windows\system32\rmoc3260.dll
+ 2004-08-04 12:00 . 2009-10-12 13:38 150528 c:\windows\system32\rastls.dll
+ 2010-03-30 22:10 . 2010-03-30 22:10 295264 c:\windows\system32\PresentationHost.exe
+ 2010-05-31 16:14 . 2010-05-31 16:14 103736 c:\windows\system32\PnkBstrB.exe
+ 2007-06-17 13:51 . 2010-03-06 16:55 278528 c:\windows\system32\pncrt.dll
- 2007-06-17 13:51 . 2009-11-01 14:06 278528 c:\windows\system32\pncrt.dll
+ 2004-08-04 12:00 . 2010-10-07 13:09 440998 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2009-10-25 19:23 440998 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2009-10-25 19:23 458808 c:\windows\system32\perfh007.dat
+ 2004-08-04 12:00 . 2010-10-07 13:09 458808 c:\windows\system32\perfh007.dat
+ 2010-05-31 16:14 . 2010-05-31 16:14 669184 c:\windows\system32\pbsvc.exe
+ 2004-08-04 12:00 . 2009-10-13 10:32 271360 c:\windows\system32\oakley.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 271360 c:\windows\system32\oakley.dll
+ 2007-04-26 12:04 . 2010-03-06 16:55 348160 c:\windows\system32\msvcr71.dll
- 2007-04-26 12:04 . 2009-11-01 14:06 348160 c:\windows\system32\msvcr71.dll
+ 2007-04-26 12:04 . 2010-03-06 16:55 499712 c:\windows\system32\msvcp71.dll
- 2007-04-26 12:04 . 2009-11-01 14:06 499712 c:\windows\system32\msvcp71.dll
+ 2007-04-21 10:45 . 2009-12-17 07:40 346624 c:\windows\system32\mspaint.exe
- 2007-04-21 10:45 . 2008-04-14 02:22 346624 c:\windows\system32\mspaint.exe
+ 2004-08-04 12:00 . 2008-05-19 05:33 332800 c:\windows\system32\msihnd.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 297808 c:\windows\system32\mscoree.dll
- 2006-10-18 19:47 . 2006-10-18 19:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-18 19:47 . 2010-03-30 10:24 317440 c:\windows\system32\mp4sdecd.dll
+ 2010-07-05 16:38 . 2010-07-05 16:38 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe
+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 c:\windows\system32\Macromed\Flash\FlashUtil10e.exe
+ 2007-04-21 10:47 . 2010-06-09 07:43 692736 c:\windows\system32\inetcomm.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 251904 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 251904 c:\windows\system32\iepeers.dll
+ 2007-04-21 11:39 . 2010-08-11 14:14 757344 c:\windows\system32\FNTCACHE.DAT
+ 2010-04-29 17:39 . 2004-08-12 09:06 188416 c:\windows\system32\eax.dll
+ 2010-03-08 21:30 . 2009-03-02 21:00 103552 c:\windows\system32\DRVSTORE\Moser_D7089C7835F0E7ECEC244A670740F4C8336E0FA1\Mousbser.sys
+ 2010-03-08 21:30 . 2009-03-02 21:00 103552 c:\windows\system32\DRVSTORE\Momdm_D7089C7835F0E7ECEC244A670740F4C8336E0FA1\Mousbser.sys
+ 2006-11-02 06:22 . 2008-03-27 15:27 503008 c:\windows\system32\drivers\wdf01000.sys
+ 2004-08-04 12:00 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-04 12:00 . 2010-06-21 15:27 354304 c:\windows\system32\drivers\srv.sys
+ 2004-08-04 12:00 . 2010-02-24 13:11 455680 c:\windows\system32\drivers\mrxsmb.sys
+ 2004-08-04 12:00 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys
+ 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2010-06-18 17:44 . 2010-06-18 17:44 293888 c:\windows\system32\dllcache\winsrv.dll
- 2008-06-23 15:10 . 2009-09-25 05:35 672768 c:\windows\system32\dllcache\wininet.dll
+ 2008-06-23 15:10 . 2010-06-24 12:10 672768 c:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:30 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
- 2008-05-09 10:54 . 2008-05-09 10:54 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2008-05-09 10:54 . 2010-03-09 11:09 430080 c:\windows\system32\dllcache\vbscript.dll
+ 2010-04-16 15:36 . 2010-04-16 15:36 406016 c:\windows\system32\dllcache\usp10.dll
+ 2008-06-26 08:12 . 2010-06-24 12:10 628736 c:\windows\system32\dllcache\urlmon.dll
- 2008-06-26 08:12 . 2009-09-25 05:35 628736 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
- 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2008-10-15 19:04 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys
+ 2009-12-08 09:23 . 2009-12-08 09:23 474624 c:\windows\system32\dllcache\shlwapi.dll
+ 2008-12-05 06:55 . 2010-06-30 12:28 149504 c:\windows\system32\dllcache\schannel.dll
+ 2009-04-15 14:51 . 2010-07-22 15:48 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 150528 c:\windows\system32\dllcache\rastls.dll
+ 2009-10-13 10:32 . 2009-10-13 10:32 271360 c:\windows\system32\dllcache\oakley.dll
+ 2009-12-17 07:40 . 2009-12-17 07:40 346624 c:\windows\system32\dllcache\mspaint.exe
+ 2008-05-19 05:33 . 2008-05-19 05:33 332800 c:\windows\system32\dllcache\msihnd.dll
+ 2008-11-12 19:15 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 10:24 . 2010-03-30 10:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2008-09-01 12:31 . 2010-06-09 07:43 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2010-02-26 05:41 . 2010-06-24 12:10 251904 c:\windows\system32\dllcache\iepeers.dll
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2010-07-14 13:24 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
+ 2010-04-20 05:29 . 2010-04-20 05:29 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2010-01-13 20:35 . 2009-11-21 15:54 471552 c:\windows\system32\dllcache\aclayers.dll
+ 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2008-03-11 14:56 . 2010-06-03 21:09 107888 c:\windows\system32\CmdLineExt.dll
- 2008-03-11 14:56 . 2009-10-07 22:08 107888 c:\windows\system32\CmdLineExt.dll
+ 2010-03-12 11:04 . 2010-02-12 10:03 293376 c:\windows\system32\browserchoice.exe
+ 2004-08-04 12:00 . 2010-04-20 05:29 285696 c:\windows\system32\atmfd.dll
- 2004-08-04 12:00 . 2008-04-14 02:20 285696 c:\windows\system32\atmfd.dll
+ 2004-08-04 12:00 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
+ 2010-04-24 17:06 . 1994-08-23 22:00 188960 c:\windows\system\WINGDE.DLL
+ 2010-04-24 17:06 . 1995-11-08 22:00 774960 c:\windows\system\IR41.DLL
+ 2010-04-24 17:06 . 1995-10-19 22:00 151744 c:\windows\system\IR32.DLL
- 2007-04-21 10:47 . 2008-04-14 02:22 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2007-04-21 10:47 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2010-03-30 22:16 . 2010-03-30 22:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-09-22 07:43 . 2010-09-22 07:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 10:22 . 2010-02-09 10:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2009-08-07 21:51 . 2009-08-07 21:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-09-23 00:25 . 2010-09-23 00:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-09-23 01:17 . 2010-09-23 01:17 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-06-08 23:46 . 2010-06-08 23:46 200192 c:\windows\Installer\e2da35.msi
+ 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\e2da04.msp
+ 2010-06-16 16:31 . 2010-06-16 16:31 245760 c:\windows\Installer\bf082f.msi
+ 2010-03-08 21:29 . 2010-03-08 21:29 424960 c:\windows\Installer\bded74.msi
+ 2010-07-05 18:44 . 2010-07-05 18:44 381440 c:\windows\Installer\8110b8.msi
+ 2010-07-05 18:40 . 2010-07-05 18:40 894464 c:\windows\Installer\811099.msi
+ 2010-09-23 19:02 . 2010-09-23 19:02 798208 c:\windows\Installer\5838dc.msp
+ 2010-03-09 17:47 . 2010-03-09 17:47 370688 c:\windows\Installer\355c6.msi
+ 2010-06-11 17:07 . 2010-06-11 17:07 168960 c:\windows\Installer\34f99a.msp
+ 2010-04-06 20:45 . 2010-04-06 20:45 331264 c:\windows\Installer\3325c5.msi
+ 2009-11-24 23:43 . 2009-11-24 23:43 429568 c:\windows\Installer\26756d.msi
+ 2007-09-12 14:37 . 2007-09-12 14:37 344064 c:\windows\Installer\1c8548c.msp
+ 2010-03-08 21:33 . 2010-03-09 17:51 398640 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\NGP.exe1_AD452C6A9A6B4F93A7BEE4B129DFFCFA.exe
+ 2010-03-08 21:33 . 2010-03-09 17:51 361776 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\NewShortcut1_55371FD36E414386B2D0FECAEFFAD4DE.exe
+ 2010-03-08 21:33 . 2010-03-09 17:51 398640 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\MML.exe_9154F19F21A14345B997CED5FAD9F289.exe
+ 2010-03-08 21:33 . 2010-03-09 17:51 398640 c:\windows\Installer\{D9DC70B6-BE13-41DD-9053-9E617E72D085}\ARPPRODUCTICON.exe
+ 2010-09-26 15:44 . 2010-09-26 15:44 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-10-09 14:02 . 2010-10-09 14:02 295606 c:\windows\Installer\{AC76BA86-7AD7-1031-7B44-A81300000003}\SC_Reader.exe
+ 2010-07-05 18:40 . 2010-09-18 22:44 135168 c:\windows\Installer\{90850407-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-10-12 09:46 . 2009-10-12 09:46 132392 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\wpdenc.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 107816 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\webaccess.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 144680 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\thumbmgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 312616 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\pimmgt.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 185640 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nxconnector.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 173352 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ntrackandreportmgt.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 144680 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmvisualizernas.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 832808 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmthumbnailiconsgen.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 480552 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmsseffects.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 472360 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmslideshow.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 103720 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmediaediting.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 337192 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmdefaultdrmdialogs.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 513320 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmcdrip.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 173352 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nlicensemgt.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 427304 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nevcr.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 623920 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerovmrmodules.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 132392 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerocontentfinder.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 390440 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerocaptureapi.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 202024 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nereplaygain.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 353576 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\neem2v.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 128296 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\neem2a.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 124200 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nedvencoder.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 816424 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nedtshddec.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 320808 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nddenoisedmo.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 316712 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ndcolordmo.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 886056 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\ndaudio.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 156968 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\moviewizard.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 103720 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmsync.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 116008 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmlupdateservice.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 208168 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmlupdate.exe
