Trojaner-Board - GVU Trojaner auf Laptop, Wix XP SP3

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - GVU Trojaner auf Laptop, Wix XP SP3 (https://www.trojaner-board.de/130783-gvu-trojaner-laptop-wix-xp-sp3.html)

GVU Trojaner auf Laptop, Wix XP SP3

Hallo!! Mein Vater hat sich auf seinem Laptop mit Win XP Professional SP3 einen GVU Trojaner eingefangen.

Im Abgesicherten Modus zu starten bringt nichts, das Bild erscheint sofort wieder.
Ohne Anleitung will ich lieber nichts selber versuchen und hoffe hier auf Hilfe.
Schonmal Danke.

hi
Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:

Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.

Lade

OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.

Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
Lege eine leere CD in Deinen Brenner.
ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
Du kannst nun die Fenster des Brennprogramms schließen.

Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD

Bebilderte Anleitung: OTLpe-Scan

Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
Mache einen Doppelklick auf das OTLPE Icon.
Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
OTLpe sollte nun starten.
Drücke Run Scan, um den Scan zu starten.
Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
Bitte poste den Inhalt von C:\OTL.txt und Extras.txt.

Ich hoffe es hat soweit alles fuktioniert.
Das ist bei dem Scan raus gekommen. Falls was falsch war, bitte Bescheid geben.
Vielen Dank!

Code:

OTL logfile created on: 2/8/2013 4:24:14 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,014.00 Mb Total Physical Memory | 754.00 Mb Available Physical Memory | 74.00% Memory free

902.00 Mb Paging File | 800.00 Mb Available in Paging File | 89.00% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 74.28 Gb Total Space | 13.05 Gb Free Space | 17.57% Space Free | Partition Type: NTFS

Drive D: | 7.68 Gb Total Space | 7.67 Gb Free Space | 99.95% Space Free | Partition Type: FAT32

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet002

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto] --  -- (Automatisches LiveUpdate - Scheduler)

SRV - [2013/02/07 10:17:53 | 000,114,688 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Dokumente und Einstellungen\Reith\338359.exe -- (winmgmt)

SRV - [2013/01/12 09:25:51 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/10/26 13:15:26 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Programme\McAfee Security Scan\3.0.313\McCHSvc.exe -- (McComponentHostService)

SRV - [2012/05/16 07:40:36 | 000,072,704 | ---- | M] (Autodesk) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)

SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto] -- C:\Programme\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)

SRV - [2011/03/25 08:44:57 | 001,404,008 | ---- | M] () [Auto] -- C:\WINDOWS\System32\ieconfig_1und1_svc.exe -- (serviceIEConfig)

SRV - [2005/04/03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)

SRV - [2003/07/28 06:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2001/11/12 07:31:48 | 000,020,480 | ---- | M] (X10) [Auto] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand] --  -- (UIUSys)

DRV - File not found [Kernel | On_Demand] --  -- (SYMNDIS)

DRV - File not found [Kernel | On_Demand] --  -- (SYMIDS)

DRV - File not found [Kernel | On_Demand] --  -- (SYMFW)

DRV - File not found [Kernel | System] --  -- (PRAGMApipyycwkid)

DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)

DRV - File not found [Kernel | System] --  -- (PCIDump)

DRV - File not found [Kernel | System] --  -- (lbrtfdc)

DRV - File not found [Kernel | System] --  -- (i2omgmt)

DRV - File not found [Kernel | System] --  -- (Changer)

DRV - [2013/02/08 04:12:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2013/01/16 11:04:35 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130207.025\NAVEX15.SYS -- (NAVEX15)

DRV - [2013/01/16 11:04:34 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130207.025\NAVENG.SYS -- (NAVENG)

DRV - [2013/01/15 21:51:12 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130116.013\BHDrvx86.sys -- (BHDrvx86)

DRV - [2012/11/06 11:22:32 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2012/11/06 11:22:32 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2012/08/31 19:27:25 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130207.002\IDSxpx86.sys -- (IDSxpx86)

DRV - [2011/06/18 07:47:39 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2011/04/20 20:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\N360\0502020.003\SYMTDI.SYS -- (SYMTDI)

DRV - [2011/03/30 22:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | System] -- C:\WINDOWS\System32\Drivers\N360\0502020.003\SRTSP.SYS -- (SRTSP)

DRV - [2011/03/30 22:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\N360\0502020.003\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - [2011/03/14 21:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\N360\0502020.003\symefa.sys -- (SymEFA)

DRV - [2011/01/27 01:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\N360\0502020.003\symds.sys -- (SymDS)

DRV - [2011/01/27 00:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\N360\0502020.003\Ironx86.SYS -- (SymIRON)

DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2006/12/24 04:48:36 | 000,034,816 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\SSHDRV5C.sys -- (SSHDRV5C)

DRV - [2006/04/28 10:27:48 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)

DRV - [2006/04/28 10:26:46 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)

DRV - [2006/04/28 10:25:44 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)

DRV - [2006/04/28 10:25:40 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)

DRV - [2006/04/28 10:24:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)

DRV - [2006/04/28 10:24:06 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)

DRV - [2006/04/28 10:24:00 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)

DRV - [2006/01/17 10:30:58 | 000,015,744 | R--- | M] (SMSC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HIDSMSC.SYS -- (SMCB000)

DRV - [2006/01/12 10:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)

DRV - [2005/12/29 16:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)

DRV - [2005/12/05 03:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)

DRV - [2005/11/30 12:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)

DRV - [2005/11/28 04:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid)

DRV - [2005/11/08 17:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)

DRV - [2005/11/08 17:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2005/11/08 17:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)

DRV - [2005/09/09 08:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)

DRV - [2005/06/10 23:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)

DRV - [2005/05/05 08:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)

DRV - [2004/08/10 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2004/08/10 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2004/04/19 00:01:00 | 000,006,656 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gflmouhid.sys -- (genmcmnUSB)

DRV - [2003/09/18 19:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)

DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)

DRV - [1998/10/15 02:02:50 | 000,052,800 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\System32\drivers\HPFECP15.SYS -- (HPFECP15)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie8_startpage

IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/

IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()

FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Programme\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Programme\McAfee Security Scan\3.0.313\npMcAfeeMSS.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/02/11 06:27:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_13_2 [2013/02/08 06:28:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/11/30 09:25:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/03/13 10:50:11 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/11/30 09:25:59 | 000,000,000 | ---D | M]

 

[2011/12/16 03:35:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012/03/13 10:50:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2009/03/31 15:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Programme\mozilla firefox\components\coFFPlgn.dll

[2012/11/30 09:24:51 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Programme\mozilla firefox\plugins\nprpplugin.dll

[2012/03/13 10:50:06 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012/03/13 10:50:06 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2012/03/13 10:50:06 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2012/03/13 10:50:06 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2012/03/13 10:50:06 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2012/03/13 10:50:06 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2004/08/10 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll (McAfee, Inc.)

O2 - BHO: (WEB.DE Konfiguration) - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)

O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar IE8\IE\uitb.dll (1und1 Mail und Media GmbH)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar IE8\IE\uitb.dll (1und1 Mail und Media GmbH)

O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.

O3 - HKU\Reith_ON_C\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O3 - HKU\Reith_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)

O3 - HKU\Reith_ON_C\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar IE8\IE\uitb.dll (1und1 Mail und Media GmbH)

O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Programme\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)

O4 - HKLM..\Run: [mouseElf] C:\Programme\Navigator\MouseElf.exe ()

O4 - HKLM..\Run: [NDSTray.exe]  File not found

O4 - HKLM..\Run: [OM2_Monitor] C:\Programme\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)

O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Programme\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)

O4 - HKU\Administrator_ON_C..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)

O4 - HKU\Reith_ON_C..\Run: [1und1Dispatcher] C:\Programme\1und1Softwareaktualisierung\SchedDispatcher.exe (1&1 Mail & Media GmbH)

O4 - HKU\Reith_ON_C..\Run: [OM2_Monitor] C:\Programme\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)

O4 - HKU\Reith_ON_C..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\3.0.313\SSScheduler.exe (McAfee, Inc.)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

O4 - Startup: C:\Dokumente und Einstellungen\Reith\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Reith_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar IE8\IE\uitb.dll (1und1 Mail und Media GmbH)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2013/01/30 14:27:26 | 000,013,848 | ---- | M] () - D:\Auto zu verkaufen REITH.docx -- [ FAT32 ]

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)

ActiveX: {111877A7-D9AB-9F9C-98B9-BCA4579EA650} - Microsoft Windows Media Player

ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)

ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {222FB945-258A-4734-84EA-99E5B4EF4E00} - WEB.DE Browser Add-on

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {29A43E48-B726-47B6-9EAC-AA2B7B48E133} - Microsoft .NET Framework 1.0 Security Update (KB2698035)

ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042)

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {507E953C-3D3A-4CD3-8A96-5F0B455F2E3A} - WEB.DE Browser Toolbar

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597)

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)

ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework

ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {DE895E98-54B2-4180-91E1-7A0020EDF577} - Microsoft .NET Framework 1.0 Security Update (KB2742607)

ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework

ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3

ActiveX: {F4317265-E6E0-91A7-C5AC-538F48E76E40} - Microsoft Windows Media Player

ActiveX: {F6545DA0-08FF-2F53-A8A2-393B68F5B6A0} - Microsoft .NET Framework 1.1 Security Update (KB2656370)

ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

ActiveX: >{E9D28A7F-49A0-41E8-95B7-4C699B1D3A6A} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

 

NetSvcs: 6to4 -  File not found

NetSvcs: Ias -  File not found

NetSvcs: Iprip -  File not found

NetSvcs: Irmon -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: winmgmt - C:\Dokumente und Einstellungen\Reith\338359.exe (Microsoft Corporation)

 

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013/02/07 10:17:52 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Reith\338359.exe

[2013/02/04 10:17:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\McAfee Security Scan Plus

[2013/01/25 11:08:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reith\Anwendungsdaten\TeamViewer

[2013/01/12 09:25:29 | 016,369,160 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe

[2011/10/28 09:31:34 | 002,063,321 | ---- | C] (GraphicRegion.com                                           ) -- C:\Programme\ablerawer_1.4.exe

[2007/03/30 02:25:15 | 014,993,976 | ---- | C] (Macrovision Corporation) -- C:\Programme\GoogleEarthWin_EARE.exe

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\Dokumente und Einstellungen\Reith\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Reith\Eigene Dateien\*.tmp -> ]

[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013/02/08 06:28:12 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3822127138-4128325502-4161374032-1005.job

[2013/02/08 06:27:59 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013/02/08 06:27:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/02/08 06:27:21 | 1063,440,384 | -HS- | M] () -- C:\hiberfil.sys

[2013/02/08 06:02:10 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\953833.pad

[2013/02/08 05:46:16 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/02/08 05:46:00 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2013/02/08 04:12:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2013/02/07 10:24:24 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/02/07 10:19:12 | 000,002,772 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\953833.js

[2013/02/07 10:19:12 | 000,000,770 | ---- | M] () -- C:\Dokumente und Einstellungen\Reith\Startmenü\Programme\Autostart\runctf.lnk

[2013/02/07 10:17:53 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Reith\338359.exe

[2013/02/07 09:29:14 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013/02/06 17:56:18 | 002,167,382 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-3822127138-4128325502-4161374032-1005-0.dat

[2013/02/06 17:56:00 | 000,203,398 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat

[2013/02/04 16:04:30 | 000,002,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Reith\Desktop\Microsoft Word.lnk

[2013/02/04 14:00:01 | 000,000,494 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Systemprüfung ausführen - Reith.job

[2013/02/04 10:17:26 | 000,001,737 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk

[2013/02/04 10:17:26 | 000,001,731 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk

[2013/02/04 10:17:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\McAfee Security Scan Plus

[2013/02/04 10:17:11 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart

[2013/01/24 09:20:00 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\3953114.pad

[2013/01/18 12:42:03 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3822127138-4128325502-4161374032-1005.job

[2013/01/16 11:26:05 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013/01/12 09:25:42 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013/01/12 09:25:41 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013/01/12 09:25:30 | 016,369,160 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe

[2013/01/09 16:39:33 | 000,526,500 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013/01/09 16:39:33 | 000,500,416 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/09 16:39:33 | 000,106,504 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013/01/09 16:39:33 | 000,088,422 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/09 16:30:28 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Reith\Eigene Dateien\*.tmp -> ]

[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013/02/08 05:40:12 | 1063,440,384 | -HS- | C] () -- C:\hiberfil.sys

[2013/02/07 10:19:12 | 000,002,772 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\953833.js

[2013/02/07 10:19:10 | 000,000,770 | ---- | C] () -- C:\Dokumente und Einstellungen\Reith\Startmenü\Programme\Autostart\runctf.lnk

[2013/02/07 10:18:41 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\953833.pad

[2013/02/04 10:17:25 | 000,001,737 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk

[2013/02/04 10:17:11 | 000,001,731 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk

[2013/01/24 09:16:31 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\3953114.pad

[2012/09/28 03:47:19 | 000,076,340 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\vdsnfaagtxxyfzx

[2012/05/15 09:06:23 | 000,000,001 | R--- | C] () -- C:\Dokumente und Einstellungen\Reith\serverport

[2012/02/16 01:30:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/24 07:16:03 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/12/22 15:14:33 | 002,167,382 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-3822127138-4128325502-4161374032-1005-0.dat

[2011/12/13 16:50:58 | 000,203,398 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat

[2011/06/15 13:11:22 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\Reith\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

[2011/06/15 13:06:18 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

[2011/03/25 08:44:57 | 001,404,008 | ---- | C] () -- C:\WINDOWS\System32\ieconfig_1und1_svc.exe

[2011/03/25 08:44:55 | 003,406,336 | ---- | C] () -- C:\WINDOWS\System32\WEBDE-DLLUpdate1.exe

[2010/03/27 09:47:50 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache

[2009/10/11 04:35:16 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini

[2009/03/29 04:04:10 | 000,000,222 | ---- | C] () -- C:\WINDOWS\HPFTBX15.INI

[2008/04/24 10:17:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\KBHook.dll

[2008/04/24 10:17:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TaskKeyHook.dll

[2008/04/24 10:17:42 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\gflmouhid.sys

[2007/07/14 06:30:50 | 000,001,140 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2007/07/12 10:17:57 | 000,020,992 | ---- | C] () -- C:\Dokumente und Einstellungen\Reith\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007/06/08 02:01:59 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2007/04/08 05:42:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2007/04/08 05:40:45 | 006,615,712 | ---- | C] () -- C:\Programme\FirefoxGoogleToolbarSetup.exe

[2007/03/12 12:02:43 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\Whoru.dll

[2007/01/29 12:31:51 | 047,250,712 | ---- | C] () -- C:\Programme\NIS071020GE.exe

[2006/12/24 04:48:36 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV5C.sys

[2006/12/07 18:01:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI

[2006/10/26 09:30:33 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Reith\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[2006/10/26 09:30:07 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[2006/03/22 04:12:20 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006/03/22 03:56:06 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini

[2006/03/22 03:25:13 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006/03/22 02:05:11 | 000,012,402 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini

[2006/03/22 02:05:11 | 000,002,182 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini

[2006/03/22 01:55:00 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2006/03/22 01:49:17 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2006/03/22 01:49:17 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2006/03/22 01:49:17 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2006/03/22 01:49:17 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2006/03/22 01:49:17 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2006/03/22 01:49:17 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2006/03/22 01:47:43 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe

[2006/03/22 01:18:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI

[2006/03/21 16:06:57 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe

[2006/03/21 16:06:56 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2006/03/21 16:06:55 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2006/03/21 16:06:55 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2006/03/21 16:06:53 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2006/03/21 16:06:53 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe

[2006/03/21 16:06:53 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll

[2006/03/21 16:06:50 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe

[2006/03/21 16:06:50 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll

[2006/03/21 16:06:49 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe

[2006/03/21 10:04:04 | 000,009,362 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini

[2006/03/21 10:04:04 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini

[2006/03/21 10:04:03 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini

[2006/03/21 10:04:03 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll

[2006/03/17 07:09:59 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[2006/03/17 07:05:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2006/03/17 06:58:42 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2006/03/17 06:53:09 | 000,004,335 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2006/03/17 06:52:18 | 000,233,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2006/03/17 06:46:26 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe

[2006/03/17 06:46:26 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll

[2006/03/17 06:46:26 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2006/03/17 06:46:14 | 000,526,500 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2006/03/17 06:46:14 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2006/03/17 06:46:14 | 000,106,504 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2006/03/17 06:46:14 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2006/03/17 06:45:42 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006/03/17 06:45:40 | 000,500,416 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006/03/17 06:45:40 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2006/03/17 06:45:40 | 000,088,422 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006/03/17 06:45:40 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2006/03/17 06:45:40 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2006/03/17 06:45:38 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2006/03/17 06:45:37 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2006/03/17 06:45:29 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2006/03/17 06:45:29 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2006/03/17 06:45:26 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2006/03/17 06:45:18 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006/01/26 12:03:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll

[2005/12/08 13:56:50 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll

[2005/09/02 08:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll

[2005/08/05 08:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2005/07/22 15:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

[2004/07/20 11:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll

[2004/01/15 08:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll

[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[1998/10/15 02:52:10 | 000,126,464 | ---- | C] () -- C:\WINDOWS\System32\HPFcfg15.exe

[1998/10/15 02:51:40 | 000,119,808 | ---- | C] () -- C:\WINDOWS\System32\HPFlnk15.exe

[1998/10/15 02:51:40 | 000,003,782 | ---- | C] () -- C:\WINDOWS\System32\HPFlnk15.ini

[1998/10/15 02:49:34 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\HPFtbx15.exe

[1998/10/15 02:45:56 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\HPFhid15.exe

[1998/10/15 02:31:58 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\HPFhrl15.dll

[1998/10/15 02:31:54 | 000,280,576 | ---- | C] () -- C:\WINDOWS\System32\HPFsrl15.dll

[1998/10/15 02:31:46 | 000,683,008 | ---- | C] () -- C:\WINDOWS\System32\HPFmrl15.dll

[1998/10/15 02:31:42 | 001,325,056 | ---- | C] () -- C:\WINDOWS\System32\HPFtrl15.dll

[1998/10/15 02:28:06 | 000,193,536 | ---- | C] () -- C:\WINDOWS\System32\HPFcps15.dll

[1998/10/15 02:27:38 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\HPF24r15.dll

[1998/10/15 02:26:28 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\HPFtst15.dll

[1998/10/15 02:24:46 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\HPFpcl15.dll

[1998/10/15 02:17:24 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\HPFui15.dll

[1998/10/15 02:10:58 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\HPFwin15.dll

[1998/10/15 02:07:18 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\HPFmon15.dll

[1998/10/15 02:06:40 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\HPFcbl15.dll

[1998/10/15 02:04:40 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\HPFnet15.dll

[1998/10/15 02:04:26 | 000,033,384 | ---- | C] () -- C:\WINDOWS\System32\HPFiop15.dll

[1998/10/15 02:04:14 | 000,069,284 | ---- | C] () -- C:\WINDOWS\System32\HPFpml15.dll

[1998/10/15 02:04:08 | 000,138,428 | ---- | C] () -- C:\WINDOWS\System32\HPFmlc15.dll

[1998/10/15 02:03:58 | 000,057,240 | ---- | C] () -- C:\WINDOWS\System32\HPFmem15.dll

[1998/10/15 02:03:54 | 000,048,292 | ---- | C] () -- C:\WINDOWS\System32\HPFlpm15.dll

[1998/10/15 02:03:42 | 000,072,368 | ---- | C] () -- C:\WINDOWS\System32\HPFcom15.dll

[1998/10/15 02:02:50 | 000,052,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\HPFecp15.sys

[1998/10/15 02:02:02 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\HPFrsu15.dll

[1998/10/15 02:01:32 | 000,117,760 | ---- | C] () -- C:\WINDOWS\System32\HPFrsa15.dll

[1998/10/15 01:57:08 | 000,849,920 | ---- | C] () -- C:\WINDOWS\System32\HPFimg15.dll

[1998/10/15 01:53:54 | 000,124,928 | ---- | C] () -- C:\WINDOWS\System32\HPFcnt15.dll

[1998/09/24 02:48:54 | 000,035,328 | ---- | C] () -- C:\WINDOWS\hpfsched.exe

 
 ========== LOP Check ==========

 

[2006/09/01 09:45:45 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\toshiba

[2006/10/26 09:31:50 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\X10 Commander

[2006/09/01 09:45:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\toshiba

[2006/09/01 09:46:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\X10 Commander

[2011/12/16 03:36:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\1&1 Mail & Media GmbH

[2012/05/16 07:43:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Autodesk

[2011/12/12 12:39:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Garmin

[2006/10/26 13:14:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InterVideo

[2012/11/30 09:01:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MPEG Streamclip

[2013/01/25 11:08:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TeamViewer

[2006/11/30 11:42:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Teleca

[2012/09/29 05:52:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Tific

[2006/09/01 09:45:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\toshiba

[2011/07/03 05:20:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1und1InternetExplorerAddon

[2012/05/16 07:49:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk

[2011/06/06 10:28:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CygniCon

[2011/07/03 05:19:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DesktopIcons

[2011/12/12 12:42:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Garmin

[2011/03/25 08:44:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IEConfiguration1und1

[2009/06/21 13:23:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCSettings

[2012/09/28 03:47:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\szmokjsttikrumb

[2011/10/28 09:32:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer

[2011/12/31 06:36:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UUdb

[2011/01/31 12:35:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{06C4B2DE-F57C-40CB-99BF-4F9EE7C645DF}

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %SYSTEMDRIVE%\*. >

[2006/12/03 06:46:29 | 000,000,000 | ---D | M] -- C:\53035c5259e96c5a60c526cd

[2009/08/22 15:55:42 | 000,000,000 | ---D | M] -- C:\8040f140198c005600

[2006/09/01 09:45:39 | 000,000,000 | ---D | M] -- C:\CMPNENTS

[2013/01/10 12:09:49 | 000,000,000 | -HSD | M] -- C:\Config.Msi

[2006/10/26 09:30:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen

[2011/12/23 12:26:25 | 000,000,000 | -HSD | M] -- C:\found.000

[2011/04/04 00:37:10 | 000,000,000 | ---D | M] -- C:\I386

[2006/12/12 05:33:29 | 000,000,000 | ---D | M] -- C:\Meine Downloads

[2006/09/01 09:47:47 | 000,000,000 | RH-D | M] -- C:\MSOCache

[2011/01/30 12:29:22 | 000,000,000 | ---D | M] -- C:\N360_BACKUP

[2008/08/26 06:24:01 | 000,000,000 | ---D | M] -- C:\Program Files

[2012/11/30 09:21:03 | 000,000,000 | R--D | M] -- C:\Programme

[2006/10/26 14:44:46 | 000,000,000 | -HSD | M] -- C:\RECYCLER

[2006/09/01 09:49:29 | 000,000,000 | ---D | M] -- C:\SUPPORT

[2013/02/07 09:03:09 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2007/05/13 07:25:59 | 000,000,000 | ---D | M] -- C:\Temp

[2006/09/01 09:50:32 | 000,000,000 | ---D | M] -- C:\Toolscd

[2012/09/13 10:52:16 | 000,000,000 | ---D | M] -- C:\VALUEADD

[2007/10/24 13:54:52 | 000,000,000 | ---D | M] -- C:\VOX Bauplaner PRO

[2013/02/08 06:27:49 | 000,000,000 | ---D | M] -- C:\WINDOWS

 
 < %PROGRAMFILES%\*.exe >

[2011/10/28 09:31:40 | 002,063,321 | ---- | M] (GraphicRegion.com                                           ) -- C:\Programme\ablerawer_1.4.exe

[2007/04/08 05:40:52 | 006,615,712 | ---- | M] () -- C:\Programme\FirefoxGoogleToolbarSetup.exe

[2007/03/30 02:25:31 | 014,993,976 | ---- | M] (Macrovision Corporation) -- C:\Programme\GoogleEarthWin_EARE.exe

[2007/01/29 12:31:53 | 047,250,712 | ---- | M] () -- C:\Programme\NIS071020GE.exe

 

Invalid Environment Variable: %LOCALAPPDATA%\*.exe

 
 < %systemroot%\*. /mp /s >

 

 
 < MD5 for: AGP440.SYS  >

[2004/08/10 08:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys

[2004/08/10 08:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008/11/23 08:08:31 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2008/11/23 08:08:31 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

 
 < MD5 for: ATAPI.SYS  >

[2004/08/10 08:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys

[2004/08/10 08:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008/11/23 08:08:31 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008/11/23 08:08:31 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004/08/03 16:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[2004/08/10 08:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

 
 < MD5 for: EVENTLOG.DLL  >

[2008/04/13 21:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008/04/13 21:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll

[2004/08/10 08:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

 
 < MD5 for: EXPLORER.EXE  >

[2004/08/10 08:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

[2007/06/13 08:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

[2008/04/13 21:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe

[2008/04/13 21:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

[2007/06/13 08:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

 
 < MD5 for: NETLOGON.DLL  >

[2008/04/13 21:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008/04/13 21:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll

[2004/08/10 08:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

 
 < MD5 for: SCECLI.DLL  >

[2008/04/13 21:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008/04/13 21:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll

[2004/08/10 08:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2005/03/02 13:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll

[2007/03/08 10:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll

[2005/03/02 13:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll

[2004/08/10 08:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll

[2007/03/08 10:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll

[2008/04/13 21:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll

[2008/04/13 21:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008/04/13 21:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008/04/13 21:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe

[2004/08/10 08:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2004/08/10 08:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2012/09/07 10:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008/04/13 21:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008/04/13 21:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2004/08/10 08:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2006/03/17 07:51:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2006/03/17 07:51:42 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2006/03/17 07:51:42 | 000,434,176 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2011/03/03 01:54:43 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll

[2012/11/01 07:17:52 | 011,111,424 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

[2012/11/01 07:17:52 | 002,000,384 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll

[2008/04/13 21:22:18 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll

[2008/04/13 21:22:20 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll

[2012/06/08 09:25:14 | 008,503,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll

[10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

Invalid Environment Variable: %USERPROFILE%\*.*

 

Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe

 

Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll

 

Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe

< End of report >

hi
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:

Code:

:OTL

O4 - Startup: C:\Dokumente und Einstellungen\Reith\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)

[2013/02/07 10:17:52 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Reith\338359.exe

[2013/02/08 06:02:10 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\953833.pad

[2013/02/07 10:19:12 | 000,002,772 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\953833.js

[2013/02/07 10:19:12 | 000,000,770 | ---- | M] () -- C:\Dokumente und Einstellungen\Reith\Startmenü\Programme\Autostart\runctf.lnk

:Files

:Commands

[EMPTYFLASH] 

[emptytemp]

dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!

Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + E Taste.

Öffne dein Systemlaufwerk ( meistens C: )
Suche nun
folgenden Ordner: _OTL und öffne diesen.
Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner
Dies wird eine Movedfiles.zip Datei in _OTL erstellen
Lade diese bitte in unseren Uploadchannel
hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )

Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus :)

danach:
folgene Datei laden:
http://download.bleepingcomputer.com...xp/winmgmt.reg
doppelklicken, Nachfrage bestätigen, neustarten, bitte melden, wenn fertig

Der Fix wird übernommen, aber leider kann ich danach nicht mehr Run Fix anwählen. Es reagiert nichts.:confused:

Nach mehrmaligem Neustart von OTLPE hat es funktioniert, melde mich wieder.

Hier der log:

Code:

========== OTL ==========

C:\Dokumente und Einstellungen\Reith\Startmenü\Programme\Autostart\runctf.lnk moved successfully.

File move failed. X:\I386\SYSTEM32\RUNDLL32.EXE scheduled to be moved on reboot.

C:\Dokumente und Einstellungen\Reith\338359.exe moved successfully.

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\953833.pad moved successfully.

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\953833.js moved successfully.

File C:\Dokumente und Einstellungen\Reith\Startmenü\Programme\Autostart\runctf.lnk not found.

========== FILES ==========

========== COMMANDS ==========

 

[EMPTYFLASH]

 

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: LocalService

->Temp folder emptied: 82513 bytes

->Temporary Internet Files folder emptied: 106116 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Reith

->Temp folder emptied: 232461056 bytes

->Temporary Internet Files folder emptied: 10801315 bytes

->Java cache emptied: 59706255 bytes

->FireFox cache emptied: 73295197 bytes

->Flash cache emptied: 1597 bytes

 

Total Flash Files Cleaned = 359.00 mb

 

 

[EMPTYTEMP]

 

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Reith

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 19569 bytes

%systemroot%\System32 .tmp files removed: 5435271 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 4769116 bytes

 

Total Files Cleaned = 10.00 mb

 

 

OTLPE by OldTimer - Version 3.1.48.0 log created on 02082013_171530
 

Files\Folders moved on Reboot...

File\Folder X:\I386\SYSTEM32\RUNDLL32.EXE not found!
 

Registry entries deleted on Reboot...

Upload hat geklappt, neustart auch!

hast du das regfile ausgeführt? falls nein, noch erleidgen bitte.
danach:
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten

Ja, reg hatte ich ausgeführt.

Code:

18:02:33.0984 3312  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

18:02:36.0093 3312  ============================================================

18:02:36.0093 3312  Current date / time: 2013/02/08 18:02:36.0093

18:02:36.0093 3312  SystemInfo:

18:02:36.0093 3312  

18:02:36.0125 3312  OS Version: 5.1.2600 ServicePack: 3.0

18:02:36.0125 3312  Product type: Workstation

18:02:36.0125 3312  ComputerName: YOUR-2D1ABB0973

18:02:36.0156 3312  UserName: Reith

18:02:36.0156 3312  Windows directory: C:\WINDOWS

18:02:36.0156 3312  System windows directory: C:\WINDOWS

18:02:36.0156 3312  Processor architecture: Intel x86

18:02:36.0156 3312  Number of processors: 1

18:02:36.0156 3312  Page size: 0x1000

18:02:36.0156 3312  Boot type: Normal boot

18:02:36.0156 3312  ============================================================

18:02:49.0015 3312  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

18:02:49.0109 3312  Drive \Device\Harddisk1\DR3 - Size: 0x1EC400000 (7.69 Gb), SectorSize: 0x200, Cylinders: 0x3EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

18:02:49.0109 3312  ============================================================

18:02:49.0109 3312  \Device\Harddisk0\DR0:

18:02:49.0140 3312  MBR partitions:

18:02:49.0140 3312  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9490C62

18:02:49.0140 3312  \Device\Harddisk1\DR3:

18:02:49.0140 3312  MBR partitions:

18:02:49.0140 3312  \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0x4, BlocksNum 0xF61FFC

18:02:49.0140 3312  ============================================================

18:02:49.0250 3312  C: <-> \Device\Harddisk0\DR0\Partition1

18:02:49.0328 3312  ============================================================

18:02:49.0328 3312  Initialize success

18:02:49.0328 3312  ============================================================

18:03:18.0296 0312  ============================================================

18:03:18.0296 0312  Scan started

18:03:18.0296 0312  Mode: Manual; SigCheck; TDLFS; 

18:03:18.0296 0312  ============================================================

18:03:20.0984 0312  ================ Scan system memory ========================

18:03:21.0015 0312  System memory - ok

18:03:21.0015 0312  ================ Scan services =============================

18:03:21.0218 0312  Abiosdsk - ok

18:03:21.0218 0312  abp480n5 - ok

18:03:21.0312 0312  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:03:27.0937 0312  ACPI - ok

18:03:28.0078 0312  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

18:03:28.0578 0312  ACPIEC - ok

18:03:28.0703 0312  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:03:28.0812 0312  AdobeFlashPlayerUpdateSvc - ok

18:03:28.0828 0312  adpu160m - ok

18:03:28.0906 0312  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

18:03:29.0109 0312  aec - ok

18:03:29.0203 0312  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

18:03:29.0296 0312  AFD - ok

18:03:29.0343 0312  Aha154x - ok

18:03:29.0359 0312  aic78u2 - ok

18:03:29.0359 0312  aic78xx - ok

18:03:29.0468 0312  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

18:03:29.0625 0312  Alerter - ok

18:03:29.0703 0312  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe

18:03:29.0921 0312  ALG - ok

18:03:29.0921 0312  AliIde - ok

18:03:29.0937 0312  amsint - ok

18:03:30.0031 0312  [ D45960BE52C3C610D361977057F98C54 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

18:03:30.0203 0312  AppMgmt - ok

18:03:30.0281 0312  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

18:03:30.0453 0312  Arp1394 - ok

18:03:30.0468 0312  asc - ok

18:03:30.0484 0312  asc3350p - ok

18:03:30.0484 0312  asc3550 - ok

18:03:30.0640 0312  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

18:03:30.0703 0312  aspnet_state - ok

18:03:30.0734 0312  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:03:30.0953 0312  AsyncMac - ok

18:03:30.0984 0312  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

18:03:31.0140 0312  atapi - ok

18:03:31.0140 0312  Atdisk - ok

18:03:31.0171 0312  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:03:31.0359 0312  Atmarpc - ok

18:03:31.0468 0312  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

18:03:31.0609 0312  AudioSrv - ok

18:03:31.0656 0312  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

18:03:31.0796 0312  audstub - ok

18:03:31.0984 0312  [ 98628DFDE86E459CB84EC7AF17B7E4AC ] Autodesk Licensing Service C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe

18:03:32.0031 0312  Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - warning

18:03:32.0031 0312  Autodesk Licensing Service - detected UnsignedFile.Multi.Generic (1)

18:03:32.0093 0312  Automatisches LiveUpdate - Scheduler - ok

18:03:32.0171 0312  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

18:03:32.0359 0312  Beep - ok

18:03:32.0718 0312  [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86        C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130116.013\BHDrvx86.sys

18:03:33.0296 0312  BHDrvx86 - ok

18:03:33.0500 0312  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll

18:03:34.0125 0312  BITS - ok

18:03:34.0218 0312  [ 141BEFBD4F2A84A66E2F54B9E32E40D1 ] BoiHwsetup      C:\WINDOWS\system32\drivers\BoiHwSetup.sys

18:03:34.0515 0312  BoiHwsetup - ok

18:03:34.0609 0312  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll

18:03:34.0953 0312  Browser - ok

18:03:35.0031 0312  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

18:03:35.0515 0312  cbidf2k - ok

18:03:35.0515 0312  cd20xrnt - ok

18:03:35.0546 0312  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

18:03:35.0921 0312  Cdaudio - ok

18:03:35.0968 0312  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

18:03:36.0390 0312  Cdfs - ok

18:03:36.0437 0312  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:03:36.0843 0312  Cdrom - ok

18:03:37.0031 0312  [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs          C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe

18:03:37.0140 0312  CFSvcs ( UnsignedFile.Multi.Generic ) - warning

18:03:37.0140 0312  CFSvcs - detected UnsignedFile.Multi.Generic (1)

18:03:37.0140 0312  Changer - ok

18:03:37.0218 0312  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe

18:03:37.0421 0312  CiSvc - ok

18:03:37.0484 0312  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

18:03:37.0656 0312  ClipSrv - ok

18:03:37.0750 0312  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:03:38.0375 0312  clr_optimization_v2.0.50727_32 - ok

18:03:38.0671 0312  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:03:39.0093 0312  clr_optimization_v4.0.30319_32 - ok

18:03:39.0187 0312  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys

18:03:39.0578 0312  CmBatt - ok

18:03:39.0609 0312  CmdIde - ok

18:03:39.0656 0312  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys

18:03:39.0843 0312  Compbatt - ok

18:03:39.0859 0312  COMSysApp - ok

18:03:39.0875 0312  Cpqarray - ok

18:03:39.0984 0312  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

18:03:40.0187 0312  CryptSvc - ok

18:03:40.0218 0312  dac2w2k - ok

18:03:40.0218 0312  dac960nt - ok

18:03:40.0343 0312  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

18:03:40.0640 0312  DcomLaunch - ok

18:03:40.0718 0312  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

18:03:40.0906 0312  Dhcp - ok

18:03:40.0953 0312  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

18:03:41.0203 0312  Disk - ok

18:03:41.0203 0312  dmadmin - ok

18:03:41.0453 0312  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

18:03:41.0937 0312  dmboot - ok

18:03:42.0015 0312  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

18:03:42.0281 0312  dmio - ok

18:03:42.0343 0312  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

18:03:42.0562 0312  dmload - ok

18:03:42.0656 0312  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll

18:03:42.0828 0312  dmserver - ok

18:03:42.0921 0312  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

18:03:43.0125 0312  DMusic - ok

18:03:43.0218 0312  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

18:03:43.0546 0312  Dnscache - ok

18:03:43.0671 0312  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

18:03:43.0921 0312  Dot3svc - ok

18:03:43.0921 0312  dpti2o - ok

18:03:43.0953 0312  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

18:03:44.0093 0312  drmkaud - ok

18:03:44.0187 0312  [ 2646883E6DD867CD872D5B51B6036710 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys

18:03:44.0359 0312  E100B - ok

18:03:44.0437 0312  [ E1FA10ED8F9F700C1BE1EAE05A80EF57 ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys

18:03:44.0656 0312  e1express - ok

18:03:44.0750 0312  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll

18:03:44.0937 0312  EapHost - ok

18:03:45.0250 0312  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys

18:03:45.0375 0312  eeCtrl - ok

18:03:45.0656 0312  [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe

18:03:46.0078 0312  ehRecvr - ok

18:03:46.0218 0312  [ E774BF24A6CB798DCE67AD1C8E917152 ] ehSched         C:\WINDOWS\eHome\ehSched.exe

18:03:46.0343 0312  ehSched - ok

18:03:46.0453 0312  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

18:03:46.0640 0312  EraserUtilRebootDrv - ok

18:03:46.0843 0312  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll

18:03:47.0000 0312  ERSvc - ok

18:03:47.0109 0312  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe

18:03:47.0156 0312  Eventlog - ok

18:03:47.0312 0312  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll

18:03:47.0515 0312  EventSystem - ok

18:03:47.0578 0312  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

18:03:47.0781 0312  Fastfat - ok

18:03:47.0859 0312  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:03:48.0109 0312  FastUserSwitchingCompatibility - ok

18:03:48.0140 0312  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

18:03:48.0343 0312  Fdc - ok

18:03:48.0390 0312  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

18:03:48.0609 0312  Fips - ok

18:03:48.0640 0312  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

18:03:48.0781 0312  Flpydisk - ok

18:03:48.0843 0312  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

18:03:49.0000 0312  FltMgr - ok

18:03:49.0062 0312  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:03:49.0109 0312  FontCache3.0.0.0 - ok

18:03:49.0156 0312  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:03:49.0296 0312  Fs_Rec - ok

18:03:49.0359 0312  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:03:49.0500 0312  Ftdisk - ok

18:03:49.0546 0312  [ 5AE3A887ECE5BBB72CFAB273C2FD1CFA ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:03:49.0562 0312  GEARAspiWDM - ok

18:03:49.0593 0312  [ 86F732D2995ADA73FD307539EC266D3A ] genmcmnUSB      C:\WINDOWS\system32\DRIVERS\gflmouhid.sys

18:03:51.0687 0312  genmcmnUSB - ok

18:03:51.0796 0312  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:03:51.0937 0312  Gpc - ok

18:03:52.0109 0312  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe

18:03:52.0140 0312  gupdate - ok

18:03:52.0140 0312  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe

18:03:52.0171 0312  gupdatem - ok

18:03:52.0250 0312  [ A8BCCB6AB8E43C39F4EF1BC4DB8D6165 ] HdAudAddService C:\WINDOWS\system32\drivers\CHDAud.sys

18:03:52.0406 0312  HdAudAddService - ok

18:03:52.0468 0312  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:03:52.0609 0312  HDAudBus - ok

18:03:52.0718 0312  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:03:52.0890 0312  helpsvc - ok

18:03:53.0015 0312  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ         C:\WINDOWS\System32\hidserv.dll

18:03:53.0218 0312  HidServ - ok

18:03:53.0281 0312  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:03:53.0421 0312  HidUsb - ok

18:03:53.0812 0312  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

18:03:53.0984 0312  hkmsvc - ok

18:03:54.0046 0312  [ 142350F09C99FFED0D839FB58344799C ] HPFECP15        C:\WINDOWS\System32\drivers\HPFECP15.SYS

18:03:54.0078 0312  HPFECP15 ( UnsignedFile.Multi.Generic ) - warning

18:03:54.0078 0312  HPFECP15 - detected UnsignedFile.Multi.Generic (1)

18:03:54.0078 0312  hpn - ok

18:03:54.0156 0312  [ A30D7011C1B80A0BC16602D99218D522 ] HSFHWAZL        C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

18:03:54.0187 0312  HSFHWAZL - ok

18:03:54.0265 0312  [ 5A5A7721D9C62D77FC0FABA9B2CF5BE9 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

18:03:54.0359 0312  HSF_DPV - ok

18:03:54.0515 0312  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

18:03:54.0625 0312  HTTP - ok

18:03:54.0734 0312  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

18:03:54.0890 0312  HTTPFilter - ok

18:03:54.0890 0312  i2omgmt - ok

18:03:54.0906 0312  i2omp - ok

18:03:54.0937 0312  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:03:55.0078 0312  i8042prt - ok

18:03:55.0203 0312  [ 81EFE1C5542AFB2570758F39AE3B1151 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

18:03:55.0375 0312  ialm - ok

18:03:55.0484 0312  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe

18:03:55.0531 0312  IDriverT ( UnsignedFile.Multi.Generic ) - warning

18:03:55.0531 0312  IDriverT - detected UnsignedFile.Multi.Generic (1)

18:03:55.0640 0312  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:03:55.0781 0312  idsvc - ok

18:03:55.0921 0312  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130207.002\IDSxpx86.sys

18:03:55.0968 0312  IDSxpx86 - ok

18:03:56.0015 0312  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

18:03:56.0156 0312  Imapi - ok

18:03:56.0234 0312  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe

18:03:56.0406 0312  ImapiService - ok

18:03:56.0453 0312  ini910u - ok

18:03:56.0453 0312  IntelIde - ok

18:03:56.0515 0312  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:03:56.0656 0312  intelppm - ok

18:03:56.0671 0312  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

18:03:56.0812 0312  Ip6Fw - ok

18:03:56.0843 0312  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:03:56.0984 0312  IpFilterDriver - ok

18:03:57.0000 0312  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:03:57.0140 0312  IpInIp - ok

18:03:57.0171 0312  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:03:57.0312 0312  IpNat - ok

18:03:57.0343 0312  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:03:57.0468 0312  IPSec - ok

18:03:57.0515 0312  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

18:03:57.0640 0312  IRENUM - ok

18:03:57.0687 0312  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:03:57.0796 0312  isapnp - ok

18:03:57.0828 0312  [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys

18:03:57.0843 0312  Iviaspi ( UnsignedFile.Multi.Generic ) - warning

18:03:57.0843 0312  Iviaspi - detected UnsignedFile.Multi.Generic (1)

18:03:57.0875 0312  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:03:58.0015 0312  Kbdclass - ok

18:03:58.0046 0312  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

18:03:58.0203 0312  kbdhid - ok

18:03:58.0250 0312  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

18:03:58.0375 0312  kmixer - ok

18:03:58.0421 0312  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

18:03:58.0578 0312  KSecDD - ok

18:03:58.0687 0312  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

18:03:58.0843 0312  lanmanserver - ok

18:03:58.0890 0312  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:03:58.0968 0312  lanmanworkstation - ok

18:03:58.0968 0312  lbrtfdc - ok

18:03:59.0015 0312  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

18:03:59.0140 0312  LmHosts - ok

18:03:59.0281 0312  [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\mbamswissarmy.sys

18:03:59.0390 0312  MBAMSwissArmy - ok

18:03:59.0531 0312  [ C58F15CD4EF79210455512CF0C449F39 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.313\McCHSvc.exe

18:03:59.0593 0312  McComponentHostService - ok

18:03:59.0625 0312  [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe

18:03:59.0671 0312  McrdSvc - ok

18:03:59.0718 0312  [ E246A32C445056996074A397DA56E815 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

18:03:59.0750 0312  mdmxsdk - ok

18:03:59.0781 0312  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

18:03:59.0921 0312  Messenger - ok

18:03:59.0984 0312  [ DED60230E3019C508769EC3C15BCDA44 ] MHN             C:\WINDOWS\System32\mhn.dll

18:04:00.0062 0312  MHN ( UnsignedFile.Multi.Generic ) - warning

18:04:00.0062 0312  MHN - detected UnsignedFile.Multi.Generic (1)

18:04:00.0093 0312  [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys

18:04:00.0125 0312  MHNDRV ( UnsignedFile.Multi.Generic ) - warning

18:04:00.0125 0312  MHNDRV - detected UnsignedFile.Multi.Generic (1)

18:04:00.0140 0312  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

18:04:00.0296 0312  mnmdd - ok

18:04:00.0343 0312  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

18:04:00.0500 0312  mnmsrvc - ok

18:04:00.0546 0312  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

18:04:00.0687 0312  Modem - ok

18:04:00.0718 0312  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:04:00.0859 0312  Mouclass - ok

18:04:00.0890 0312  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:04:01.0031 0312  mouhid - ok

18:04:01.0046 0312  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

18:04:01.0171 0312  MountMgr - ok

18:04:01.0187 0312  mraid35x - ok

18:04:01.0218 0312  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:04:01.0359 0312  MRxDAV - ok

18:04:01.0421 0312  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:04:01.0531 0312  MRxSmb - ok

18:04:01.0593 0312  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

18:04:01.0734 0312  MSDTC - ok

18:04:01.0765 0312  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

18:04:01.0890 0312  Msfs - ok

18:04:01.0906 0312  MSIServer - ok

18:04:01.0937 0312  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:04:02.0046 0312  MSKSSRV - ok

18:04:02.0109 0312  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:04:02.0265 0312  MSPCLOCK - ok

18:04:02.0296 0312  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

18:04:02.0437 0312  MSPQM - ok

18:04:02.0468 0312  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:04:02.0609 0312  mssmbios - ok

18:04:02.0671 0312  MSSQL$INVENTORCONTENT - ok

18:04:02.0781 0312  [ CB7524C21727404BD3140DCA32DEB7DE ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe

18:04:02.0828 0312  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning

18:04:02.0828 0312  MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)

18:04:02.0890 0312  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

18:04:02.0984 0312  Mup - ok

18:04:03.0078 0312  [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360            C:\Programme\Norton 360\Engine\5.2.2.3\ccSvcHst.exe

18:04:03.0125 0312  N360 - ok

18:04:03.0187 0312  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll

18:04:03.0437 0312  napagent - ok

18:04:03.0546 0312  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130207.025\NAVENG.SYS

18:04:03.0562 0312  NAVENG - ok

18:04:03.0687 0312  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130207.025\NAVEX15.SYS

18:04:03.0796 0312  NAVEX15 - ok

18:04:03.0859 0312  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

18:04:04.0109 0312  NDIS - ok

18:04:04.0187 0312  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:04:04.0375 0312  NdisTapi - ok

18:04:04.0468 0312  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:04:04.0625 0312  Ndisuio - ok

18:04:04.0671 0312  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:04:04.0843 0312  NdisWan - ok

18:04:04.0921 0312  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

18:04:05.0765 0312  NDProxy - ok

18:04:05.0859 0312  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

18:04:06.0093 0312  NetBIOS - ok

18:04:06.0140 0312  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

18:04:06.0328 0312  NetBT - ok

18:04:06.0375 0312  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe

18:04:06.0625 0312  NetDDE - ok

18:04:06.0625 0312  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

18:04:06.0750 0312  NetDDEdsdm - ok

18:04:06.0796 0312  [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio        C:\WINDOWS\system32\DRIVERS\netdevio.sys

18:04:06.0828 0312  Netdevio ( UnsignedFile.Multi.Generic ) - warning

18:04:06.0828 0312  Netdevio - detected UnsignedFile.Multi.Generic (1)

18:04:06.0875 0312  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe

18:04:06.0984 0312  Netlogon - ok

18:04:07.0015 0312  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll

18:04:07.0187 0312  Netman - ok

18:04:07.0250 0312  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

18:04:07.0265 0312  NetTcpPortSharing - ok

18:04:07.0296 0312  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

18:04:07.0437 0312  NIC1394 - ok

18:04:07.0484 0312  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll

18:04:07.0515 0312  Nla - ok

18:04:07.0578 0312  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

18:04:07.0703 0312  Npfs - ok

18:04:07.0765 0312  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

18:04:07.0953 0312  Ntfs - ok

18:04:08.0000 0312  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

18:04:08.0109 0312  NtLmSsp - ok

18:04:08.0187 0312  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

18:04:08.0375 0312  NtmsSvc - ok

18:04:08.0421 0312  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

18:04:08.0562 0312  Null - ok

18:04:08.0765 0312  [ E955C80EEB77E809263B9C4443A1D188 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:04:09.0156 0312  nv - ok

18:04:09.0250 0312  [ 5ECB80F1A9E530AEE7574DCAC7068796 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe

18:04:09.0296 0312  NVSvc - ok

18:04:09.0343 0312  [ C34A6A72DEC2C317D67355DC18F87090 ] NWCWorkstation  C:\WINDOWS\System32\nwwks.dll

18:04:09.0484 0312  NWCWorkstation - ok

18:04:09.0500 0312  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:04:09.0625 0312  NwlnkFlt - ok

18:04:09.0656 0312  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:04:09.0796 0312  NwlnkFwd - ok

18:04:09.0828 0312  [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx        C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys

18:04:09.0968 0312  NwlnkIpx - ok

18:04:10.0015 0312  [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb         C:\WINDOWS\system32\DRIVERS\nwlnknb.sys

18:04:10.0156 0312  NwlnkNb - ok

18:04:10.0203 0312  [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx        C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys

18:04:10.0390 0312  NwlnkSpx - ok

18:04:10.0437 0312  [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR           C:\WINDOWS\system32\DRIVERS\nwrdr.sys

18:04:10.0578 0312  NWRDR - ok

18:04:10.0609 0312  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

18:04:10.0734 0312  ohci1394 - ok

18:04:10.0796 0312  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE

18:04:10.0843 0312  ose - ok

18:04:10.0906 0312  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys

18:04:11.0031 0312  Parport - ok

18:04:11.0046 0312  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

18:04:11.0187 0312  PartMgr - ok

18:04:11.0218 0312  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

18:04:11.0375 0312  ParVdm - ok

18:04:11.0375 0312  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

18:04:11.0546 0312  PCI - ok

18:04:11.0562 0312  PCIDump - ok

18:04:11.0578 0312  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

18:04:11.0703 0312  PCIIde - ok

18:04:11.0796 0312  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys

18:04:11.0968 0312  Pcmcia - ok

18:04:11.0968 0312  PDCOMP - ok

18:04:11.0984 0312  PDFRAME - ok

18:04:11.0984 0312  PDRELI - ok

18:04:12.0000 0312  PDRFRAME - ok

18:04:12.0000 0312  perc2 - ok

18:04:12.0015 0312  perc2hib - ok

18:04:12.0046 0312  [ 444F122E68DB44C0589227781F3C8B3F ] Pfc             C:\WINDOWS\system32\drivers\pfc.sys

18:04:12.0078 0312  Pfc ( UnsignedFile.Multi.Generic ) - warning

18:04:12.0078 0312  Pfc - detected UnsignedFile.Multi.Generic (1)

18:04:12.0109 0312  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe

18:04:12.0140 0312  PlugPlay - ok

18:04:12.0171 0312  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

18:04:12.0281 0312  PolicyAgent - ok

18:04:12.0296 0312  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:04:12.0421 0312  PptpMiniport - ok

18:04:12.0421 0312  PRAGMApipyycwkid - ok

18:04:12.0437 0312  PRAGMApipyycwkid - ok

18:04:12.0468 0312  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:04:12.0578 0312  ProtectedStorage - ok

18:04:12.0625 0312  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

18:04:12.0781 0312  PSched - ok

18:04:12.0812 0312  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:04:12.0984 0312  Ptilink - ok

18:04:13.0031 0312  [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:04:13.0062 0312  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

18:04:13.0062 0312  PxHelp20 - detected UnsignedFile.Multi.Generic (1)

18:04:13.0093 0312  [ 7DC7ACA4E775E9D823F5773A2F47A2AC ] qkbfiltr        C:\WINDOWS\system32\drivers\qkbfiltr.sys

18:04:13.0109 0312  qkbfiltr ( UnsignedFile.Multi.Generic ) - warning

18:04:13.0109 0312  qkbfiltr - detected UnsignedFile.Multi.Generic (1)

18:04:13.0125 0312  ql1080 - ok

18:04:13.0125 0312  Ql10wnt - ok

18:04:13.0140 0312  ql12160 - ok

18:04:13.0140 0312  ql1240 - ok

18:04:13.0156 0312  ql1280 - ok

18:04:13.0187 0312  [ 8652B9E134C3478BE948BF089DF8ED5E ] qmofiltr        C:\WINDOWS\system32\drivers\qmofiltr.sys

18:04:13.0203 0312  qmofiltr ( UnsignedFile.Multi.Generic ) - warning

18:04:13.0203 0312  qmofiltr - detected UnsignedFile.Multi.Generic (1)

18:04:13.0234 0312  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:04:13.0375 0312  RasAcd - ok

18:04:13.0437 0312  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

18:04:13.0578 0312  RasAuto - ok

18:04:13.0593 0312  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:04:13.0718 0312  Rasl2tp - ok

18:04:13.0812 0312  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll

18:04:13.0968 0312  RasMan - ok

18:04:13.0984 0312  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:04:14.0109 0312  RasPppoe - ok

18:04:14.0171 0312  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

18:04:14.0375 0312  Raspti - ok

18:04:14.0484 0312  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:04:14.0656 0312  Rdbss - ok

18:04:14.0671 0312  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:04:14.0843 0312  RDPCDD - ok

18:04:14.0890 0312  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:04:15.0062 0312  rdpdr - ok

18:04:15.0125 0312  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

18:04:15.0281 0312  RDPWD - ok

18:04:15.0312 0312  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

18:04:15.0437 0312  RDSessMgr - ok

18:04:15.0468 0312  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

18:04:15.0625 0312  redbook - ok

18:04:15.0656 0312  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

18:04:15.0812 0312  RemoteAccess - ok

18:04:15.0875 0312  [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

18:04:16.0187 0312  RemoteRegistry - ok

18:04:16.0203 0312  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe

18:04:16.0343 0312  RpcLocator - ok

18:04:16.0390 0312  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll

18:04:16.0500 0312  RpcSs - ok

18:04:16.0546 0312  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe

18:04:16.0671 0312  RSVP - ok

18:04:16.0703 0312  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe

18:04:16.0828 0312  SamSs - ok

18:04:16.0843 0312  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

18:04:16.0984 0312  SCardSvr - ok

18:04:17.0015 0312  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll

18:04:17.0140 0312  Schedule - ok

18:04:17.0203 0312  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys

18:04:17.0328 0312  sdbus - ok

18:04:17.0375 0312  [ 59A9EB4073A39895AF314780D0A032FA ] SE27bus         C:\WINDOWS\system32\DRIVERS\SE27bus.sys

18:04:17.0421 0312  SE27bus ( UnsignedFile.Multi.Generic ) - warning

18:04:17.0421 0312  SE27bus - detected UnsignedFile.Multi.Generic (1)

18:04:17.0468 0312  [ D53E7E53107D1796825540129F8FE89F ] SE27mdfl        C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys

18:04:17.0515 0312  SE27mdfl ( UnsignedFile.Multi.Generic ) - warning

18:04:17.0515 0312  SE27mdfl - detected UnsignedFile.Multi.Generic (1)

18:04:17.0578 0312  [ 2AFA2F65A6E91DA5B5070E734769827E ] SE27mdm         C:\WINDOWS\system32\DRIVERS\SE27mdm.sys

18:04:17.0625 0312  SE27mdm ( UnsignedFile.Multi.Generic ) - warning

18:04:17.0625 0312  SE27mdm - detected UnsignedFile.Multi.Generic (1)

18:04:17.0656 0312  [ 5A33A8D7B44C7BD8ABE248B4DCD1FF3C ] SE27mgmt        C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys

18:04:17.0656 0312  SE27mgmt ( UnsignedFile.Multi.Generic ) - warning

18:04:17.0656 0312  SE27mgmt - detected UnsignedFile.Multi.Generic (1)

18:04:17.0687 0312  [ BB30139683BBF3EE89EC931393D9335C ] se27nd5         C:\WINDOWS\system32\DRIVERS\se27nd5.sys

18:04:17.0765 0312  se27nd5 ( UnsignedFile.Multi.Generic ) - warning

18:04:17.0765 0312  se27nd5 - detected UnsignedFile.Multi.Generic (1)

18:04:17.0781 0312  [ 5DA6FF71E94B9134DDD094EBB09F05E6 ] SE27obex        C:\WINDOWS\system32\DRIVERS\SE27obex.sys

18:04:17.0812 0312  SE27obex ( UnsignedFile.Multi.Generic ) - warning

18:04:17.0812 0312  SE27obex - detected UnsignedFile.Multi.Generic (1)

18:04:17.0859 0312  [ 4D54A9D7C22157AB3D2442E8BCF5ECD2 ] se27unic        C:\WINDOWS\system32\DRIVERS\se27unic.sys

18:04:17.0890 0312  se27unic ( UnsignedFile.Multi.Generic ) - warning

18:04:17.0890 0312  se27unic - detected UnsignedFile.Multi.Generic (1)

18:04:17.0921 0312  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:04:18.0078 0312  Secdrv - ok

18:04:18.0125 0312  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll

18:04:18.0250 0312  seclogon - ok

18:04:18.0281 0312  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll

18:04:18.0484 0312  SENS - ok

18:04:18.0531 0312  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\drivers\Serial.sys

18:04:18.0687 0312  Serial - ok

18:04:18.0703 0312  serviceIEConfig - ok

18:04:18.0812 0312  [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys

18:04:18.0937 0312  sffdisk - ok

18:04:18.0968 0312  [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys

18:04:19.0109 0312  sffp_sd - ok

18:04:19.0156 0312  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

18:04:19.0328 0312  Sfloppy - ok

18:04:19.0406 0312  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

18:04:19.0578 0312  SharedAccess - ok

18:04:19.0625 0312  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:04:19.0656 0312  ShellHWDetection - ok

18:04:19.0671 0312  Simbad - ok

18:04:19.0718 0312  [ 6C7F2B518F8A7ABE1C145F26AA48C633 ] SMCB000         C:\WINDOWS\system32\DRIVERS\hidsmsc.sys

18:04:19.0781 0312  SMCB000 - ok

18:04:19.0828 0312  Sparrow - ok

18:04:19.0843 0312  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

18:04:19.0968 0312  splitter - ok

18:04:20.0031 0312  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

18:04:20.0078 0312  Spooler - ok

18:04:20.0109 0312  SQLAgent$INVENTORCONTENT - ok

18:04:20.0156 0312  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

18:04:20.0312 0312  sr - ok

18:04:20.0375 0312  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll

18:04:20.0562 0312  srservice - ok

18:04:20.0765 0312  [ 83726CF02ECED69138948083E06B6EAC ] SRTSP           C:\WINDOWS\System32\Drivers\N360\0502020.003\SRTSP.SYS

18:04:20.0812 0312  SRTSP - ok

18:04:20.0859 0312  [ 4E7EAB2E5615D39CF1F1DF9C71E5E225 ] SRTSPX          C:\WINDOWS\system32\drivers\N360\0502020.003\SRTSPX.SYS

18:04:20.0859 0312  SRTSPX - ok

18:04:20.0937 0312  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

18:04:21.0046 0312  Srv - ok

18:04:21.0093 0312  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

18:04:21.0250 0312  SSDPSRV - ok

18:04:21.0312 0312  [ EA8925B4FF94B307D9A9B20FD664D543 ] SSHDRV5C        C:\WINDOWS\system32\drivers\SSHDRV5C.sys

18:04:21.0328 0312  SSHDRV5C ( UnsignedFile.Multi.Generic ) - warning

18:04:21.0328 0312  SSHDRV5C - detected UnsignedFile.Multi.Generic (1)

18:04:21.0406 0312  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

18:04:21.0515 0312  stisvc - ok

18:04:21.0546 0312  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

18:04:21.0687 0312  swenum - ok

18:04:21.0734 0312  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

18:04:21.0859 0312  swmidi - ok

18:04:21.0875 0312  SwPrv - ok

18:04:21.0875 0312  symc810 - ok

18:04:21.0890 0312  symc8xx - ok

18:04:21.0953 0312  [ 9BBEB8C6258E72D62E7560E6667AAD39 ] SymDS           C:\WINDOWS\system32\drivers\N360\0502020.003\SYMDS.SYS

18:04:21.0968 0312  SymDS - ok

18:04:22.0031 0312  [ D5C02629C02A820A7E71BCA3D44294A3 ] SymEFA          C:\WINDOWS\system32\drivers\N360\0502020.003\SYMEFA.SYS

18:04:22.0093 0312  SymEFA - ok

18:04:22.0140 0312  [ AB33C3B196197CA467CBDDA717860DBA ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

18:04:22.0156 0312  SymEvent - ok

18:04:22.0156 0312  SYMFW - ok

18:04:22.0171 0312  SYMIDS - ok

18:04:22.0203 0312  [ A73399804D5D4A8B20BA60FCF70C9F1F ] SymIRON         C:\WINDOWS\system32\drivers\N360\0502020.003\Ironx86.SYS

18:04:22.0218 0312  SymIRON - ok

18:04:22.0234 0312  SYMNDIS - ok

18:04:22.0281 0312  [ 336CACE58F0359D5CBB1AE6B8A2FB205 ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\0502020.003\SYMTDI.SYS

18:04:22.0328 0312  SYMTDI - ok

18:04:22.0343 0312  sym_hi - ok

18:04:22.0343 0312  sym_u3 - ok

18:04:22.0406 0312  [ A6CC8C28D5AAD4179EF32F05BED55E91 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys

18:04:22.0562 0312  SynTP - ok

18:04:22.0593 0312  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

18:04:22.0734 0312  sysaudio - ok

18:04:22.0765 0312  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

18:04:22.0921 0312  SysmonLog - ok

18:04:22.0984 0312  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

18:04:23.0125 0312  TapiSrv - ok

18:04:23.0203 0312  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:04:23.0281 0312  Tcpip - ok

18:04:23.0328 0312  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

18:04:23.0484 0312  TDPIPE - ok

18:04:23.0515 0312  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

18:04:23.0625 0312  TDTCP - ok

18:04:23.0656 0312  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

18:04:23.0781 0312  TermDD - ok

18:04:23.0859 0312  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll

18:04:24.0000 0312  TermService - ok

18:04:24.0015 0312  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll

18:04:24.0031 0312  Themes - ok

18:04:24.0093 0312  [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21          C:\WINDOWS\system32\drivers\tifm21.sys

18:04:24.0140 0312  tifm21 - ok

18:04:24.0187 0312  [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

18:04:24.0328 0312  TlntSvr - ok

18:04:24.0328 0312  TosIde - ok

18:04:24.0359 0312  [ CC069342EE0EAE55B32A0AE99CF6185C ] tosrfec         C:\WINDOWS\system32\DRIVERS\tosrfec.sys

18:04:24.0359 0312  tosrfec ( UnsignedFile.Multi.Generic ) - warning

18:04:24.0359 0312  tosrfec - detected UnsignedFile.Multi.Generic (1)

18:04:24.0406 0312  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll

18:04:24.0515 0312  TrkWks - ok

18:04:24.0546 0312  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

18:04:24.0687 0312  Udfs - ok

18:04:24.0687 0312  UIUSys - ok

18:04:24.0703 0312  ultra - ok

18:04:24.0781 0312  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

18:04:24.0937 0312  Update - ok

18:04:24.0984 0312  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll

18:04:25.0156 0312  upnphost - ok

18:04:25.0203 0312  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe

18:04:25.0343 0312  UPS - ok

18:04:25.0375 0312  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:04:25.0515 0312  usbccgp - ok

18:04:25.0531 0312  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:04:25.0671 0312  usbehci - ok

18:04:25.0703 0312  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:04:25.0828 0312  usbhub - ok

18:04:25.0843 0312  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:04:25.0984 0312  usbprint - ok

18:04:26.0000 0312  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:04:26.0125 0312  USBSTOR - ok

18:04:26.0156 0312  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:04:26.0281 0312  usbuhci - ok

18:04:26.0328 0312  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

18:04:26.0453 0312  VgaSave - ok

18:04:26.0453 0312  ViaIde - ok

18:04:26.0484 0312  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

18:04:26.0625 0312  VolSnap - ok

18:04:26.0687 0312  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe

18:04:26.0828 0312  VSS - ok

18:04:26.0859 0312  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll

18:04:27.0000 0312  W32Time - ok

18:04:27.0140 0312  [ B1F126E7E28877106D60E6FF3998D033 ] w39n51          C:\WINDOWS\system32\DRIVERS\w39n51.sys

18:04:27.0421 0312  w39n51 - ok

18:04:27.0515 0312  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:04:27.0656 0312  Wanarp - ok

18:04:27.0656 0312  WDICA - ok

18:04:27.0703 0312  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

18:04:27.0843 0312  wdmaud - ok

18:04:27.0921 0312  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll

18:04:28.0046 0312  WebClient - ok

18:04:28.0109 0312  [ E0A00B06EA067C84E124B407DFFA1AF1 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

18:04:28.0171 0312  winachsf - ok

18:04:28.0296 0312  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

18:04:28.0437 0312  winmgmt - ok

18:04:28.0484 0312  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

18:04:28.0562 0312  WmdmPmSN - ok

18:04:28.0640 0312  [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi             C:\WINDOWS\System32\advapi32.dll

18:04:28.0765 0312  Wmi - ok

18:04:28.0796 0312  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

18:04:28.0906 0312  WmiAcpi - ok

18:04:28.0937 0312  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:04:29.0078 0312  WmiApSrv - ok

18:04:29.0171 0312  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe

18:04:29.0265 0312  WMPNetworkSvc - ok

18:04:29.0343 0312  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys

18:04:29.0375 0312  WpdUsb - ok

18:04:29.0578 0312  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

18:04:29.0656 0312  WPFFontCache_v0400 - ok

18:04:29.0703 0312  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

18:04:29.0921 0312  wscsvc - ok

18:04:29.0937 0312  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

18:04:30.0078 0312  wuauserv - ok

18:04:30.0156 0312  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:04:30.0359 0312  WudfPf - ok