+ 2009-10-12 09:45 . 2009-10-12 09:45 128296 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmlregistration.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 210728 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mmlcc.exe
+ 2009-10-12 09:48 . 2009-10-12 09:48 462120 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.themes.dll
+ 2009-10-12 09:47 . 2009-10-12 09:47 173352 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.resources.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 186152 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.uicommon.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 113448 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.settings.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 236328 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.media.video.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 270120 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.media.photo.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 287528 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.modules.media.music.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 679208 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.infrastructure.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 247080 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\metadatamgt.dll
+ 2009-10-12 09:45 . 2009-10-12 09:45 116008 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\liveupdatetactics.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 247080 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\em2v.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 111912 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\effectmgr.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 263464 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\deleteuserdata.dll
+ 2009-10-12 09:46 . 2009-10-12 09:46 111912 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\categorymgt.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 533800 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\areadylb_nero.dll
+ 2008-11-12 19:15 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys
+ 2010-10-07 13:07 . 2010-10-07 13:07 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_f614ca9f\System.Drawing.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_a4af38ed\System.Drawing.Design.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_7b6643fa\CustomMarshalers.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-10-07 15:25 . 2010-10-07 15:25 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\f39d526b39e8928e719d9ce8a971383e\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f06626ccee27150b618f6ff8e4b83dba\WindowsLive.Writer.Extensibility.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e0e45d40fad4c1b13c93dbd1268410f3\WindowsLive.Writer.Passport.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d0916f4cf87dafdf941b66056dd0e005\WindowsLive.Writer.BlogClient.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c46d84073499887c745801bda334c97f\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\aa7ddbdf38e8a7129fb0befd951897f5\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8f73472385b353ebd6010d02ad42b2b6\WindowsLive.Writer.SpellChecker.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7619247d1c0a0779042423940f5f93de\WindowsLive.Writer.HtmlParser.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\56faab9a03f8863e76f75d8b6c70185b\WindowsLive.Writer.Localization.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4844cd1fac89240407ab5e2a4fe9c518\WindowsLive.Writer.BrowserControl.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\482300ac4d48e5c77dc319ec489e6bfc\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\436529704b6c85b97f68a5489dc82ab2\WindowsLive.Writer.FileDestinations.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3dce78aa75f081de7ad7cd480e64167a\WindowsLive.Writer.Interop.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1931e1807dc35a71bda7ce8b517c84ef\WindowsLive.Writer.Controls.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\18a657bcf90f1a3340e7e33ea4dad4c9\WindowsLive.Writer.Mshtml.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\088f2a6fd9107021e9b80ecc5c832334\WindowsLive.Writer.Instrumentation.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\4db92179406aa5a642aca6165defa8fe\WindowsLive.Client.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-08-11 16:28 . 2010-08-11 16:28 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.d ll
+ 2010-10-07 14:58 . 2010-10-07 14:58 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a140e8da81b3af34c864ad851fe150fd\System.Runtime.Remoting.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-08-11 16:28 . 2010-08-11 16:28 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\97bd2a5d946aa3a824e4cfe5b6ef95aa\System.Messaging.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\a055d54c458b7557d957c714551873c3\sysglobl.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-08-11 16:26 . 2010-08-11 16:26 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-08-11 14:17 . 2010-08-11 14:17 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 601088 c:\windows\assembly\NativeImages_v2.0.50727_32\PerstNET\6418e07758921b45e87606e6a1f9a817\PerstNET.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-08-11 16:25 . 2010-08-11 16:25 523776 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Themes\3f47d9eaf638e804cc9b3695cece37ab\MML.Themes.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 608768 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.UICommon\d6310dfcaf59f85baf69571dc7cfb76e\MML.Modules.UICommon.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 251392 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Settings\444043e7be9691a0a022e97c200293e8\MML.Modules.Settings.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 747520 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Media.V#\6dd5a8d7945d7a01d15109e2c7e467c4\MML.Modules.Media.Video.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 847360 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Media.P#\6eefe319dcba0248696aa7cba8841f4d\MML.Modules.Media.Photo.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 218624 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Applica#\b550ca72867b18b84f9e8e01c57459e4\MML.Modules.Applications.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 234496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\84340b2a3e00e9c502b271c52eeb8a6b\Microsoft.Practices.Composite.Presentation.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 292864 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\4f522c46ae629da1500dc36f7c65a4d3\Microsoft.Practices.ObjectBuilder2.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 310272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\48ee4cd2f8011a42f3675103e607f83f\Microsoft.Practices.Composite.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 197632 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\0d2b334ebad61e0eaa81d24afc92a0c1\Microsoft.Practices.Unity.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 264192 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Utils\31a87c97f519d3b9e6821b51db4c2952\MediaManager.Utils.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 272384 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Splash#\4010d3ef164921339edb67934792f793\MediaManager.SplashScreen.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 948736 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.GUI\1f4a2fe8c4419b2a88ca4e6f7f3c11ac\MediaManager.GUI.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 856576 c:\windows\assembly\NativeImages_v2.0.50727_32\Lucene.Net\641ee86e2dbd2cab638e815d58ac360e\Lucene.Net.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 657920 c:\windows\assembly\NativeImages_v2.0.50727_32\log4net\31494515a8e82f798f90c995169ac344\log4net.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 812032 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WMPLib\857490da2c27ea6f2bac1a0309da6c97\Interop.WMPLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 311808 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.SHDocVw\bb9dc25ca7771593464ac6571c598468\Interop.SHDocVw.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 204288 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.QTOLibrary\6767424c471042ccfe043a96fd2f051a\Interop.QTOLibrary.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 100864 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\9223f7593d66861845c023dd9708587f\Interop.IWshRuntimeLibrary.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 374784 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBCONTROL#\a00294415f985f9d7f2f567dc1d3b17d\Interop.CDDBCONTROLLibSMS.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 210432 c:\windows\assembly\NativeImages_v2.0.50727_32\GCPlayer\5c41c0c896042a9468d0ac24514040c9\GCPlayer.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-08-11 16:26 . 2010-08-11 16:26 151552 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.WMPLib\81a7ea2aab9275894cae2c648f229989\AxInterop.WMPLib.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.SHDocVw\00dcc80d73005bc2c3072c44008c2e7f\AxInterop.SHDocVw.ni.dll
+ 2010-10-07 15:24 . 2010-10-07 15:24 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 626176 c:\windows\assembly\NativeImages_v2.0.50727_32\AdvrCntrProxy\3ef7b4961849f7279420860b3850f684\AdvrCntrProxy.ni.dll
- 2009-10-16 21:16 . 2009-10-16 21:16 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-08-22 12:43 . 2009-08-22 12:43 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-16 21:16 . 2009-10-16 21:16 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2004-08-04 12:00 . 2009-11-21 15:54 471552 c:\windows\AppPatch\aclayers.dll

El_Kimmo · 12.10.2010, 13:53

+ 2010-03-08 21:30 . 2006-11-02 06:22 492000 c:\windows\$NtUninstallWdf01007$\wdf01000.sys
+ 2010-03-08 21:30 . 2008-03-21 12:57 379184 c:\windows\$NtUninstallWdf01007$\spuninst\updspapi.dll
+ 2010-03-08 21:30 . 2008-03-21 12:57 221488 c:\windows\$NtUninstallWdf01007$\spuninst\spuninst.exe
+ 2010-08-11 01:05 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB982665$\spuninst\updspapi.dll
+ 2010-08-11 01:05 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB982665$\spuninst\spuninst.exe
+ 2010-06-08 23:38 . 2010-02-26 05:41 672768 c:\windows\$NtUninstallKB982381$\wininet.dll
+ 2010-06-08 23:38 . 2010-02-26 05:41 628736 c:\windows\$NtUninstallKB982381$\urlmon.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB982381$\spuninst\updspapi.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB982381$\spuninst\spuninst.exe
+ 2010-06-08 23:38 . 2010-02-26 05:41 251904 c:\windows\$NtUninstallKB982381$\iepeers.dll
+ 2010-08-11 01:10 . 2009-12-31 16:50 353792 c:\windows\$NtUninstallKB982214$\srv.sys
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB982214$\spuninst\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB982214$\spuninst\spuninst.exe
+ 2010-08-11 01:05 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB981997$\spuninst\updspapi.dll
+ 2010-08-11 01:05 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB981997$\spuninst\spuninst.exe
+ 2010-08-11 01:09 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB981852$\spuninst\updspapi.dll
+ 2010-08-11 01:09 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB981852$\spuninst\spuninst.exe
+ 2010-05-27 13:27 . 2009-05-26 09:01 388984 c:\windows\$NtUninstallKB981793$\spuninst\updspapi.dll
+ 2010-05-27 13:27 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB981793$\spuninst\spuninst.exe
+ 2010-04-14 23:19 . 2008-05-09 10:54 430080 c:\windows\$NtUninstallKB981349$\vbscript.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB981349$\spuninst\updspapi.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB981349$\spuninst\spuninst.exe
+ 2010-08-11 01:07 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB980436$\spuninst\updspapi.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB980436$\spuninst\spuninst.exe
+ 2010-08-11 01:07 . 2009-06-25 08:25 147456 c:\windows\$NtUninstallKB980436$\schannel.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 388984 c:\windows\$NtUninstallKB980232$\spuninst\updspapi.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB980232$\spuninst\spuninst.exe
+ 2010-04-14 23:20 . 2009-12-04 18:22 455424 c:\windows\$NtUninstallKB980232$\mrxsmb.sys
+ 2010-06-08 23:47 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB980218$\spuninst\updspapi.dll
+ 2010-06-08 23:47 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB980218$\spuninst\spuninst.exe
+ 2010-06-08 23:47 . 2008-04-14 02:20 285696 c:\windows\$NtUninstallKB980218$\atmfd.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 388984 c:\windows\$NtUninstallKB980195$\spuninst\updspapi.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB980195$\spuninst\spuninst.exe
+ 2010-03-30 22:26 . 2009-12-22 05:07 672768 c:\windows\$NtUninstallKB980182$\wininet.dll
+ 2010-03-30 22:26 . 2009-12-22 05:07 628736 c:\windows\$NtUninstallKB980182$\urlmon.dll
+ 2010-03-30 22:26 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB980182$\spuninst\updspapi.dll
+ 2010-03-30 22:26 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB980182$\spuninst\spuninst.exe
+ 2010-03-30 22:26 . 2008-04-14 02:22 251904 c:\windows\$NtUninstallKB980182$\iepeers.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979683$\spuninst\updspapi.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979683$\spuninst\spuninst.exe
+ 2010-06-08 23:46 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979559$\spuninst\updspapi.dll
+ 2010-06-08 23:46 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB979559$\spuninst\spuninst.exe
+ 2010-06-08 23:44 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979482$\spuninst\updspapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979482$\spuninst\spuninst.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979309$\spuninst\updspapi.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB979309$\spuninst\spuninst.exe
+ 2010-02-24 17:36 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979306$\spuninst\updspapi.dll
+ 2010-02-24 17:36 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979306$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978706$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978706$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2008-04-14 02:22 346624 c:\windows\$NtUninstallKB978706$\mspaint.exe
+ 2010-06-08 23:44 . 2007-07-27 21:11 382840 c:\windows\$NtUninstallKB978695_WM9$\spuninst\updspapi.dll
+ 2010-06-08 23:44 . 2007-07-27 18:46 234872 c:\windows\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe
+ 2010-04-14 23:18 . 2008-04-14 02:22 176640 c:\windows\$NtUninstallKB978601$\wintrust.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978601$\spuninst\updspapi.dll
+ 2010-04-14 23:18 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB978601$\spuninst\spuninst.exe
+ 2010-05-11 22:26 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-05-11 22:26 . 2008-04-11 19:04 691712 c:\windows\$NtUninstallKB978542$\inetcomm.dll
+ 2010-04-14 23:19 . 2008-06-20 11:08 225856 c:\windows\$NtUninstallKB978338$\tcpip6.sys
+ 2010-04-14 23:19 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978338$\spuninst\updspapi.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978338$\spuninst\spuninst.exe
+ 2010-04-14 23:19 . 2008-04-14 02:22 100352 c:\windows\$NtUninstallKB978338$\6to4svc.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978262$\spuninst\updspapi.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978262$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978251$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978251$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2008-10-24 11:21 455296 c:\windows\$NtUninstallKB978251$\mrxsmb.sys
+ 2010-01-22 20:37 . 2009-10-29 05:24 672768 c:\windows\$NtUninstallKB978207$\wininet.dll
+ 2010-01-22 20:37 . 2009-10-29 05:24 628736 c:\windows\$NtUninstallKB978207$\urlmon.dll
+ 2010-01-22 20:37 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978207$\spuninst\updspapi.dll
+ 2010-01-22 20:37 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB978207$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978037$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978037$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB977914$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB977914$\spuninst\spuninst.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB977816$\spuninst\updspapi.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB977816$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB977165$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB977165$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2009-09-25 05:35 672768 c:\windows\$NtUninstallKB976325$\wininet.dll
+ 2009-12-09 21:02 . 2009-09-25 05:35 628736 c:\windows\$NtUninstallKB976325$\urlmon.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB976325$\spuninst\updspapi.dll
+ 2009-12-09 21:02 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB976325$\spuninst\spuninst.exe
+ 2009-11-24 23:44 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB976098-v2$\spuninst\updspapi.dll
+ 2009-11-24 23:44 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB976098-v2$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975713$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB975713$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2008-04-14 02:22 474624 c:\windows\$NtUninstallKB975713$\shlwapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975562$\spuninst\updspapi.dll
+ 2010-06-08 23:44 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB975562$\spuninst\spuninst.exe
+ 2010-03-11 15:01 . 2009-05-26 16:10 388984 c:\windows\$NtUninstallKB975561$\spuninst\updspapi.dll
+ 2010-03-11 15:01 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB975561$\spuninst\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975560$\spuninst\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB975560$\spuninst\spuninst.exe
+ 2009-12-09 21:01 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB974392$\spuninst\updspapi.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB974392$\spuninst\spuninst.exe
+ 2009-12-09 21:01 . 2008-04-14 02:22 271360 c:\windows\$NtUninstallKB974392$\oakley.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB974318$\spuninst\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB974318$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2008-04-14 02:22 151040 c:\windows\$NtUninstallKB974318$\rastls.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB973904$\spuninst\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB973904$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2004-08-04 12:00 116288 c:\windows\$NtUninstallKB973904$\msconv97.dll
+ 2009-11-24 23:44 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB973687$\spuninst\updspapi.dll
+ 2009-11-24 23:44 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB973687$\spuninst\spuninst.exe
+ 2010-01-13 23:08 . 2009-06-16 14:36 119808 c:\windows\$NtUninstallKB972270$\t2embed.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 388984 c:\windows\$NtUninstallKB972270$\spuninst\updspapi.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB972270$\spuninst\spuninst.exe
+ 2009-12-09 21:01 . 2008-12-16 12:30 354304 c:\windows\$NtUninstallKB971737$\winhttp.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB971737$\spuninst\updspapi.dll
+ 2009-12-09 21:01 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB971737$\spuninst\spuninst.exe
+ 2010-02-09 22:53 . 2008-12-11 10:57 333952 c:\windows\$NtUninstallKB971468$\srv.sys
+ 2010-02-09 22:53 . 2008-07-08 13:00 388984 c:\windows\$NtUninstallKB971468$\spuninst\updspapi.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB971468$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB970430$\spuninst\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB970430$\spuninst\spuninst.exe