18:04:30.0421 0312  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

18:04:30.0468 0312  WUDFRd - ok

18:04:30.0562 0312  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

18:04:30.0593 0312  WudfSvc - ok

18:04:30.0671 0312  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

18:04:30.0859 0312  WZCSVC - ok

18:04:30.0906 0312  [ 81E8DA36CE70858898D5EB81E28A47D2 ] X10Hid          C:\WINDOWS\system32\Drivers\x10hid.sys

18:04:30.0953 0312  X10Hid - ok

18:04:31.0015 0312  [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets         C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

18:04:31.0031 0312  x10nets ( UnsignedFile.Multi.Generic ) - warning

18:04:31.0031 0312  x10nets - detected UnsignedFile.Multi.Generic (1)

18:04:31.0109 0312  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

18:04:31.0312 0312  xmlprov - ok

18:04:31.0328 0312  ================ Scan global ===============================

18:04:31.0453 0312  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll

18:04:31.0515 0312  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll

18:04:31.0531 0312  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll

18:04:31.0578 0312  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe

18:04:31.0578 0312  [Global] - ok

18:04:31.0593 0312  ================ Scan MBR ==================================

18:04:31.0609 0312  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

18:04:31.0906 0312  \Device\Harddisk0\DR0 - ok

18:04:31.0921 0312  [ 66D0B28C8B44E531D0C19F436252ABAA ] \Device\Harddisk1\DR3

18:04:32.0218 0312  \Device\Harddisk1\DR3 - ok

18:04:32.0218 0312  ================ Scan VBR ==================================

18:04:32.0218 0312  [ 8FCA8178B401C18B3568F18ECF8CAE18 ] \Device\Harddisk0\DR0\Partition1

18:04:32.0234 0312  \Device\Harddisk0\DR0\Partition1 - ok

18:04:32.0234 0312  [ 11B58DD26267398AC6AAD3867631BF1E ] \Device\Harddisk1\DR3\Partition1

18:04:32.0234 0312  \Device\Harddisk1\DR3\Partition1 - ok

18:04:32.0234 0312  ============================================================

18:04:32.0234 0312  Scan finished

18:04:32.0234 0312  ============================================================

18:04:32.0375 3096  Detected object count: 23

18:04:32.0375 3096  Actual detected object count: 23

18:04:54.0953 3096  Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0953 3096  Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0953 3096  CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0953 3096  CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  HPFECP15 ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  HPFECP15 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  MHN ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  Pfc ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  qkbfiltr ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  qkbfiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  qmofiltr ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  qmofiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0968 3096  SE27bus ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0968 3096  SE27bus ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0984 3096  SE27mdfl ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0984 3096  SE27mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0984 3096  SE27mdm ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0984 3096  SE27mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0984 3096  SE27mgmt ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0984 3096  SE27mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0984 3096  se27nd5 ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0984 3096  se27nd5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0984 3096  SE27obex ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0984 3096  SE27obex ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0984 3096  se27unic ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0984 3096  se27unic ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0984 3096  SSHDRV5C ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0984 3096  SSHDRV5C ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0984 3096  tosrfec ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0984 3096  tosrfec ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:04:54.0984 3096  x10nets ( UnsignedFile.Multi.Generic ) - skipped by user

18:04:54.0984 3096  x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip

Das kam bei tdsskiller raus.

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hier ist die Logfile von Combofix:

Code:

ComboFix 13-02-07.02 - *** 08.02.2013  18:39:42.1.1 - x86

ausgeführt von:: C:\Dokumente und Einstellungen\***\Desktop\ComboFix.exe
 
 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
 
 

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\3953114.pad

C:\Dokumente und Einstellungen\***\4.0

C:\Dokumente und Einstellungen\***\Eigene Dateien\~WRL2346.tmp

C:\Dokumente und Einstellungen\***\Eigene Dateien\~WRL3217.tmp

C:\Dokumente und Einstellungen\***\Eigene Dateien\Internet Explorer.lnk

C:\Programme\NIS071020GE.exe

C:\WINDOWS\dasetup.log

C:\WINDOWS\EventSystem.log

C:\WINDOWS\IsUn0407.exe

C:\WINDOWS\system32\PRAGMAerrors.log

C:\WINDOWS\system32\URTTemp

C:\WINDOWS\system32\URTTemp\fusion.dll

C:\WINDOWS\system32\URTTemp\mscoree.dll

C:\WINDOWS\system32\URTTemp\mscoree.dll.local

C:\WINDOWS\system32\URTTemp\mscorsn.dll

C:\WINDOWS\system32\URTTemp\mscorwks.dll

C:\WINDOWS\system32\URTTemp\msvcr71.dll

C:\WINDOWS\system32\URTTemp\regtlib.exe

C:\WINDOWS\wininit.ini
 
 

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.
 

-------\Legacy_PRAGMApipyycwkid

-------\Service_PRAGMApipyycwkid
 
 

(((((((((((((((((((((((   Dateien erstellt von 2013-01-09 bis 2013-02-09  ))))))))))))))))))))))))))))))
 
 

2013-02-08 22:15:34 . 2011-07-13 02:55:05        2237440        ----a-r-        C:\OTLPE.exe

2013-02-08 22:15:30 . 2013-02-08 16:24:36        --------        d-----w-        C:\_OTL

2013-01-25 16:08:46 . 2013-01-25 16:08:46        --------        d-----w-        C:\Dokumente und Einstellungen\Reith\Anwendungsdaten\TeamViewer

.
 
 

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
 

2013-02-08 16:26:07 . 2012-04-12 07:21:23        697712        ----a-w-        C:\WINDOWS\system32\FlashPlayerApp.exe

2013-02-08 16:26:06 . 2011-05-21 11:04:48        74096        ----a-w-        C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

2013-02-08 09:12:58 . 2012-09-29 12:26:57        40776        ----a-w-        C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2012-12-16 12:23:59 . 2006-03-17 11:45:17        290560        ----a-w-        C:\WINDOWS\system32\atmfd.dll

2012-11-13 11:55:38 . 2006-03-17 11:45:48        1866496        ----a-w-        C:\WINDOWS\system32\win32k.sys

2011-10-28 14:31:40 . 2011-10-28 14:31:34        2063321        ----a-w-        C:\Programme\ablerawer_1.4.exe

2007-04-08 10:40:52 . 2007-04-08 10:40:45        6615712        ----a-w-        C:\Programme\FirefoxGoogleToolbarSetup.exe

2007-03-30 07:25:31 . 2007-03-30 07:25:15        14993976        ----a-w-        C:\Programme\GoogleEarthWin_EARE.exe

2012-03-13 15:50:10 . 2011-07-03 10:23:17        134104        ----a-w-        C:\Programme\mozilla firefox\components\browsercomps.dll

2009-03-31 20:47:26 . 2008-07-21 14:34:31        324976        ----a-w-        C:\Programme\mozilla firefox\components\coFFPlgn.dll
 
 

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.
 

[7] 2008-04-13 18:40:30 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[7] 2008-04-13 18:40:30 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\drivers\atapi.sys

[7] 2004-08-10 13:00:00 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[7] 2004-08-03 21:59:44 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 

[7] 2008-04-13 18:57:27 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\asyncmac.sys

[7] 2008-04-13 18:57:27 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\asyncmac.sys

[-] 2004-08-10 13:00:00 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\asyncmac.sys
 

[7] 2004-08-10 13:00:00 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\drivers\beep.sys
 

[7] 2008-04-14 01:58:36 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys

[7] 2008-04-14 01:58:36 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\drivers\kbdclass.sys

[7] 2004-08-10 13:00:00 . B128FC0A5CD83F669D5DE4B58F77C7D6 . 25216 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys
 

[7] 2008-04-13 19:20:37 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\ndis.sys

[7] 2008-04-13 19:20:37 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\ndis.sys

[-] 2004-08-10 13:00:00 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
 

[7] 2008-04-13 19:15:53 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\ntfs.sys

[7] 2008-04-13 19:15:53 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\drivers\ntfs.sys

[-] 2007-02-09 11:23:36 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081 (xpsp_sp2_qfe.070209-0034)] . . C:\WINDOWS\$hf_mig$\KB930916\SP2QFE\ntfs.sys

[-] 2007-02-09 11:10:35 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081 (xpsp_sp2_gdr.070209-0028)] . . C:\WINDOWS\$NtServicePackUninstall$\ntfs.sys

[-] 2004-08-10 13:00:00 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB930916$\ntfs.sys
 

[7] 2004-08-10 13:00:00 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\drivers\null.sys
 

[7] 2008-06-20 11:59:02 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

[7] 2008-06-20 11:59:02 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

[7] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys

[7] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\dllcache\tcpip.sys

[7] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\drivers\tcpip.sys

[7] 2008-06-20 10:45:13 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)] . . C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

[7] 2008-06-20 10:44:42 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394 (xpsp_sp2_qfe.080620-1259)] . . C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys

[7] 2008-04-13 19:20:16 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys

[7] 2008-04-13 19:20:16 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\tcpip.sys

[-] 2007-10-30 17:20:55 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244 (xpsp_sp2_gdr.071030-1259)] . . C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys

[-] 2007-10-30 16:53:32 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244 (xpsp_sp2_qfe.071030-1255)] . . C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys

[-] 2006-04-20 12:18:35 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892 (xpsp.060420-0256)] . . C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

[-] 2006-04-20 11:51:50 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892 (xpsp_sp2_gdr.060420-0254)] . . C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys

[-] 2005-05-25 19:07:12 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685 (xpsp.050525-1029)] . . C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys

[-] 2005-05-25 19:04:02 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685 (xpsp_sp2_gdr.050525-1028)] . . C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys

[-] 2004-08-10 13:00:00 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
 

[7] 2012-07-06 13:59:07 . B71549F23736ADF83A571061C47777FD . 78336 . . [5.1.2600.6260 (xpsp_sp3_gdr.120706-1619)] . . C:\WINDOWS\system32\browser.dll

[7] 2012-07-06 13:59:07 . B71549F23736ADF83A571061C47777FD . 78336 . . [5.1.2600.6260 (xpsp_sp3_gdr.120706-1619)] . . C:\WINDOWS\system32\dllcache\browser.dll

[7] 2012-07-06 13:58:27 . B2CC8D85D27BF10C5FAF5B98C335978E . 78336 . . [5.1.2600.6260 (xpsp_sp3_qfe.120706-1617)] . . C:\WINDOWS\$hf_mig$\KB2705219\SP3QFE\browser.dll

[7] 2008-04-14 02:22:07 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\$NtUninstallKB2705219$\browser.dll

[7] 2008-04-14 02:22:07 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\browser.dll

[-] 2004-08-10 13:00:00 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\browser.dll
 

[7] 2008-04-14 02:22:51 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\lsass.exe

[7] 2008-04-14 02:22:51 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\lsass.exe

[-] 2004-08-10 13:00:00 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
 

[7] 2008-04-14 02:22:19 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\netman.dll

[7] 2008-04-14 02:22:19 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\netman.dll

[-] 2005-08-22 18:31:48 . 1E5218FBE323C375B488318950E10FB4 . 197632 . . [5.1.2600.2743 (xpsp_sp2_gdr.050819-1525)] . . C:\WINDOWS\$NtServicePackUninstall$\netman.dll

[-] 2005-08-22 18:24:55 . 19D9B6B139F09A72AE71758BDF28308E . 197632 . . [5.1.2600.2743 (xpsp.050819-1528)] . . C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll

[-] 2004-08-10 13:00:00 . CDF4DA6B518105343FE9E8AFBBF8FBF4 . 198144 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB905414$\netman.dll
 

[7] 2008-04-14 02:22:08 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . C:\WINDOWS\ServicePackFiles\i386\comres.dll

[7] 2008-04-14 02:22:08 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . C:\WINDOWS\system32\comres.dll

[-] 2004-08-10 13:00:00 . 4B9D9E2708019763C5A72DA776DB1158 . 846848 . . [2001.12.4414.258] . . C:\WINDOWS\$NtServicePackUninstall$\comres.dll
 

[7] 2008-04-14 02:22:23 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\ServicePackFiles\i386\qmgr.dll

[7] 2008-04-14 02:22:23 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\qmgr.dll

[7] 2008-04-14 02:22:23 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\bits\qmgr.dll

[-] 2004-08-10 13:00:00 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll
 

[7] 2009-02-09 10:54:50 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll

[7] 2009-02-09 10:51:45 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\rpcss.dll

[7] 2009-02-09 10:51:45 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\dllcache\rpcss.dll

[7] 2008-04-14 02:22:23 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll

[7] 2008-04-14 02:22:23 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\ServicePackFiles\i386\rpcss.dll

[-] 2005-07-26 04:29:19 . DBA9F9C00A7A2B45EB8E451C2B6D10E9 . 398336 . . [5.1.2600.2726 (xpsp.050725-1531)] . . C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll

[-] 2005-04-28 19:35:39 . 434A27912D53BF3FB6C1CE37BAFA5CF6 . 396288 . . [5.1.2600.2665 (xpsp.050427-1553)] . . C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll

[-] 2005-04-28 19:35:39 . 434A27912D53BF3FB6C1CE37BAFA5CF6 . 396288 . . [5.1.2600.2665 (xpsp.050427-1553)] . . C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll

[-] 2005-04-28 19:31:44 . A9219270CA2E5DDB52828E7AB7268B82 . 395776 . . [5.1.2600.2665 (xpsp_sp2_gdr.050427-1553)] . . C:\WINDOWS\$NtUninstallKB894391$\rpcss.dll

[-] 2005-01-14 08:57:03 . C4E4A6514DC7AA4981B09E1A55B3EE56 . 395776 . . [5.1.2600.2595 (xpsp_sp2_gdr.041130-1729)] . . C:\WINDOWS\$NtUninstallKB894391_0$\rpcss.dll

[-] 2005-01-14 05:08:03 . 64F7E6B27B790365A910ECE21134A680 . 395776 . . [5.1.2600.2595 (xpsp.041130-1728)] . . C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\rpcss.dll

[-] 2004-08-10 13:00:00 . 9F28FF58D6D67B123272869D89D14004 . 395776 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB873333$\rpcss.dll
 

[7] 2009-02-09 11:21:35 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\services.exe

[7] 2009-02-09 11:21:35 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\dllcache\services.exe

[7] 2009-02-09 11:14:22 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe

[7] 2008-04-14 02:22:59 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\$NtUninstallKB956572$\services.exe

[7] 2008-04-14 02:22:59 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\services.exe

[-] 2004-08-10 13:00:00 . EDB6B81761BD60F32F740BBC40AFB676 . 108544 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\services.exe
 

[7] 2010-08-17 13:19:36 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024 (xpsp_sp3_qfe.100817-1627)] . . C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe

[7] 2010-08-17 13:17:06 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)] . . C:\WINDOWS\system32\spoolsv.exe

[7] 2010-08-17 13:17:06 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)] . . C:\WINDOWS\system32\dllcache\spoolsv.exe

[7] 2008-04-14 02:23:02 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe

[7] 2008-04-14 02:23:02 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe

[-] 2005-06-11 00:17:13 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696 (xpsp.050610-1527)] . . C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

[-] 2005-06-10 23:53:32 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] . . C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe

[-] 2004-08-10 13:00:00 . 54E7113A4BD696E430919BCAF5C65E06 . 57856 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
 

[7] 2008-04-14 02:23:05 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[7] 2008-04-14 02:23:05 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\winlogon.exe

[-] 2004-08-10 13:00:00 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
 

[7] 2012-06-02 13:19:34 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256 (winmain_wtr_wsus3sp2(oobla).120602-1459)] . . C:\WINDOWS\system32\wuauclt.exe

[7] 2012-06-02 13:19:34 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256 (winmain_wtr_wsus3sp2(oobla).120602-1459)] . . C:\WINDOWS\system32\dllcache\wuauclt.exe

[7] 2008-04-14 02:23:06 . 65E60C18DDB0215C201FF75E32D564C8 . 111616 . . [5.4.3790.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe
 

[7] 2008-04-13 19:19:42 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\ipsec.sys

[7] 2008-04-13 19:19:42 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\ipsec.sys

[-] 2004-08-10 13:00:00 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys
 

[7] 2010-08-23 16:11:49 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82 (xpsp_sp3_qfe.100823-1643)] . . C:\WINDOWS\system32\comctl32.dll

[7] 2010-08-23 16:11:49 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82 (xpsp_sp3_qfe.100823-1643)] . . C:\WINDOWS\system32\dllcache\comctl32.dll