+ 2009-12-09 21:02 . 2008-04-13 18:53 264832 c:\windows\$NtUninstallKB970430$\http.sys
+ 2010-01-13 23:08 . 2009-05-26 16:10 388984 c:\windows\$NtUninstallKB955759$\spuninst\updspapi.dll
+ 2010-01-13 23:08 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB955759$\spuninst\spuninst.exe
+ 2010-01-13 23:08 . 2008-04-14 02:22 451072 c:\windows\$NtUninstallKB955759$\aclayers.dll
+ 2010-03-08 21:27 . 2007-11-30 04:39 388984 c:\windows\$NtUninstallKB942288-v3$\spuninst\updspapi.dll
+ 2010-03-08 21:27 . 2007-11-30 04:39 234872 c:\windows\$NtUninstallKB942288-v3$\spuninst\spuninst.exe
+ 2010-03-08 21:27 . 2008-04-13 15:39 884736 c:\windows\$NtUninstallKB942288-v3$\msimsg.dll
+ 2010-03-08 21:27 . 2008-04-14 02:22 271360 c:\windows\$NtUninstallKB942288-v3$\msihnd.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB2286198$\spuninst\updspapi.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB2286198$\spuninst\spuninst.exe
+ 2010-07-14 14:02 . 2010-02-22 17:52 388984 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-07-14 14:02 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-07-14 14:02 . 2008-04-14 02:22 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-08-11 01:10 . 2010-04-16 16:06 672768 c:\windows\$NtUninstallKB2183461$\wininet.dll
+ 2010-08-11 01:10 . 2010-04-16 16:06 628736 c:\windows\$NtUninstallKB2183461$\urlmon.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB2183461$\spuninst\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB2183461$\spuninst\spuninst.exe
+ 2010-08-11 01:10 . 2010-04-16 16:06 251904 c:\windows\$NtUninstallKB2183461$\iepeers.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 388984 c:\windows\$NtUninstallKB2160329$\spuninst\updspapi.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 234872 c:\windows\$NtUninstallKB2160329$\spuninst\spuninst.exe
+ 2010-08-11 01:10 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB2115168$\spuninst\updspapi.dll
+ 2010-08-11 01:10 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB2115168$\spuninst\spuninst.exe
+ 2010-08-11 01:09 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB2079403$\spuninst\updspapi.dll
+ 2010-08-11 01:09 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB2079403$\spuninst\spuninst.exe
+ 2010-08-11 01:05 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB982665\update\updspapi.dll
+ 2010-08-11 01:05 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB982665\update\update.exe
+ 2010-08-11 01:05 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB982665\spuninst.exe
+ 2010-06-08 23:38 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB982381\update\updspapi.dll
+ 2010-06-08 23:38 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB982381\update\update.exe
+ 2010-06-08 23:38 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB982381\spuninst.exe
+ 2010-04-16 16:00 . 2010-04-16 16:00 674304 c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 629760 c:\windows\$hf_mig$\KB982381\SP3QFE\urlmon.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 251904 c:\windows\$hf_mig$\KB982381\SP3QFE\iepeers.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB982214\update\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB982214\update\update.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB982214\spuninst.exe
+ 2010-08-10 19:56 . 2010-06-21 14:18 354304 c:\windows\$hf_mig$\KB982214\SP3QFE\srv.sys
+ 2010-08-11 01:05 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB981997\update\updspapi.dll
+ 2010-08-11 01:05 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB981997\update\update.exe
+ 2010-08-11 01:05 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB981997\spuninst.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB981852\update\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB981852\update\update.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB981852\spuninst.exe
+ 2010-04-14 23:19 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB981349\update\updspapi.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB981349\update\update.exe
+ 2010-04-14 23:19 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB981349\spuninst.exe
+ 2010-03-09 11:07 . 2010-03-09 11:07 430080 c:\windows\$hf_mig$\KB981349\SP3QFE\vbscript.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB980436\update\updspapi.dll
+ 2010-08-11 01:07 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB980436\update\update.exe
+ 2010-08-11 01:07 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB980436\spuninst.exe
+ 2010-06-30 12:23 . 2010-06-30 12:23 149504 c:\windows\$hf_mig$\KB980436\SP3QFE\schannel.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 388984 c:\windows\$hf_mig$\KB980232\update\updspapi.dll
+ 2010-04-14 23:20 . 2009-05-26 09:01 765304 c:\windows\$hf_mig$\KB980232\update\update.exe
+ 2010-04-14 23:20 . 2009-05-26 09:01 234872 c:\windows\$hf_mig$\KB980232\spuninst.exe
+ 2010-04-14 19:12 . 2010-02-24 11:57 457216 c:\windows\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys
+ 2010-06-08 23:47 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB980218\update\updspapi.dll
+ 2010-06-08 23:47 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB980218\update\update.exe
+ 2010-06-08 23:47 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB980218\spuninst.exe
+ 2010-04-20 05:37 . 2010-04-20 05:37 285824 c:\windows\$hf_mig$\KB980218\SP3QFE\atmfd.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 388984 c:\windows\$hf_mig$\KB980195\update\updspapi.dll
+ 2010-06-08 23:47 . 2008-07-08 13:00 765304 c:\windows\$hf_mig$\KB980195\update\update.exe
+ 2010-06-08 23:47 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB980195\spuninst.exe
+ 2010-03-30 22:26 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB980182\update\updspapi.dll
+ 2010-03-30 22:26 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB980182\update\update.exe
+ 2010-03-30 22:26 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB980182\spuninst.exe
+ 2010-02-26 05:37 . 2010-02-26 05:37 674304 c:\windows\$hf_mig$\KB980182\SP3QFE\wininet.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 629760 c:\windows\$hf_mig$\KB980182\SP3QFE\urlmon.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 251904 c:\windows\$hf_mig$\KB980182\SP3QFE\iepeers.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979683\update\updspapi.dll
+ 2010-04-14 23:20 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979683\update\update.exe
+ 2010-04-14 23:20 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB979683\spuninst.exe
+ 2010-06-08 23:46 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979559\update\updspapi.dll
+ 2010-06-08 23:46 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979559\update\update.exe
+ 2010-06-08 23:46 . 2009-05-26 09:01 234872 c:\windows\$hf_mig$\KB979559\spuninst.exe
+ 2010-06-08 23:44 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-06-08 23:44 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979309\update\updspapi.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979309\update\update.exe
+ 2010-04-14 23:18 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB979309\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978706\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978706\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978706\spuninst.exe
+ 2009-12-17 07:37 . 2009-12-17 07:37 346624 c:\windows\$hf_mig$\KB978706\SP3QFE\mspaint.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978601\update\updspapi.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978601\update\update.exe
+ 2010-04-14 23:18 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB978601\spuninst.exe
+ 2009-12-24 06:42 . 2009-12-24 06:42 178176 c:\windows\$hf_mig$\KB978601\SP3QFE\wintrust.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-05-11 22:26 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-05-11 22:26 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978338\update\updspapi.dll
+ 2010-04-14 23:19 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978338\update\update.exe
+ 2010-04-14 23:19 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978338\spuninst.exe
+ 2010-02-11 11:36 . 2010-02-11 11:36 226880 c:\windows\$hf_mig$\KB978338\SP3QFE\tcpip6.sys
+ 2010-02-12 04:28 . 2010-02-12 04:28 100864 c:\windows\$hf_mig$\KB978338\SP3QFE\6to4svc.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978262\update\updspapi.dll
+ 2010-02-09 22:53 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978262\update\update.exe
+ 2010-02-09 22:53 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978262\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978251\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978251\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978251\spuninst.exe
+ 2010-02-09 21:24 . 2009-12-04 17:25 456832 c:\windows\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys
+ 2010-01-22 20:37 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978207\update\updspapi.dll
+ 2010-01-22 20:37 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978207\update\update.exe
+ 2010-01-22 20:37 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB978207\spuninst.exe
+ 2009-12-22 05:05 . 2009-12-22 05:05 674304 c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
+ 2009-12-22 05:05 . 2009-12-22 05:05 629760 c:\windows\$hf_mig$\KB978207\SP3QFE\urlmon.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978037\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978037\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978037\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB977914\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB977914\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB977914\spuninst.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB977816\update\updspapi.dll
+ 2010-04-14 23:18 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB977816\update\update.exe
+ 2010-04-14 23:18 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB977816\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB977165\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB977165\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB977165\spuninst.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB976325\update\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB976325\update\update.exe
+ 2009-12-09 21:02 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB976325\spuninst.exe
+ 2009-10-29 05:22 . 2009-10-29 05:22 674304 c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll
+ 2009-10-29 05:22 . 2009-10-29 05:22 629760 c:\windows\$hf_mig$\KB976325\SP3QFE\urlmon.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975713\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975713\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB975713\spuninst.exe
+ 2009-12-08 09:01 . 2009-12-08 09:01 474624 c:\windows\$hf_mig$\KB975713\SP3QFE\shlwapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-06-08 23:44 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-06-08 23:44 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2010-03-11 15:01 . 2009-05-26 16:10 388984 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2010-03-11 15:01 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975561\update\update.exe
+ 2010-03-11 15:01 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB975561\spuninst.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975560\update\updspapi.dll
+ 2010-02-09 22:51 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975560\update\update.exe
+ 2010-02-09 22:51 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB975560\spuninst.exe
+ 2009-12-09 21:01 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB974392\update\updspapi.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB974392\update\update.exe
+ 2009-12-09 21:01 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB974392\spuninst.exe
+ 2009-10-13 10:38 . 2009-10-13 10:38 271360 c:\windows\$hf_mig$\KB974392\SP3QFE\oakley.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB974318\update\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB974318\update\update.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB974318\spuninst.exe
+ 2009-10-12 13:29 . 2009-10-12 13:29 151040 c:\windows\$hf_mig$\KB974318\SP3QFE\rastls.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB973904\update\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB973904\update\update.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB973904\spuninst.exe
+ 2009-12-09 19:29 . 2009-07-29 14:01 119648 c:\windows\$hf_mig$\KB973904\SP3QFE\msconv97.dll
+ 2009-11-24 23:44 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB973687\update\updspapi.dll
+ 2009-11-24 23:44 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB973687\update\update.exe
+ 2009-11-24 23:44 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB973687\spuninst.exe
+ 2010-01-13 23:08 . 2008-07-08 13:00 388984 c:\windows\$hf_mig$\KB972270\update\updspapi.dll
+ 2010-01-13 23:08 . 2008-07-08 13:00 765304 c:\windows\$hf_mig$\KB972270\update\update.exe
+ 2010-01-13 23:08 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB972270\spuninst.exe
+ 2010-01-13 20:35 . 2009-10-15 16:38 119808 c:\windows\$hf_mig$\KB972270\SP3QFE\t2embed.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB971737\update\updspapi.dll
+ 2009-12-09 21:01 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB971737\update\update.exe
+ 2009-12-09 21:01 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB971737\spuninst.exe
+ 2009-08-25 09:27 . 2009-08-25 09:27 354816 c:\windows\$hf_mig$\KB971737\SP3QFE\winhttp.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 388984 c:\windows\$hf_mig$\KB971468\update\updspapi.dll
+ 2010-02-09 22:53 . 2008-07-08 13:00 765304 c:\windows\$hf_mig$\KB971468\update\update.exe
+ 2010-02-09 22:53 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB971468\spuninst.exe
+ 2010-02-09 21:24 . 2010-01-01 07:58 353792 c:\windows\$hf_mig$\KB971468\SP3QFE\srv.sys
+ 2009-12-09 21:02 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB970430\update\updspapi.dll
+ 2009-12-09 21:02 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB970430\update\update.exe
+ 2009-12-09 21:02 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB970430\spuninst.exe
+ 2009-10-20 15:21 . 2009-10-20 15:21 265728 c:\windows\$hf_mig$\KB970430\SP3QFE\http.sys
+ 2010-01-13 23:08 . 2009-05-26 16:10 388984 c:\windows\$hf_mig$\KB955759\update\updspapi.dll
+ 2010-01-13 23:08 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB955759\update\update.exe
+ 2010-01-13 23:08 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB955759\spuninst.exe
+ 2010-01-13 20:35 . 2009-11-21 15:42 471552 c:\windows\$hf_mig$\KB955759\SP3QFE\aclayers.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB2286198\update\updspapi.dll
+ 2010-08-03 13:25 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB2286198\update\update.exe
+ 2010-08-03 13:25 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB2286198\spuninst.exe
+ 2010-07-14 14:02 . 2010-02-22 17:52 388984 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-07-14 14:02 . 2010-02-22 14:21 765304 c:\windows\$hf_mig$\KB2229593\update\update.exe
+ 2010-07-14 14:02 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-07-14 13:24 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB2183461\update\updspapi.dll
+ 2010-08-11 01:10 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB2183461\update\update.exe
+ 2010-08-11 01:10 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB2183461\spuninst.exe
+ 2010-06-24 12:11 . 2010-06-24 12:11 674304 c:\windows\$hf_mig$\KB2183461\SP3QFE\wininet.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 629760 c:\windows\$hf_mig$\KB2183461\SP3QFE\urlmon.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 251904 c:\windows\$hf_mig$\KB2183461\SP3QFE\iepeers.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB2160329\update\updspapi.dll
+ 2010-08-11 01:07 . 2010-02-22 14:22 765304 c:\windows\$hf_mig$\KB2160329\update\update.exe
+ 2010-08-11 01:07 . 2010-02-22 14:22 234872 c:\windows\$hf_mig$\KB2160329\spuninst.exe
+ 2010-08-11 01:10 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB2115168\update\updspapi.dll
+ 2010-08-11 01:10 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB2115168\update\update.exe
+ 2010-08-11 01:10 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB2115168\spuninst.exe
+ 2010-08-11 01:09 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB2079403\update\updspapi.dll
+ 2010-08-11 01:09 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB2079403\update\update.exe
+ 2010-08-11 01:09 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB2079403\spuninst.exe
+ 2009-07-11 19:46 . 2009-07-11 19:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-11 19:46 . 2009-07-11 19:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2009-07-20 23:03 . 2009-07-20 23:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2004-08-04 12:00 . 2010-04-06 02:52 2462720 c:\windows\system32\WMVCore.dll
+ 2004-08-04 12:00 . 2010-06-24 09:02 1852032 c:\windows\system32\win32k.sys
+ 2010-03-08 21:30 . 2008-03-27 16:49 1112288 c:\windows\system32\wdfcoinstaller01007.dll
+ 2004-08-04 12:00 . 2010-07-27 06:29 8503296 c:\windows\system32\shell32.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 1509888 c:\windows\system32\shdocvw.dll
- 2004-08-04 12:00 . 2009-09-25 05:35 1509888 c:\windows\system32\shdocvw.dll
+ 2004-08-04 12:00 . 2010-02-05 18:25 1297408 c:\windows\system32\quartz.dll
+ 2004-08-04 12:00 . 2010-04-28 05:41 2148864 c:\windows\system32\ntoskrnl.exe
+ 2004-08-04 00:50 . 2010-04-28 05:41 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2008-08-29 19:06 . 2009-07-31 09:02 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-20 23:05 . 2009-07-20 23:05 1348432 c:\windows\system32\msxml4.dll
+ 2004-08-04 12:00 . 2010-06-14 07:41 1172480 c:\windows\system32\msxml3.dll
+ 2004-08-04 12:00 . 2008-05-19 05:33 4445184 c:\windows\system32\msi.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 3094016 c:\windows\system32\mshtml.dll
+ 2009-02-03 02:15 . 2010-07-05 16:38 5612496 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motusbdevi_4F7E6DAFBCC5BFBD9F5E79EE8F9E5A7CAA4E99DA\wdfcoinstaller01007.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motport_8D8D33AD41012F86EAEB5F1E61B6042B8F506586\wdfcoinstaller01007.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motousbnet_6D791DAFE11EF3F28FC4B4204124883A85101411\wdfcoinstaller01007.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motoandroi_9C5ADBB3F416A3229DD948F7BBC46ECA50A38AC1\wdfcoinstaller01007.dll
+ 2010-03-09 17:48 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motmodem_0AFD2376E9CEC21E2C9824A1713C17124B94ACE8\wdfcoinstaller01007.dll
+ 2010-03-08 21:30 . 2008-03-27 16:49 1112288 c:\windows\system32\DRVSTORE\motccgp_A0FA88AB3B3F3737224F9CFABDF26194C9F2A878\wdfcoinstaller01007.dll
+ 2004-08-04 12:00 . 2010-04-06 02:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-15 19:04 . 2010-06-24 09:02 1852032 c:\windows\system32\dllcache\win32k.sys
+ 2008-06-17 19:00 . 2010-07-27 06:29 8503296 c:\windows\system32\dllcache\shell32.dll
+ 2008-06-26 08:12 . 2010-06-24 12:10 1509888 c:\windows\system32\dllcache\shdocvw.dll
- 2008-06-26 08:12 . 2009-09-25 05:35 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-05-07 05:10 . 2010-02-05 18:25 1297408 c:\windows\system32\dllcache\quartz.dll
+ 2008-10-15 19:04 . 2010-04-28 18:11 2192256 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-11-27 16:37 . 2009-07-31 09:02 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2004-08-04 12:00 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-08-12 19:03 . 2010-01-29 14:59 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-12 19:03 . 2009-07-10 13:26 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-05-19 05:33 . 2008-05-19 05:33 4445184 c:\windows\system32\dllcache\msi.dll
+ 2008-06-23 15:10 . 2010-06-24 12:10 3094016 c:\windows\system32\dllcache\mshtml.dll
+ 2010-03-11 13:29 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2010-03-10 04:33 . 2010-06-24 12:10 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2009-11-06 23:06 . 2009-11-06 23:06 1130824 c:\windows\system32\dfshim.dll
- 2004-08-04 12:00 . 2008-04-14 02:22 1025024 c:\windows\system32\browseui.dll