[7] 2010-08-23 16:11:46 . 2B6ADE29F8D00EEFA5FA2250CBE094AD . 1054208 . . [6.0 (xpsp_sp3_qfe.100823-1643)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

[7] 2008-04-14 02:22:08 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82 (xpsp.080413-2105)] . . C:\WINDOWS\$NtUninstallKB2296011$\comctl32.dll

[7] 2008-04-14 02:22:08 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\comctl32.dll

[7] 2008-04-14 02:20:11 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0 (xpsp.080413-2105)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

[-] 2006-08-25 15:46:47 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82 (xpsp.060825-0040)] . . C:\WINDOWS\$NtServicePackUninstall$\comctl32.dll

[-] 2006-08-25 15:46:44 . F64451D07B9368B46AB31172D56D1804 . 1054208 . . [6.0 (xpsp.060825-0040)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

[-] 2004-08-10 13:00:00 . 2CF914215226B3F7FA1AE4A47E4D261C . 611328 . . [5.82 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB923191$\comctl32.dll

[7] 2004-08-10 13:00:00 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0 (xpclient.010817-1148)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

[-] 2004-08-10 13:00:00 . 9D0F57B9C65BF8A07DB655A9ED6EB2EE . 1050624 . . [6.0 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
 

[7] 2008-04-14 02:22:08 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll

[7] 2008-04-14 02:22:08 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\cryptsvc.dll

[-] 2004-08-10 13:00:00 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
 

[7] 2008-07-07 20:26:58 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll

[7] 2008-07-07 20:26:58 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\system32\es.dll

[7] 2008-07-07 20:26:58 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\system32\dllcache\es.dll

[7] 2008-07-07 20:23:19 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll

[7] 2008-07-07 20:16:43 . 3912BEF896D1D687B6053409E5F5F2A6 . 253952 . . [2001.12.4414.320] . . C:\WINDOWS\$NtServicePackUninstall$\es.dll

[7] 2008-04-14 02:22:10 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . C:\WINDOWS\$NtUninstallKB950974$\es.dll

[7] 2008-04-14 02:22:10 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . C:\WINDOWS\ServicePackFiles\i386\es.dll

[-] 2005-07-26 04:29:04 . 0D0F85237E32538F58278D673032676A . 243200 . . [2001.12.4414.308] . . C:\WINDOWS\$NtUninstallKB950974_0$\es.dll

[-] 2005-03-09 17:20:30 . 7C2BB552922CBCF2C05C689CA8122CD6 . 243200 . . [2001.12.4414.301] . . C:\WINDOWS\$NtUninstallKB902400$\es.dll

[-] 2004-08-10 13:00:00 . 4E1A8645EE77CB9454FFE53C59620A25 . 243200 . . [2001.12.4414.258] . . C:\WINDOWS\$NtUninstallKB895200$\es.dll
 

[7] 2008-04-14 02:22:12 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\imm32.dll

[7] 2008-04-14 02:22:12 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\imm32.dll

[-] 2004-08-10 13:00:00 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\imm32.dll
 

[7] 2012-10-03 04:58:00 . 8214D49147FBB2CD5CF896CBE021D339 . 1063936 . . [5.1.2600.6293 (xpsp_sp3_gdr.121001-1622)] . . C:\WINDOWS\system32\kernel32.dll

[7] 2012-10-03 04:58:00 . 8214D49147FBB2CD5CF896CBE021D339 . 1063936 . . [5.1.2600.6293 (xpsp_sp3_gdr.121001-1622)] . . C:\WINDOWS\system32\dllcache\kernel32.dll

[7] 2012-10-03 04:57:21 . A9D5CAF09ABD70F1CA28891ECED7B9E4 . 1065472 . . [5.1.2600.6293 (xpsp_sp3_qfe.121001-1624)] . . C:\WINDOWS\$hf_mig$\KB2758857\SP3QFE\kernel32.dll

[7] 2009-03-21 14:06:58 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] . . C:\WINDOWS\$NtUninstallKB2758857$\kernel32.dll

[7] 2009-03-21 13:59:24 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)] . . C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll

[7] 2008-04-14 02:22:13 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll

[7] 2008-04-14 02:22:13 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\kernel32.dll

[-] 2007-04-16 16:09:38 . 5D0974BD58808FACA5D2C437B6FC8D85 . 1059840 . . [5.1.2600.3119 (xpsp_sp2_qfe.070416-1259)] . . C:\WINDOWS\$hf_mig$\KB935839\SP2QFE\kernel32.dll

[-] 2007-04-16 15:53:05 . 8EEA8280A1E0E794EDFCCAD3721C7CAB . 1058304 . . [5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)] . . C:\WINDOWS\$NtServicePackUninstall$\kernel32.dll

[-] 2006-07-05 10:57:19 . 0BEFE0BF274818EC0785B7B842967313 . 1058816 . . [5.1.2600.2945 (xpsp.060704-2357)] . . C:\WINDOWS\$hf_mig$\KB917422\SP2QFE\kernel32.dll

[-] 2006-07-05 10:55:21 . E42795D2E7725D378EE2A4BFA6FE9DB3 . 1057792 . . [5.1.2600.2945 (xpsp_sp2_gdr.060704-2349)] . . C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll

[-] 2004-08-10 13:00:00 . E6CD85D0D37416CF138F01F4BB0FC872 . 1057280 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB917422$\kernel32.dll
 

[7] 2008-04-14 02:22:13 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\linkinfo.dll

[7] 2008-04-14 02:22:13 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\linkinfo.dll

[-] 2005-09-01 01:46:10 . F2AFE60F01040B23207D8EB7DC26EC96 . 19968 . . [5.1.2600.2751 (xpsp.050831-1531)] . . C:\WINDOWS\$hf_mig$\KB900725\SP2QFE\linkinfo.dll

[-] 2005-09-01 01:44:41 . 0E2B88912BF78549D5177A84A3375D52 . 19968 . . [5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)] . . C:\WINDOWS\$NtServicePackUninstall$\linkinfo.dll

[-] 2004-08-10 13:00:00 . 3898FFF548E2968CB3AC5A71D7F4E425 . 18944 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB900725$\linkinfo.dll
 

[7] 2008-04-14 02:22:14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\lpk.dll

[7] 2008-04-14 02:22:14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\lpk.dll

[-] 2004-08-10 13:00:00 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\lpk.dll
 

[7] 2013-01-06 05:33:34 . 736266D91BA396EE6D17F4DA20B35317 . 6009856 . . [8.00.6001.19394 (longhorn_ie8_gdr_escrow.130103-0930)] . . C:\WINDOWS\system32\mshtml.dll

[7] 2013-01-06 05:33:34 . 736266D91BA396EE6D17F4DA20B35317 . 6009856 . . [8.00.6001.19394 (longhorn_ie8_gdr_escrow.130103-0930)] . . C:\WINDOWS\system32\dllcache\mshtml.dll

[7] 2013-01-06 05:32:24 . 7E7AD1122829366ABFFD99282AA5E387 . 6011392 . . [8.00.6001.23462 (longhorn_ie8_ldr_escrow.130103-0945)] . . C:\WINDOWS\$hf_mig$\KB2799329-IE8\SP3QFE\mshtml.dll

[7] 2012-11-13 00:24:16 . 9EE11942F73A9CEB7AF2EC2316488F1E . 6010880 . . [8.00.6001.23461 (longhorn_ie8_ldr.121108-1645)] . . C:\WINDOWS\$hf_mig$\KB2761465-IE8\SP3QFE\mshtml.dll

[7] 2012-11-12 19:55:23 . 8382463AD283ED95C83436988A5467E8 . 6008832 . . [8.00.6001.19393 (longhorn_ie8_gdr.121108-1615)] . . C:\WINDOWS\ie8updates\KB2799329-IE8\mshtml.dll

[7] 2012-08-28 15:05:48 . 685AC6F538B3D4EBE03F19877187B4DF . 6008832 . . [8.00.6001.19328 (longhorn_ie8_gdr.120824-1715)] . . C:\WINDOWS\ie8updates\KB2761465-IE8\mshtml.dll

[7] 2012-08-28 15:04:43 . 871C7E18BC56164496CE97DE5C95E569 . 6010368 . . [8.00.6001.23415 (longhorn_ie8_ldr.120824-1815)] . . C:\WINDOWS\$hf_mig$\KB2744842-IE8\SP3QFE\mshtml.dll

[7] 2012-07-02 17:39:29 . A73EF51CB4D047AC0831D3BDB9036149 . 6008320 . . [8.00.6001.19298 (longhorn_ie8_gdr.120627-1715)] . . C:\WINDOWS\ie8updates\KB2744842-IE8\mshtml.dll

[7] 2012-07-02 17:38:22 . 4D2499E11D9F907ACD817CA76DD78024 . 6010368 . . [8.00.6001.23385 (longhorn_ie8_ldr.120627-1815)] . . C:\WINDOWS\$hf_mig$\KB2722913-IE8\SP3QFE\mshtml.dll

[7] 2012-05-11 14:40:24 . 610AFC1D924512EEB7797ADD9E5F9455 . 6007808 . . [8.00.6001.19258 (longhorn_ie8_gdr.120423-1946)] . . C:\WINDOWS\ie8updates\KB2722913-IE8\mshtml.dll

[7] 2012-05-11 14:39:19 . E3C9C5F75F06CECD02E0BE32E0BE7463 . 6009344 . . [8.00.6001.23345 (longhorn_ie8_ldr.120423-2015)] . . C:\WINDOWS\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll

[7] 2012-03-01 11:00:08 . C34FC3162FE56D908A7285B5983D03FF . 5978624 . . [8.00.6001.19222 (longhorn_ie8_gdr.120227-1715)] . . C:\WINDOWS\ie8updates\KB2699988-IE8\mshtml.dll

[7] 2012-03-01 10:57:59 . AFF12544647103F756962F43BF60C238 . 5980672 . . [8.00.6001.23318 (longhorn_ie8_ldr.120227-1815)] . . C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll

[7] 2011-12-17 19:43:23 . ED2A6223A232E6463E6168A0A7A6EA93 . 5979136 . . [8.00.6001.19190 (longhorn_ie8_gdr.111214-1715)] . . C:\WINDOWS\ie8updates\KB2675157-IE8\mshtml.dll

[7] 2011-12-17 19:42:28 . 384D5CD1286CA3364EE2DAA991CF4726 . 5980160 . . [8.00.6001.23286 (longhorn_ie8_ldr.111214-1815)] . . C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll

[7] 2011-11-04 19:13:35 . 4823271E3A5F3A3D2229EACA01D849F1 . 5978112 . . [8.00.6001.19170 (longhorn_ie8_gdr.111102-1715)] . . C:\WINDOWS\ie8updates\KB2647516-IE8\mshtml.dll

[7] 2011-11-04 19:12:25 . CD31B8FA968485999C4B02802D8C482C . 5978624 . . [8.00.6001.23266 (longhorn_ie8_ldr.111102-1815)] . . C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll

[7] 2011-10-03 08:34:11 . F591C3C571E547DDED6624EB3DCAB7C9 . 5971456 . . [8.00.6001.19154 (longhorn_ie8_gdr.110930-1002)] . . C:\WINDOWS\ie8updates\KB2618444-IE8\mshtml.dll

[7] 2011-10-03 08:33:08 . CC43AB1B8E1C5244B7F354307A3C9A77 . 5972992 . . [8.00.6001.23250 (longhorn_ie8_ldr.110930-1035)] . . C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll

[7] 2011-07-25 15:09:56 . 9316AF4E14DC9C85A86A1A14A675F160 . 5969920 . . [8.00.6001.19120 (longhorn_ie8_gdr.110722-2155)] . . C:\WINDOWS\ie8updates\KB2586448-IE8\mshtml.dll

[7] 2011-07-25 15:08:12 . 1D96C20A4B27E16481C3E774EFC87E09 . 5971456 . . [8.00.6001.23216 (longhorn_ie8_ldr.110722-2225)] . . C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll

[7] 2011-05-30 22:12:59 . 930A3ED33CD772EA8A2C4BB226A81CAF . 5964800 . . [8.00.6001.19088 (longhorn_ie8_gdr.110527-1700)] . . C:\WINDOWS\ie8updates\KB2559049-IE8\mshtml.dll

[7] 2011-05-30 22:11:36 . F439589BF8C2B1B07DAED345CD2F710D . 5967360 . . [8.00.6001.23181 (longhorn_ie8_ldr.110527-1800)] . . C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll

[7] 2011-02-22 23:25:19 . 581142E0B30A2457893EDCF11479BB6C . 5964800 . . [8.00.6001.23141 (longhorn_ie8_ldr.110216-1756)] . . C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll

[7] 2010-12-20 23:51:52 . BE8A4C7BFF06DC3BCCBCE689FAC751F7 . 5962240 . . [8.00.6001.23111 (longhorn_ie8_ldr.101217-1800)] . . C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll

[7] 2010-11-06 00:23:48 . 40627E7D2717A6DD38337A54FDA03F34 . 5960704 . . [8.00.6001.23091 (longhorn_ie8_ldr.101101-1800)] . . C:\WINDOWS\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll

[7] 2010-11-05 05:04:19 . 2C3E77752C51A46772C0CCF79424F597 . 3097088 . . [6.00.2900.6049 (xpsp_sp3_gdr.101103-1638)] . . C:\WINDOWS\ie8\mshtml.dll

[7] 2010-11-05 05:03:34 . A5EE3A64FD74A664184795292BBC04A1 . 3097600 . . [6.00.2900.6049 (xpsp_sp3_qfe.101103-1636)] . . C:\WINDOWS\$hf_mig$\KB2416400\SP3QFE\mshtml.dll

[7] 2010-09-10 05:46:14 . FC277C347BBAAE912A5B0748B3504483 . 5958656 . . [8.00.6001.23067 (longhorn_ie8_ldr.100907-1730)] . . C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll

[7] 2010-09-09 14:24:26 . 56B6CC1FA73E53AA82A7DA7C6D25C964 . 3095552 . . [6.00.2900.6036 (xpsp_sp3_qfe.100908-2019)] . . C:\WINDOWS\$hf_mig$\KB2360131\SP3QFE\mshtml.dll

[7] 2010-09-09 14:17:08 . 2A83D776FACF39D209343CF5FA64C77A . 3094528 . . [6.00.2900.6036 (xpsp_sp3_gdr.100908-2023)] . . C:\WINDOWS\$NtUninstallKB2416400$\mshtml.dll

[7] 2010-06-24 12:11:29 . C4C8BC6C389840C48B3DF94C6F993779 . 3094528 . . [6.00.2900.6003 (xpsp_sp3_qfe.100623-1636)] . . C:\WINDOWS\$hf_mig$\KB2183461\SP3QFE\mshtml.dll

[7] 2010-06-24 12:10:50 . A04FB9FEE8218806B15549ACFFAA2BFF . 3094016 . . [6.00.2900.6003 (xpsp_sp3_gdr.100623-1635)] . . C:\WINDOWS\$NtUninstallKB2360131$\mshtml.dll

[7] 2010-05-06 10:31:21 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928 (longhorn_ie8_gdr.100503-1700)] . . C:\WINDOWS\ie8updates\KB2530548-IE8\mshtml.dll

[7] 2010-05-06 10:26:55 . A0091E83B21A4C2627D1DD1A64C1B4B9 . 5953024 . . [8.00.6001.23019 (longhorn_ie8_ldr.100503-1800)] . . C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll

[7] 2010-04-16 16:06:42 . 164B4195439F7A0919A6CA7BDEC238AC . 3094016 . . [6.00.2900.5969 (xpsp_sp3_gdr.100416-1716)] . . C:\WINDOWS\$NtUninstallKB2183461$\mshtml.dll

[7] 2010-04-16 16:00:02 . 65E4FEB30D4307C1425F8635EE75200D . 3094528 . . [6.00.2900.5969 (xpsp_sp3_qfe.100416-1736)] . . C:\WINDOWS\$hf_mig$\KB982381\SP3QFE\mshtml.dll

[7] 2010-02-26 05:41:09 . E2CA735504A1D90EC8FAB02858A62996 . 3094016 . . [6.00.2900.5945 (xpsp_sp3_gdr.100225-1251)] . . C:\WINDOWS\$NtUninstallKB982381$\mshtml.dll

[7] 2010-02-26 05:37:54 . A8662879AC1BC243664C7331B8F0E74D . 3094528 . . [6.00.2900.5945 (xpsp_sp3_qfe.100225-1321)] . . C:\WINDOWS\$hf_mig$\KB980182\SP3QFE\mshtml.dll

[7] 2009-12-22 05:07:56 . 25EDB39CE3473A734476100AB8DE6A15 . 3092480 . . [6.00.2900.5921 (xpsp_sp3_gdr.091221-1718)] . . C:\WINDOWS\$NtUninstallKB980182$\mshtml.dll