+ 2004-08-04 12:00 . 2010-06-24 12:10 1025024 c:\windows\system32\browseui.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-11-25 02:59 . 2008-11-25 02:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-09-22 07:44 . 2010-09-22 07:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2009-08-07 21:51 . 2009-08-07 21:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 13:55 . 2010-09-23 13:55 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-09-23 13:55 . 2010-09-23 13:55 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 00:26 . 2010-09-23 00:26 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-09-23 00:25 . 2010-09-23 00:25 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-09-23 13:55 . 2010-09-23 13:55 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-04-11 20:17 . 2010-04-11 20:17 2607104 c:\windows\Installer\e2da11.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 4210688 c:\windows\Installer\e2da10.msp
+ 2009-11-08 22:25 . 2009-11-08 22:25 1935360 c:\windows\Installer\c734fb.msp
+ 2010-08-04 13:12 . 2010-08-04 13:12 1004544 c:\windows\Installer\a2be0c.msp
+ 2010-08-25 15:06 . 2010-08-25 15:06 6479360 c:\windows\Installer\a2be04.msp
+ 2010-09-26 11:52 . 2010-09-26 11:52 1223680 c:\windows\Installer\324b3d.msi
+ 2010-09-23 05:39 . 2010-09-23 05:39 4265472 c:\windows\Installer\28f9bf.msp
+ 2009-12-11 20:01 . 2009-12-11 20:01 3751424 c:\windows\Installer\1c85496.msp
+ 2009-08-25 08:59 . 2009-08-25 08:59 3731456 c:\windows\Installer\1c85483.msp
+ 2008-10-25 07:15 . 2008-10-25 07:15 6227456 c:\windows\Installer\1c85479.msp
+ 2009-09-29 07:08 . 2009-09-29 07:08 6747648 c:\windows\Installer\1c85470.msp
+ 2010-04-24 15:10 . 2010-04-24 15:10 8486400 c:\windows\Installer\1c85466.msp
+ 2010-10-09 14:02 . 2010-10-09 14:02 4242432 c:\windows\Installer\132de.msi
+ 2010-07-20 09:41 . 2010-07-20 09:41 3750912 c:\windows\Installer\11e4dcf.msp
+ 2010-07-10 18:14 . 2010-07-10 18:14 2850816 c:\windows\Installer\11e4dba.msp
+ 2010-09-26 15:44 . 2010-09-26 15:44 1575936 c:\windows\Installer\1080ad6.msi
+ 2007-05-31 11:37 . 2007-05-31 11:37 8812384 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.8173\WORDVIEW.EXE
+ 2005-05-03 18:09 . 2005-05-03 18:09 6864584 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\WORDVIEW.EXE
+ 2009-09-29 09:26 . 2009-09-29 09:26 1865000 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\uneromediacon.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 1007616 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\pst.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 2102568 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmttranscoder.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 2508072 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nmplaybackcomponent.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 4085032 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\neroipp.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 2135336 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerodigitalext.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 4457768 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\nerodigital.dll
+ 2009-09-29 09:26 . 2009-09-29 09:26 1062184 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\neee.dll
+ 2009-10-12 09:48 . 2009-10-12 09:48 1614632 c:\windows\Installer\$PatchCache$\Managed\6B07CD9D31EBDD140935E916E7270D58\1.0.5\mml.exe
+ 2009-08-19 16:04 . 2009-08-19 16:04 4542296 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\WRD12CNV.DLL
+ 2008-10-15 19:04 . 2010-04-28 18:11 2192256 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-15 19:04 . 2010-04-28 05:41 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-10-07 13:06 . 2010-10-07 13:06 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_709a6107\System.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_5dd8cef6\System.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_923f9c96\System.Xml.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_499dc5ab\System.Xml.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_9ee61cd5\System.Windows.Forms.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_6e250af5\System.Windows.Forms.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7395dc4f\System.Drawing.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_fa55dd17\System.Design.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_5f0de5b3\System.Design.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a4d4f14e\mscorlib.dll
+ 2010-10-07 13:07 . 2010-10-07 13:07 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_97129bf6\mscorlib.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d13674449b3ae21327820bddbd7e445f\WindowsLive.Writer.PostEditor.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\c266f56473a94ee07c092381c2ff9522\WindowsLive.Writer.CoreServices.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ba732eb3a84c96e8bf60495395efbfac\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll
+ 2010-10-07 14:58 . 2010-10-07 14:58 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4200f716e9a41cb91d17516ba864e586\System.Web.Mobile.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-10-09 10:57 . 2010-10-09 10:57 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-10-07 15:24 . 2010-10-07 15:24 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll
+ 2010-08-11 14:18 . 2010-08-11 14:18 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-08-11 14:17 . 2010-08-11 14:17 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1006592 c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.MediaSoftware.#\ed83e73efeb1f4b749fb75037f411eef\Sony.MediaSoftware.clrshared.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-08-11 14:16 . 2010-08-11 14:16 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 1604608 c:\windows\assembly\NativeImages_v2.0.50727_32\MML\9ffac1e881758ab0bcdba840b20460ff\MML.ni.exe
+ 2010-08-11 16:25 . 2010-08-11 16:25 1071104 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Modules.Media.M#\e116bba2e3b33ff4e1aa78178fdb1199\MML.Modules.Media.Music.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 2126848 c:\windows\assembly\NativeImages_v2.0.50727_32\MML.Infrastructure\4802b9bb0c47a0599176e8c00f42cdec\MML.Infrastructure.ni.dll
+ 2010-10-07 15:25 . 2010-10-07 15:25 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-11 16:25 . 2010-08-11 16:25 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-08-11 16:27 . 2010-08-11 16:27 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-08-11 16:26 . 2010-08-11 16:26 1786880 c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager\bd80d47c7868b76d47549b7a7cc29941\MediaManager.ni.exe
+ 2010-10-07 15:25 . 2010-10-07 15:25 7511552 c:\windows\assembly\NativeImages_v2.0.50727_32\AppCommon\4805a561c6fa0293f9ee54775f785d3f\AppCommon.ni.dll
+ 2010-06-24 00:59 . 2010-06-24 00:59 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-10-08 12:28 . 2010-10-08 12:28 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2009-08-22 12:47 . 2009-08-22 12:47 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-06-08 23:43 . 2010-06-08 23:43 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-06-24 00:59 . 2010-06-24 00:59 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-16 21:16 . 2009-10-16 21:16 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-10-16 21:17 . 2009-10-16 21:17 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-22 12:43 . 2009-08-22 12:43 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-06-24 00:59 . 2010-06-24 00:59 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-10-07 13:08 . 2010-10-07 13:08 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-10-16 21:13 . 2009-10-16 21:13 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-10-07 13:06 . 2010-10-07 13:06 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-10-07 13:06 . 2010-10-07 13:06 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-16 21:13 . 2009-10-16 21:13 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-10-08 08:31 . 2009-10-08 08:31 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-09-12 16:00 . 2010-09-12 16:00 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-08 23:38 . 2010-03-10 04:33 1509888 c:\windows\$NtUninstallKB982381$\shdocvw.dll
+ 2010-06-08 23:38 . 2010-02-26 05:41 3094016 c:\windows\$NtUninstallKB982381$\mshtml.dll
+ 2010-06-08 23:38 . 2010-03-10 04:33 1025024 c:\windows\$NtUninstallKB982381$\browseui.dll
+ 2010-08-11 01:05 . 2009-10-23 15:28 3558912 c:\windows\$NtUninstallKB981997$\moviemk.exe
+ 2010-08-11 01:09 . 2010-02-16 19:04 2148864 c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
+ 2010-08-11 01:09 . 2010-02-16 19:04 2027008 c:\windows\$NtUninstallKB981852$\ntkrpamp.exe
+ 2010-08-11 01:09 . 2010-02-16 19:04 2027008 c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
+ 2010-08-11 01:09 . 2010-02-16 19:04 2148864 c:\windows\$NtUninstallKB981852$\ntkrnlmp.exe
+ 2010-03-30 22:26 . 2009-12-22 05:07 1509888 c:\windows\$NtUninstallKB980182$\shdocvw.dll
+ 2010-03-30 22:26 . 2009-12-22 05:07 3092480 c:\windows\$NtUninstallKB980182$\mshtml.dll
+ 2010-03-30 22:26 . 2008-04-14 02:22 1025024 c:\windows\$NtUninstallKB980182$\browseui.dll
+ 2010-04-14 23:20 . 2009-12-09 10:05 2147840 c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
+ 2010-04-14 23:20 . 2009-12-09 10:05 2026496 c:\windows\$NtUninstallKB979683$\ntkrpamp.exe
+ 2010-04-14 23:20 . 2009-12-09 10:05 2026496 c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
+ 2010-04-14 23:20 . 2009-12-09 10:05 2147840 c:\windows\$NtUninstallKB979683$\ntkrnlmp.exe
+ 2010-06-08 23:46 . 2009-08-14 15:10 1850752 c:\windows\$NtUninstallKB979559$\win32k.sys
+ 2010-06-08 23:44 . 2009-05-20 02:56 2458112 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll
+ 2010-05-11 22:26 . 2009-07-10 13:26 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-01-22 20:37 . 2009-10-29 05:24 1509888 c:\windows\$NtUninstallKB978207$\shdocvw.dll
+ 2010-01-22 20:37 . 2009-10-29 18:54 3091968 c:\windows\$NtUninstallKB978207$\mshtml.dll
+ 2010-02-09 22:51 . 2009-08-04 17:26 2147840 c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
+ 2010-02-09 22:51 . 2009-08-04 17:25 2026496 c:\windows\$NtUninstallKB977165$\ntkrpamp.exe
+ 2010-02-09 22:51 . 2009-08-04 17:25 2026496 c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
+ 2010-02-09 22:51 . 2009-08-04 17:26 2147840 c:\windows\$NtUninstallKB977165$\ntkrnlmp.exe