[7] 2009-12-22 05:05:19 . 55EBD086581CA985DFB63736ED42629E . 3094528 . . [6.00.2900.5921 (xpsp_sp3_qfe.091221-1752)] . . C:\WINDOWS\$hf_mig$\KB978207\SP3QFE\mshtml.dll

[7] 2009-10-29 18:54:34 . D473C3526B86547643858E40FD096422 . 3091968 . . [6.00.2900.5897 (xpsp_sp3_gdr.091028-1650)] . . C:\WINDOWS\$NtUninstallKB978207$\mshtml.dll

[7] 2009-10-29 05:22:18 . 0B59B93A2524462E02EB2084FEA2E9C1 . 3094016 . . [6.00.2900.5897 (xpsp_sp3_qfe.091028-1717)] . . C:\WINDOWS\$hf_mig$\KB976325\SP3QFE\mshtml.dll

[7] 2009-10-19 23:51:39 . 711368E3637EC8F2F04CCA1168324B8C . 3091968 . . [6.00.2900.5890 (xpsp_sp3_gdr.091019-1504)] . . C:\WINDOWS\$NtUninstallKB976325$\mshtml.dll

[7] 2009-10-19 23:44:41 . 4AB194D8CDD5167674FD7E2F1DC1CD00 . 3093504 . . [6.00.2900.5890 (xpsp_sp3_qfe.091019-1531)] . . C:\WINDOWS\$hf_mig$\KB976749\SP3QFE\mshtml.dll

[7] 2009-09-25 05:35:25 . 848FD0FC3725E859C7512047BF447510 . 3091968 . . [6.00.2900.5880 (xpsp_sp3_gdr.090924-1438)] . . C:\WINDOWS\$NtUninstallKB976749$\mshtml.dll

[7] 2009-09-25 05:32:46 . CB479559434C766DCC26D0489BA84EF1 . 3093504 . . [6.00.2900.5880 (xpsp_sp3_qfe.090924-1448)] . . C:\WINDOWS\$hf_mig$\KB974455\SP3QFE\mshtml.dll

[7] 2009-07-18 16:03:12 . 455DE0E849F09CC58CD4B614020B753F . 3090432 . . [6.00.2900.5848 (xpsp_sp3_gdr.090718-1251)] . . C:\WINDOWS\$NtUninstallKB974455$\mshtml.dll

[7] 2009-07-18 15:32:14 . 26FD9945DF52F824888631CE09C77CB0 . 3090944 . . [6.00.2900.5848 (xpsp_sp3_qfe.090718-1313)] . . C:\WINDOWS\$hf_mig$\KB972260\SP3QFE\mshtml.dll

[7] 2009-04-29 04:33:27 . 2AAFE1C8A23843A40D3D5192CC93CC51 . 3089920 . . [6.00.2900.5803 (xpsp_sp3_gdr.090428-1325)] . . C:\WINDOWS\$NtUninstallKB972260$\mshtml.dll

[7] 2009-04-29 04:28:35 . 5D79A59F2AE282734E9A228B33314ACE . 3090432 . . [6.00.2900.5803 (xpsp_sp3_qfe.090428-1347)] . . C:\WINDOWS\$hf_mig$\KB969897\SP3QFE\mshtml.dll

[7] 2009-03-08 02:41:16 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] . . C:\WINDOWS\ie8updates\KB982381-IE8\mshtml.dll

[7] 2009-02-20 08:09:50 . E4160ECABB1F61BFA54A9366B50C3CA8 . 3089408 . . [6.00.2900.5764 (xpsp_sp3_gdr.090219-1240)] . . C:\WINDOWS\$NtUninstallKB969897$\mshtml.dll

[7] 2009-02-20 07:51:27 . 272906D8E5499462A4201C3596031EDF . 3089408 . . [6.00.2900.5764 (xpsp_sp3_qfe.090219-1311)] . . C:\WINDOWS\$hf_mig$\KB963027\SP3QFE\mshtml.dll

[7] 2008-12-12 17:14:50 . D3BC95D72D732C2F05CB24E56EC5D7D3 . 3088896 . . [6.00.2900.5726 (xpsp_sp3_qfe.081212-1451)] . . C:\WINDOWS\$hf_mig$\KB960714\SP3QFE\mshtml.dll

[7] 2008-12-12 17:01:03 . E8002EA2A6DB0FC061D7E6436C9AFF58 . 3088896 . . [6.00.2900.5726 (xpsp_sp3_gdr.081212-1450)] . . C:\WINDOWS\$NtUninstallKB963027$\mshtml.dll

[7] 2008-10-16 05:33:14 . C25684D7A6272BE0ECF749BFD7EF83F9 . 3088896 . . [6.00.2900.5694 (xpsp_sp3_qfe.081015-1409)] . . C:\WINDOWS\$hf_mig$\KB958215\SP3QFE\mshtml.dll

[7] 2008-10-16 01:00:26 . 2F6089996C26EE36DE46A2CC90A9996C . 3088896 . . [6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)] . . C:\WINDOWS\$NtUninstallKB960714$\mshtml.dll

[7] 2008-08-20 05:33:12 . 921840757FDDD0DCF947EBBF5D8C6FE9 . 3088384 . . [6.00.2900.3429 (xpsp_sp2_qfe.080819-1244)] . . C:\WINDOWS\$NtServicePackUninstall$\mshtml.dll

[7] 2008-08-20 05:08:58 . 9F3A80616E64425D2E22DB8C689C98E8 . 3088896 . . [6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] . . C:\WINDOWS\$hf_mig$\KB956390\SP3GDR\mshtml.dll

[7] 2008-08-20 05:08:58 . 9F3A80616E64425D2E22DB8C689C98E8 . 3088896 . . [6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] . . C:\WINDOWS\$NtUninstallKB958215$\mshtml.dll

[7] 2008-08-20 05:06:50 . F10BD57696EF088685D8548AE2A23572 . 3088896 . . [6.00.2900.5659 (xpsp_sp3_qfe.080819-1352)] . . C:\WINDOWS\$hf_mig$\KB956390\SP3QFE\mshtml.dll

[7] 2008-06-25 04:25:06 . F9F693A6E17EC05CDDA3949789710F5D . 3088896 . . [6.00.2900.5626 (xpsp_sp3_qfe.080623-1331)] . . C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\mshtml.dll

[7] 2008-06-23 16:14:28 . 1C95CFF9357A5E39D57F340D0891EA53 . 3088384 . . [6.00.2900.3395 (xpsp_sp2_qfe.080623-1318)] . . C:\WINDOWS\$NtUninstallKB956390_0$\mshtml.dll

[7] 2008-06-23 15:10:11 . 8B13E2409FE52E03A9AF548E20505EDC . 3088384 . . [6.00.2900.5626 (xpsp_sp3_gdr.080623-1315)] . . C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\mshtml.dll

[7] 2008-06-23 15:10:11 . 8B13E2409FE52E03A9AF548E20505EDC . 3088384 . . [6.00.2900.5626 (xpsp_sp3_gdr.080623-1315)] . . C:\WINDOWS\$NtUninstallKB956390$\mshtml.dll

[7] 2008-04-21 06:56:25 . 97F3A3011FEFD8EC231365767B6203D6 . 3087872 . . [6.00.2900.3354 (xpsp_sp2_qfe.080417-1416)] . . C:\WINDOWS\$NtUninstallKB953838_0$\mshtml.dll

[7] 2008-04-21 06:42:36 . 324308768813C0518F677DDD631A94A0 . 3087872 . . [6.00.2900.5583 (xpsp_sp3_gdr.080417-1430)] . . C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\mshtml.dll

[7] 2008-04-21 06:42:36 . 324308768813C0518F677DDD631A94A0 . 3087872 . . [6.00.2900.5583 (xpsp_sp3_gdr.080417-1430)] . . C:\WINDOWS\$NtUninstallKB953838$\mshtml.dll

[7] 2008-04-21 06:24:15 . 031FF37B530D76C23BCC2E21B709DB7F . 3088384 . . [6.00.2900.5583 (xpsp_sp3_qfe.080417-1431)] . . C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\mshtml.dll

[7] 2008-04-14 02:22:16 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\$NtUninstallKB950759$\mshtml.dll

[7] 2008-04-14 02:22:16 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\mshtml.dll

[-] 2008-02-16 09:30:55 . DDAD436E163284C7115F5C5A429A9D6A . 3087872 . . [6.00.2900.3314 (xpsp_sp2_qfe.080215-1242)] . . C:\WINDOWS\$NtUninstallKB950759_0$\mshtml.dll

[-] 2007-12-07 00:46:28 . 35161A288701DCCF7951D9BA647A9F52 . 3087360 . . [6.00.2900.3268 (xpsp_sp2_qfe.071206-1251)] . . C:\WINDOWS\$NtUninstallKB947864$\mshtml.dll

[-] 2007-10-30 09:56:44 . 7E44238B71A821276EEA8D704191D848 . 3086848 . . [6.00.2900.3243 (xpsp_sp2_qfe.071029-1244)] . . C:\WINDOWS\$NtUninstallKB944533$\mshtml.dll

[-] 2007-08-22 12:56:36 . A9AC1654BE9D4081A824DC22CAF63092 . 3085824 . . [6.00.2900.3199 (xpsp_sp2_qfe.070821-1250)] . . C:\WINDOWS\$NtUninstallKB942615$\mshtml.dll

[-] 2007-06-15 08:13:56 . E5F541C10D5331D423AD393C30C1A778 . 3085312 . . [6.00.2900.3157 (xpsp_sp2_qfe.070614-1244)] . . C:\WINDOWS\$NtUninstallKB939653$\mshtml.dll

[-] 2007-05-04 12:59:23 . 8F87BE2AA266298CA99EE74FE3A0C8C6 . 3085312 . . [6.00.2900.3132 (xpsp_sp2_qfe.070504-1301)] . . C:\WINDOWS\$NtUninstallKB937143$\mshtml.dll

[-] 2007-02-19 05:22:00 . F47848CC1F6776FB28C69958DCFADDF8 . 3084288 . . [6.00.2900.3086 (xpsp_sp2_qfe.070218-2342)] . . C:\WINDOWS\$NtUninstallKB933566$\mshtml.dll

[-] 2007-01-04 14:02:06 . 02F001F5EEA6D5C85806D39CA6578E45 . 3083264 . . [6.00.2900.3059 (xpsp_sp2_qfe.070104-0040)] . . C:\WINDOWS\$NtUninstallKB931768$\mshtml.dll

[-] 2006-10-23 15:34:38 . 436E162A6965F7EF0F2A868E1E1A21B2 . 3082240 . . [6.00.2900.3020 (xpsp.061023-0222)] . . C:\WINDOWS\$NtUninstallKB928090$\mshtml.dll

[-] 2006-09-14 08:36:16 . A09E8EEAE6D29E90BC292631528EFCDB . 3079680 . . [6.00.2900.2995 (xpsp.060913-0019)] . . C:\WINDOWS\$NtUninstallKB925454$\mshtml.dll

[-] 2006-07-28 11:30:00 . A395AD5E6C72F198C8E507BC2B27BC6B . 3079168 . . [6.00.2900.2963 (xpsp.060728-0003)] . . C:\WINDOWS\$NtUninstallKB922760$\mshtml.dll

[-] 2006-02-01 02:52:12 . E8526A66802AC6213762D97BD0FA334C . 3035648 . . [6.00.2900.2838 (xpsp.060131-1525)] . . C:\WINDOWS\$NtUninstallKB918899$\mshtml.dll

[-] 2005-07-20 02:05:07 . 2068C163B1FE8BF48FC6174234D0F237 . 3014144 . . [6.00.2900.2722 (xpsp.050719-1521)] . . C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\mshtml.dll

[-] 2005-07-19 18:04:36 . 39CB13F39A04531EE57C4D44A5E996E4 . 3012096 . . [6.00.2900.2722 (xpsp_sp2_gdr.050719-1518)] . . C:\WINDOWS\$NtUninstallKB912945$\mshtml.dll

[-] 2004-08-10 13:00:00 . CAC51AD576713E5F0CE2251ED3A7FE82 . 3003392 . . [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB896727$\mshtml.dll
 

[7] 2008-04-14 02:22:18 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\msvcrt.dll

[7] 2008-04-14 02:22:18 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\msvcrt.dll

[7] 2008-04-14 02:20:11 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll

[-] 2004-08-10 13:00:00 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\msvcrt.dll

[7] 2004-08-10 13:00:00 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0 (xpclient.010817-1148)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll

[-] 2004-08-10 13:00:00 . 365B3C43810E1CF41B3BE1E7180F583B . 343040 . . [7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
 

[7] 2008-06-20 17:46:10 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll

[7] 2008-06-20 17:46:10 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll

[7] 2008-06-20 17:43:49 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll

[7] 2008-06-20 17:43:49 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

[7] 2008-06-20 17:39:48 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)] . . C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll

[7] 2008-06-20 17:36:12 . EB55B1D9978B61E9913EDCD27EEC4C7C . 247296 . . [5.1.2600.3394 (xpsp_sp2_qfe.080620-1259)] . . C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll

[7] 2008-06-20 16:02:46 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\mswsock.dll

[7] 2008-06-20 16:02:46 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\dllcache\mswsock.dll

[7] 2008-04-14 02:22:18 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll

[7] 2008-04-14 02:22:18 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\mswsock.dll

[-] 2004-08-10 13:00:00 . B36E08F680BAE4DFC5C24D00A2DFC9E7 . 247296 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB951748_0$\mswsock.dll
 

[7] 2008-04-14 02:22:19 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[7] 2008-04-14 02:22:19 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\netlogon.dll

[-] 2004-08-10 13:00:00 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 

[7] 2008-04-14 02:22:23 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\powrprof.dll

[7] 2008-04-14 02:22:23 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\powrprof.dll

[-] 2004-08-10 13:00:00 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\powrprof.dll
 

[7] 2008-04-14 02:22:23 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[7] 2008-04-14 02:22:23 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\scecli.dll

[-] 2004-08-10 13:00:00 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 

[7] 2008-04-14 02:22:24 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\sfc.dll

[7] 2008-04-14 02:22:24 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfc.dll

[-] 2004-08-10 13:00:00 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\sfc.dll
 

[7] 2008-04-14 02:23:02 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\svchost.exe

[7] 2008-04-14 02:23:02 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\svchost.exe

[-] 2004-08-10 13:00:00 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
 

[7] 2008-04-14 02:22:30 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\tapisrv.dll

[7] 2008-04-14 02:22:30 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\tapisrv.dll

[-] 2005-07-08 16:29:45 . F07061E18613F336A3120229097F7635 . 249344 . . [5.1.2600.2716 (xpsp.050707-1657)] . . C:\WINDOWS\$hf_mig$\KB893756\SP2QFE\tapisrv.dll

[-] 2005-07-08 16:28:23 . 427D7EB3B453347082C8F4B370065D60 . 249344 . . [5.1.2600.2716 (xpsp_sp2_gdr.050707-1657)] . . C:\WINDOWS\$NtServicePackUninstall$\tapisrv.dll

[-] 2004-08-10 13:00:00 . 4584E2A5FE662AB3E7C32936E1449043 . 246272 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB893756$\tapisrv.dll
 

[7] 2008-04-14 02:22:31 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\user32.dll

[7] 2008-04-14 02:22:31 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\user32.dll

[-] 2007-03-08 15:48:39 . 78785EFF8CB90CEC1862A4CCFD9A3C3A . 579584 . . [5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)] . . C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll

[-] 2007-03-08 15:36:30 . 492E166CFD26A50FB9160DB536FF7D2B . 579072 . . [5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] . . C:\WINDOWS\$NtServicePackUninstall$\user32.dll

[-] 2005-03-02 18:19:56 . 4C90159A69A5FD3EB39C71411F28FCFF . 578560 . . [5.1.2600.2622 (xpsp.050301-1521)] . . C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll

[-] 2005-03-02 18:09:46 . 3751D7CF0E0A113D84414992146BCE6A . 578560 . . [5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] . . C:\WINDOWS\$NtUninstallKB925902$\user32.dll

[-] 2004-08-10 13:00:00 . 56785FD5236D7B22CF471A6DA9DB46D8 . 578560 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB890859$\user32.dll
 

[7] 2008-04-14 02:23:03 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[7] 2008-04-14 02:23:03 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\userinit.exe

[-] 2004-08-10 13:00:00 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 

[7] 2012-11-01 12:17:52 . 2EDCBEBCAC154808D4BED260D1CC5B3E . 916992 . . [8.00.6001.19389 (longhorn_ie8_gdr.121026-1559)] . . C:\WINDOWS\system32\wininet.dll