+ 2009-12-09 21:02 . 2009-09-25 05:35 1509888 c:\windows\$NtUninstallKB976325$\shdocvw.dll
+ 2009-12-09 21:02 . 2009-10-19 23:51 3091968 c:\windows\$NtUninstallKB976325$\mshtml.dll
+ 2010-06-08 23:44 . 2009-11-27 17:11 1297408 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2010-03-11 15:01 . 2008-04-14 02:22 3558912 c:\windows\$NtUninstallKB975561$\moviemk.exe
+ 2010-02-09 22:51 . 2009-06-03 19:09 1296896 c:\windows\$NtUninstallKB975560$\quartz.dll
+ 2009-11-24 23:44 . 2008-09-10 01:13 1307648 c:\windows\$NtUninstallKB973687$\msxml6.dll
+ 2009-11-24 23:44 . 2008-09-04 17:15 1106944 c:\windows\$NtUninstallKB973687$\msxml3.dll
+ 2010-03-08 21:27 . 2008-04-14 02:22 2843136 c:\windows\$NtUninstallKB942288-v3$\msi.dll
+ 2010-08-03 13:25 . 2008-06-17 19:00 8502272 c:\windows\$NtUninstallKB2286198$\shell32.dll
+ 2010-08-11 01:10 . 2010-04-16 16:06 1509888 c:\windows\$NtUninstallKB2183461$\shdocvw.dll
+ 2010-08-11 01:10 . 2010-04-16 16:06 3094016 c:\windows\$NtUninstallKB2183461$\mshtml.dll
+ 2010-08-11 01:10 . 2010-04-16 16:06 1025024 c:\windows\$NtUninstallKB2183461$\browseui.dll
+ 2010-08-11 01:07 . 2010-05-02 08:05 1851392 c:\windows\$NtUninstallKB2160329$\win32k.sys
+ 2010-08-11 01:09 . 2009-07-31 04:32 1172480 c:\windows\$NtUninstallKB2079403$\msxml3.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 1509888 c:\windows\$hf_mig$\KB982381\SP3QFE\shdocvw.dll
+ 2010-04-16 16:00 . 2010-04-16 16:00 3094528 c:\windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll
+ 2010-04-16 15:59 . 2010-04-16 15:59 1025024 c:\windows\$hf_mig$\KB982381\SP3QFE\browseui.dll
+ 2010-08-10 19:56 . 2010-06-18 13:43 3558912 c:\windows\$hf_mig$\KB981997\SP3QFE\moviemk.exe
+ 2010-08-10 19:56 . 2010-04-28 05:15 2192384 c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
+ 2010-08-10 19:56 . 2010-04-28 05:15 2027008 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrpamp.exe
+ 2010-04-28 21:15 . 2010-04-28 21:15 2069248 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
+ 2010-08-10 19:56 . 2010-04-28 05:15 2148864 c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlmp.exe
+ 2010-03-10 04:54 . 2010-03-10 04:54 1509888 c:\windows\$hf_mig$\KB980182\SP3QFE\shdocvw.dll
+ 2010-02-26 05:37 . 2010-02-26 05:37 3094528 c:\windows\$hf_mig$\KB980182\SP3QFE\mshtml.dll
+ 2010-03-10 04:53 . 2010-03-10 04:53 1025024 c:\windows\$hf_mig$\KB980182\SP3QFE\browseui.dll
+ 2010-04-14 19:13 . 2010-02-16 18:58 2192384 c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
+ 2010-04-14 19:13 . 2010-02-16 18:58 2027008 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrpamp.exe
+ 2010-04-14 19:13 . 2010-02-16 18:58 2069248 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
+ 2010-04-14 19:13 . 2010-02-16 18:58 2148864 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlmp.exe
+ 2010-05-02 08:00 . 2010-05-02 08:00 1860480 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys
+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2009-12-22 05:05 . 2009-12-22 05:05 1509888 c:\windows\$hf_mig$\KB978207\SP3QFE\shdocvw.dll
+ 2009-12-22 05:05 . 2009-12-22 05:05 3094528 c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
+ 2009-12-09 14:29 . 2009-12-09 14:29 2191616 c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
+ 2010-02-09 21:23 . 2009-12-09 09:58 2026496 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrpamp.exe
+ 2009-12-09 14:29 . 2009-12-09 14:29 2068480 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
+ 2010-02-09 21:23 . 2009-12-09 09:58 2147840 c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlmp.exe
+ 2009-10-29 05:22 . 2009-10-29 05:22 1509888 c:\windows\$hf_mig$\KB976325\SP3QFE\shdocvw.dll
+ 2009-10-29 05:22 . 2009-10-29 05:22 3094016 c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll
+ 2010-02-05 18:28 . 2010-02-05 18:28 1297408 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2010-03-11 13:29 . 2009-10-23 14:53 3558912 c:\windows\$hf_mig$\KB975561\SP3QFE\moviemk.exe
+ 2009-11-27 17:23 . 2009-11-27 17:23 1297408 c:\windows\$hf_mig$\KB975560\SP3QFE\quartz.dll
+ 2009-11-24 18:04 . 2009-07-31 04:24 1447424 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml6.dll
+ 2009-11-24 18:04 . 2009-07-31 04:24 1172480 c:\windows\$hf_mig$\KB973687\SP3QFE\msxml3.dll
+ 2010-07-27 06:27 . 2010-07-27 06:27 8504320 c:\windows\$hf_mig$\KB2286198\SP3QFE\shell32.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 1509888 c:\windows\$hf_mig$\KB2183461\SP3QFE\shdocvw.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 3094528 c:\windows\$hf_mig$\KB2183461\SP3QFE\mshtml.dll
+ 2010-06-24 12:11 . 2010-06-24 12:11 1025024 c:\windows\$hf_mig$\KB2183461\SP3QFE\browseui.dll
+ 2010-06-24 21:29 . 2010-06-24 21:29 1861248 c:\windows\$hf_mig$\KB2160329\SP3QFE\win32k.sys
+ 2010-06-14 07:39 . 2010-06-14 07:39 1172480 c:\windows\$hf_mig$\KB2079403\SP3QFE\msxml3.dll
+ 2007-04-21 11:27 . 2010-09-18 22:44 35552200 c:\windows\system32\MRT.exe
+ 2010-04-02 17:29 . 2010-04-02 17:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-09-24 12:08 . 2010-09-24 12:08 11430400 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp
+ 2010-04-02 10:30 . 2010-04-02 10:30 17456640 c:\windows\Installer\e2da53.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 14599680 c:\windows\Installer\e2da20.msp
+ 2010-03-30 23:23 . 2010-03-30 23:23 15638528 c:\windows\Installer\c73508.msp
+ 2010-06-04 14:00 . 2010-06-04 14:00 20242432 c:\windows\Installer\c20e2.msp
+ 2010-03-08 21:33 . 2010-03-08 21:33 21181952 c:\windows\Installer\bdedaf.msi
+ 2010-01-20 00:36 . 2010-01-20 00:36 15710720 c:\windows\Installer\ae2a64.msp
+ 2010-09-08 14:00 . 2010-09-08 14:00 20303872 c:\windows\Installer\ad2ba.msp
+ 2007-07-31 12:29 . 2007-07-31 12:29 12886528 c:\windows\Installer\8110b0.msp
+ 2010-09-29 17:07 . 2010-09-29 17:07 20303872 c:\windows\Installer\45fcaa.msp
+ 2010-03-09 17:50 . 2010-03-09 17:50 28027392 c:\windows\Installer\357a0.msp
+ 2010-09-24 05:08 . 2010-09-24 05:08 17518080 c:\windows\Installer\28f9b5.msp
+ 2010-05-11 09:30 . 2010-05-11 09:30 11194880 c:\windows\Installer\1c854a9.msp
+ 2010-04-24 15:09 . 2010-04-24 15:09 11750912 c:\windows\Installer\1c8549f.msp
+ 2010-05-19 11:08 . 2010-05-19 11:08 11408896 c:\windows\Installer\11e4dc5.msp
+ 2007-06-18 15:16 . 2007-06-18 15:16 12259160 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.8173\MSO.DLL
+ 2005-04-22 04:57 . 2005-04-22 04:57 12235968 c:\windows\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\MSO.DLL
+ 2009-08-17 15:39 . 2009-08-17 15:39 15119720 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\XL12CNV.EXE
+ 2009-08-17 14:40 . 2009-08-17 14:40 17309040 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\MSO.DLL
+ 2010-08-11 14:15 . 2010-08-11 14:15 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-10-07 14:58 . 2010-10-07 14:58 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll
+ 2010-10-07 15:24 . 2010-10-07 15:24 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
+ 2010-10-07 14:58 . 2010-10-07 14:59 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll
+ 2010-08-11 14:15 . 2010-08-11 14:15 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-08-11 01:10 . 2010-08-11 01:10 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2010-03-06 202256]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-09-06 413696]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk
backup=c:\windows\pss\Adobe Reader - Schnellstart.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^NkbMonitor.exe.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\NkbMonitor.exe.lnk
backup=c:\windows\pss\NkbMonitor.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Winexit.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Winexit.lnk
backup=c:\windows\pss\Winexit.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^OpenOffice.org 2.1.lnk]
path=c:\dokumente und einstellungen\User\Startmenü\Programme\Autostart\OpenOffice.org 2.1.lnk
backup=c:\windows\pss\OpenOffice.org 2.1.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
2008-09-26 09:02 2356088 ----a-r- c:\programme\Gemeinsame Dateien\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 -c--a-w- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-09-10 15:40 289576 ----a-w- c:\programme\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-22 10:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-22 10:22 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-22 10:22 1622016 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45 75304 ----a-w- c:\programme\ScanSoft\OmniPageSE4.0\OpWareSE4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
2008-09-06 13:09 413696 ----a-w- c:\programme\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerBar]
2004-12-31 10:01 110592 ------w- c:\programme\CyberLink\PowerStarter\PowerBar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 13:09 413696 ----a-w- c:\programme\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 18:24 32768 -c--a-w- c:\programme\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-06-28 06:54 16248320 -c--a-w- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 -c--a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\programme\Gemeinsame Dateien\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-06 16:55 202256 ----a-w- c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2008-05-02 04:15 15872 ----a-w- c:\programme\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-01-15 22:54 37376 ----a-w- c:\programme\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{1290A33C-85F5-4164-A1BE-7DD299D4986A}]
2004-06-08 16:33 69721 -c----w- c:\programme\CyberLink\PowerBackup\PBKScheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wscsvc"=2 (0x2)
"CiSvc"=3 (0x3)
"ImapiService"=3 (0x3)
"NVSvc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Sony\\Media Manager for WALKMAN\\MediaManager.exe"=
"c:\\Programme\\Trillian\\trillian.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programme\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programme\\Motorola Media Link\\MML.exe"=
"c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programme\\ICQ7.2\\ICQ.exe"=
"c:\\Programme\\ICQ7.2\\aolload.exe"=
"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57203:TCP"= 57203:TCP:Pando Media Booster
"57203:UDP"= 57203:UDP:Pando Media Booster

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [30.10.2009 13:59 108289]
R2 DeviceMonitorService;DeviceMonitorService;c:\programme\Motorola Media Link\NServiceEntry.exe [12.10.2009 11:46 87336]
R2 MotoConnect Service;MotoConnect Service;c:\programme\Motorola\MotoConnectService\MotoConnectService.exe [08.03.2010 23:29 91392]
S2 gupdate1c9b3abc89374fa;Google Update Service (gupdate1c9b3abc89374fa);c:\programme\Google\Update\GoogleUpdate.exe [02.04.2009 17:57 133104]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [08.03.2010 23:30 6016]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [08.03.2010 23:30 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [08.03.2010 23:30 8320]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [09.03.2010 19:48 23552]
S3 VtcDrv;Philips SA60xx Recovery Device;c:\windows\system32\drivers\vtcdrv.sys [07.02.2008 17:40 18560]
.
Inhalt des "geplante Tasks" Ordners

2010-10-12 c:\windows\Tasks\Google Software Updater.job
- c:\programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 15:57]

2010-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-04-02 15:57]

2010-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-04-02 15:57]

2010-10-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1004.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2010-10-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1383384898-725345543-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2010-10-09 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1004.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2010-10-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1383384898-725345543-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - Welcome to Windows Live
IE: Easy-WebPrint - Drucken - c:\programme\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Schnelldruck - c:\programme\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint - Vorschau - c:\programme\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Zu Druckliste hinzufügen - c:\programme\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: In neuer Registerkarte im Hintergrund öffnen - c:\programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?79a16f71681d4223b2d015193d61ffce
IE: In neuer Registerkarte im Vordergrund öffnen - c:\programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?79a16f71681d4223b2d015193d61ffce
FF - ProfilePath - c:\dokumente und einstellungen\Detlef\Anwendungsdaten\Mozilla\Firefox\Profiles\gmn1pbyl.default\
FF - prefs.js: browser.search.selectedEngine -
FF - plugin: c:\programme\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\programme\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programme\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\programme\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

MSConfigStartUp-mmtask - c:\program files\MusicMatch\MusicMatch Jukebox\mmtask.exe
MSConfigStartUp-msnmsgr - c:\programme\MSN Messenger\msnmsgr.exe
MSConfigStartUp-PCSuiteTrayApplication - c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
MSConfigStartUp-PcSync - c:\programme\Nokia\Nokia PC Suite 6\PcSync2.exe
MSConfigStartUp-Picasa Media Detector - c:\programme\Picasa2\PicasaMediaDetector.exe
MSConfigStartUp-Steam - d:\spiele\Steam.exe
MSConfigStartUp-SunJavaUpdateSched - c:\programme\Java\jre1.5.0_11\bin\jusched.exe
MSConfigStartUp-Wambo - c:\programme\Swapper\Swapper.exe

.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'explorer.exe'(3948)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe
c:\windows\system32\PnkBstrA.exe
c:\programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\RUNDLL32.EXE
c:\programme\Motorola\MotoConnectService\MotoConnect.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-10-12 14:45:52 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2010-10-12 12:45
ComboFix2.txt 2009-11-24 19:39

Vor Suchlauf: 5.558.247.424 Bytes frei
Nach Suchlauf: 5.616.963.584 Bytes frei

- - End Of File - - D5B6D71400F9059362419DB9F7011615

cosinus · 13.10.2010, 08:02

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus

Downloade Dir anschließend bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

Doppelklick auf die MBRCheck.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Das Tool braucht nur eine Sekunde.
Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes

El_Kimmo · 13.10.2010, 20:47

Also GMER hat sich nach Stunden aufgehangen also keine Log ausgespuckt und die Downloadseite von OSAM ist down. Soll ich dann trotzdem MBRcheck ausführen ?

Google leitet auf andere Suchmaschienen um (Firefox und Explorer)

Plagegeister aller Art und deren Bekämpfung: Google leitet auf andere Suchmaschienen um (Firefox und Explorer)