[7] 2012-11-01 12:17:52 . 2EDCBEBCAC154808D4BED260D1CC5B3E . 916992 . . [8.00.6001.19389 (longhorn_ie8_gdr.121026-1559)] . . C:\WINDOWS\system32\dllcache\wininet.dll

[7] 2012-11-01 12:15:39 . 55DA1F687D28274A8257B78F72907300 . 920064 . . [8.00.6001.23458 (longhorn_ie8_ldr.121026-1635)] . . C:\WINDOWS\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll

[7] 2012-08-28 15:05:49 . 8DA5C02D2CA9C2266C6E1ED1628388FF . 916992 . . [8.00.6001.19328 (longhorn_ie8_gdr.120824-1715)] . . C:\WINDOWS\ie8updates\KB2761465-IE8\wininet.dll

[7] 2012-08-28 15:04:44 . E51889F140ED2B32E986611E69DE148B . 920064 . . [8.00.6001.23415 (longhorn_ie8_ldr.120824-1815)] . . C:\WINDOWS\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll

[7] 2012-07-02 17:39:30 . 0085D5288271FA641F95A5A1845C6512 . 916992 . . [8.00.6001.19298 (longhorn_ie8_gdr.120627-1715)] . . C:\WINDOWS\ie8updates\KB2744842-IE8\wininet.dll

[7] 2012-07-02 17:38:22 . 002E8799A0D811A9F611FFA72B0A405D . 920064 . . [8.00.6001.23385 (longhorn_ie8_ldr.120627-1815)] . . C:\WINDOWS\$hf_mig$\KB2722913-IE8\SP3QFE\wininet.dll

[7] 2012-05-16 15:07:03 . CB1B69A4306EAE327DE46277CA3BA9C9 . 916992 . . [8.00.6001.19272 (longhorn_ie8_gdr.120514-1250)] . . C:\WINDOWS\ie8updates\KB2722913-IE8\wininet.dll

[7] 2012-05-16 15:04:52 . FA932FB2522C5B8436DF9D2290F56A98 . 920064 . . [8.00.6001.23359 (longhorn_ie8_ldr.120514-1345)] . . C:\WINDOWS\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll

[7] 2012-03-01 11:00:09 . 9C4ABC4869FB2EB0E6F38E27A536B325 . 916992 . . [8.00.6001.19222 (longhorn_ie8_gdr.120227-1715)] . . C:\WINDOWS\ie8updates\KB2699988-IE8\wininet.dll

[7] 2012-03-01 10:57:59 . 4CF6DBF445D93CAB7986F8EB90F27DEC . 919552 . . [8.00.6001.23318 (longhorn_ie8_ldr.120227-1815)] . . C:\WINDOWS\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll

[7] 2011-12-17 19:43:23 . 4C4FA27D15C83B59B16CED7DED66E33D . 916992 . . [8.00.6001.19190 (longhorn_ie8_gdr.111214-1715)] . . C:\WINDOWS\ie8updates\KB2675157-IE8\wininet.dll

[7] 2011-12-17 19:42:28 . 48F111BC456924B4F131E9FF11B4925E . 919552 . . [8.00.6001.23286 (longhorn_ie8_ldr.111214-1815)] . . C:\WINDOWS\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll

[7] 2011-11-04 19:13:36 . 0BB4286D73CE2CF106F21C7D38C9F85A . 916992 . . [8.00.6001.19165 (longhorn_ie8_gdr.111021-1715)] . . C:\WINDOWS\ie8updates\KB2647516-IE8\wininet.dll

[7] 2011-11-04 19:12:26 . C87AFD199FB2BAA77BADC2974815A7A4 . 919552 . . [8.00.6001.23261 (longhorn_ie8_ldr.111021-1815)] . . C:\WINDOWS\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll

[7] 2011-08-22 23:41:33 . 5F841994DB0F2B3A3303F8E6ADFDB13E . 916480 . . [8.00.6001.19131 (longhorn_ie8_gdr.110815-1715)] . . C:\WINDOWS\ie8updates\KB2618444-IE8\wininet.dll

[7] 2011-08-22 23:40:24 . 15F8399C03B9717AC8F5722649CB017D . 919552 . . [8.00.6001.23227 (longhorn_ie8_ldr.110815-1815)] . . C:\WINDOWS\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll

[7] 2011-06-23 18:31:31 . 0BF4985026EF2B7F22B91B3A4A56E222 . 916480 . . [8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)] . . C:\WINDOWS\ie8updates\KB2586448-IE8\wininet.dll

[7] 2011-06-23 18:29:26 . 11C398190972B60689CA0E61FEC75C42 . 919552 . . [8.00.6001.23192 (longhorn_ie8_ldr.110617-1815)] . . C:\WINDOWS\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll

[7] 2011-04-25 16:05:35 . 64F49D76DBEDDC28C676AF86A8613575 . 916480 . . [8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)] . . C:\WINDOWS\ie8updates\KB2559049-IE8\wininet.dll

[7] 2011-04-25 16:04:06 . 69E2C6E3430C34698F72E735646B346E . 919552 . . [8.00.6001.23165 (longhorn_ie8_ldr.110420-1800)] . . C:\WINDOWS\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll

[7] 2011-02-22 23:25:20 . 0E05446F197207A173E06A27C70A1DF7 . 919552 . . [8.00.6001.23139 (longhorn_ie8_ldr.110211-1800)] . . C:\WINDOWS\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll

[7] 2010-12-20 23:51:53 . B5FF24B723725959D6AE0904F53F74BC . 919552 . . [8.00.6001.23111 (longhorn_ie8_ldr.101217-1800)] . . C:\WINDOWS\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll

[7] 2010-11-06 00:23:48 . 628696B409200762C12C5140C434CBFA . 919552 . . [8.00.6001.23084 (longhorn_ie8_ldr.101015-1800)] . . C:\WINDOWS\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll

[7] 2010-11-05 05:04:20 . 456BD079E05B46937DE4A11FE38F865F . 672768 . . [6.00.2900.6049 (xpsp_sp3_gdr.101103-1638)] . . C:\WINDOWS\ie8\wininet.dll

[7] 2010-11-05 05:03:36 . 444EA3DA0167298CF03B0C85A561D9C8 . 674304 . . [6.00.2900.6049 (xpsp_sp3_qfe.101103-1636)] . . C:\WINDOWS\$hf_mig$\KB2416400\SP3QFE\wininet.dll

[7] 2010-09-10 05:46:18 . 7B7028B726053782DD9B98B729515567 . 919552 . . [8.00.6001.23060 (longhorn_ie8_ldr.100824-1900)] . . C:\WINDOWS\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll

[7] 2010-09-09 14:24:27 . 733D929C7D9BC60CEA86B375FD10D49C . 674304 . . [6.00.2900.6036 (xpsp_sp3_qfe.100908-2019)] . . C:\WINDOWS\$hf_mig$\KB2360131\SP3QFE\wininet.dll

[7] 2010-09-09 14:17:09 . 118371098ACBE078901488FD179B3B09 . 672768 . . [6.00.2900.6036 (xpsp_sp3_gdr.100908-2023)] . . C:\WINDOWS\$NtUninstallKB2416400$\wininet.dll

[7] 2010-06-24 12:11:29 . 5C69BD3D833BE9A589F336DE839649B0 . 674304 . . [6.00.2900.6003 (xpsp_sp3_qfe.100623-1636)] . . C:\WINDOWS\$hf_mig$\KB2183461\SP3QFE\wininet.dll

[7] 2010-06-24 12:10:51 . 35A0387364E0AFA7D4FF76302E63AB57 . 672768 . . [6.00.2900.6003 (xpsp_sp3_gdr.100623-1635)] . . C:\WINDOWS\$NtUninstallKB2360131$\wininet.dll

[7] 2010-05-06 10:31:23 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923 (longhorn_ie8_gdr.100419-1241)] . . C:\WINDOWS\ie8updates\KB2530548-IE8\wininet.dll

[7] 2010-05-06 10:26:57 . B5B9887088B8168D52CB28020CF05498 . 919040 . . [8.00.6001.23014 (longhorn_ie8_ldr.100419-1507)] . . C:\WINDOWS\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll

[7] 2010-04-16 16:06:44 . 0CC0A30F7F06C6A5A40911616CA35085 . 672768 . . [6.00.2900.5969 (xpsp_sp3_gdr.100416-1716)] . . C:\WINDOWS\$NtUninstallKB2183461$\wininet.dll

[7] 2010-04-16 16:00:04 . 68B82A22151D41988B3BCB7C881E2B0E . 674304 . . [6.00.2900.5969 (xpsp_sp3_qfe.100416-1736)] . . C:\WINDOWS\$hf_mig$\KB982381\SP3QFE\wininet.dll

[7] 2010-02-26 05:41:12 . 8A54A1EFAF25D51AF0AF6C16A3632F44 . 672768 . . [6.00.2900.5945 (xpsp_sp3_gdr.100225-1251)] . . C:\WINDOWS\$NtUninstallKB982381$\wininet.dll

[7] 2010-02-26 05:37:58 . D9B4109E317F25D5342DB8EC39446A1C . 674304 . . [6.00.2900.5945 (xpsp_sp3_qfe.100225-1321)] . . C:\WINDOWS\$hf_mig$\KB980182\SP3QFE\wininet.dll

[7] 2009-12-22 05:07:58 . 352E386B17F08786A7F0D9D9D909E1FA . 672768 . . [6.00.2900.5921 (xpsp_sp3_gdr.091221-1718)] . . C:\WINDOWS\$NtUninstallKB980182$\wininet.dll

[7] 2009-12-22 05:05:22 . 7F7A6BC378B622FDFC90C5A5575A83D0 . 674304 . . [6.00.2900.5921 (xpsp_sp3_qfe.091221-1752)] . . C:\WINDOWS\$hf_mig$\KB978207\SP3QFE\wininet.dll

[7] 2009-10-29 05:24:35 . 547B7FF3C91C09E7EE82760DA4323706 . 672768 . . [6.00.2900.5897 (xpsp_sp3_gdr.091028-1650)] . . C:\WINDOWS\$NtUninstallKB978207$\wininet.dll

[7] 2009-10-29 05:22:19 . 132C1D9C2DDCDFF55746D73508250362 . 674304 . . [6.00.2900.5897 (xpsp_sp3_qfe.091028-1717)] . . C:\WINDOWS\$hf_mig$\KB976325\SP3QFE\wininet.dll

[7] 2009-09-25 05:35:27 . C9ACEFE3BE286B40A84D47498CF73CB8 . 672768 . . [6.00.2900.5880 (xpsp_sp3_gdr.090924-1438)] . . C:\WINDOWS\$NtUninstallKB976325$\wininet.dll

[7] 2009-09-25 05:32:48 . 8DA0021A5283AFC13EF3932EDD5D1CDA . 674304 . . [6.00.2900.5880 (xpsp_sp3_qfe.090924-1448)] . . C:\WINDOWS\$hf_mig$\KB974455\SP3QFE\wininet.dll

[7] 2009-06-26 16:49:34 . 6988F148A06D085A49553F3E00E0D062 . 672256 . . [6.00.2900.5835 (xpsp_sp3_gdr.090626-1535)] . . C:\WINDOWS\$NtUninstallKB974455$\wininet.dll

[7] 2009-06-26 16:42:20 . F39EB4C85244526E442AC1C55297C918 . 673792 . . [6.00.2900.5835 (xpsp_sp3_qfe.090626-1600)] . . C:\WINDOWS\$hf_mig$\KB972260\SP3QFE\wininet.dll

[7] 2009-04-29 04:33:24 . 7A9E3F9ED0B2772F352571D26D0A164E . 672256 . . [6.00.2900.5803 (xpsp_sp3_gdr.090428-1325)] . . C:\WINDOWS\$NtUninstallKB972260$\wininet.dll

[7] 2009-04-29 04:28:29 . 4926F4F45F9400B8F535E5F5443A54BA . 673792 . . [6.00.2900.5803 (xpsp_sp3_qfe.090428-1347)] . . C:\WINDOWS\$hf_mig$\KB969897\SP3QFE\wininet.dll

[7] 2009-03-08 02:34:58 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] . . C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll

[7] 2009-02-20 08:09:45 . 34D8090A7B1AE7975FAE5259BF840849 . 671744 . . [6.00.2900.5764 (xpsp_sp3_gdr.090219-1240)] . . C:\WINDOWS\$NtUninstallKB969897$\wininet.dll

[7] 2009-02-20 07:51:25 . DE271547E700E38226FB0DE0BA34D37A . 673280 . . [6.00.2900.5764 (xpsp_sp3_qfe.090219-1311)] . . C:\WINDOWS\$hf_mig$\KB963027\SP3QFE\wininet.dll

[7] 2008-10-16 01:03:12 . 7DBE34DA22CAB4BE922638540048379F . 672768 . . [6.00.2900.5694 (xpsp_sp3_qfe.081015-1409)] . . C:\WINDOWS\$hf_mig$\KB958215\SP3QFE\wininet.dll

[7] 2008-10-16 01:00:25 . 10A2C485838D5B95CCF7905E21E9A80A . 671744 . . [6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)] . . C:\WINDOWS\$NtUninstallKB963027$\wininet.dll

[7] 2008-08-20 05:33:08 . 66AF60C255953898C67993CD665A2D22 . 673280 . . [6.00.2900.3429 (xpsp_sp2_qfe.080819-1244)] . . C:\WINDOWS\$NtServicePackUninstall$\wininet.dll

[7] 2008-08-20 05:08:55 . C5326257F4FEE83E24B06CD4BC08EBA2 . 671744 . . [6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] . . C:\WINDOWS\$hf_mig$\KB956390\SP3GDR\wininet.dll

[7] 2008-08-20 05:08:55 . C5326257F4FEE83E24B06CD4BC08EBA2 . 671744 . . [6.00.2900.5659 (xpsp_sp3_gdr.080819-1237)] . . C:\WINDOWS\$NtUninstallKB958215$\wininet.dll

[7] 2008-08-20 05:06:47 . 503D9BE987B9A3964816FED082F45771 . 672256 . . [6.00.2900.5659 (xpsp_sp3_qfe.080819-1352)] . . C:\WINDOWS\$hf_mig$\KB956390\SP3QFE\wininet.dll

[7] 2008-06-23 16:14:31 . 878F506D7F69E06BCCDC86C2A4D17633 . 672768 . . [6.00.2900.3395 (xpsp_sp2_qfe.080623-1318)] . . C:\WINDOWS\$NtUninstallKB956390_0$\wininet.dll

[7] 2008-06-23 15:10:12 . 978542595CF09A86E2EF60552A35C937 . 671744 . . [6.00.2900.5626 (xpsp_sp3_gdr.080623-1315)] . . C:\WINDOWS\$hf_mig$\KB953838\SP3GDR\wininet.dll

[7] 2008-06-23 15:10:12 . 978542595CF09A86E2EF60552A35C937 . 671744 . . [6.00.2900.5626 (xpsp_sp3_gdr.080623-1315)] . . C:\WINDOWS\$NtUninstallKB956390$\wininet.dll

[7] 2008-06-23 14:55:04 . 6432638B5CE374D912C0C4F2A9F03DAE . 672256 . . [6.00.2900.5626 (xpsp_sp3_qfe.080623-1331)] . . C:\WINDOWS\$hf_mig$\KB953838\SP3QFE\wininet.dll

[7] 2008-04-21 06:56:30 . 018ADED93507A4AEA4F55741863DBC9E . 672256 . . [6.00.2900.3354 (xpsp_sp2_qfe.080417-1416)] . . C:\WINDOWS\$NtUninstallKB953838_0$\wininet.dll

[7] 2008-04-21 06:42:36 . 11D26D87E041000EA4C0128CD0010F7A . 671744 . . [6.00.2900.5583 (xpsp_sp3_gdr.080417-1430)] . . C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll

[7] 2008-04-21 06:42:36 . 11D26D87E041000EA4C0128CD0010F7A . 671744 . . [6.00.2900.5583 (xpsp_sp3_gdr.080417-1430)] . . C:\WINDOWS\$NtUninstallKB953838$\wininet.dll

[7] 2008-04-21 06:24:15 . 645A4A4884EB5EB8453C01531FCBEC3A . 672256 . . [6.00.2900.5583 (xpsp_sp3_qfe.080417-1431)] . . C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll

[7] 2008-04-14 02:22:32 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\$NtUninstallKB950759$\wininet.dll

[7] 2008-04-14 02:22:32 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\wininet.dll

[-] 2008-02-16 09:30:57 . 6C49192217DF0509BC6A576535545529 . 671744 . . [6.00.2900.3314 (xpsp_sp2_qfe.080215-1242)] . . C:\WINDOWS\$NtUninstallKB950759_0$\wininet.dll

[-] 2007-12-07 00:46:31 . 273F4B37B80C8D398713A88B788FE59B . 671744 . . [6.00.2900.3268 (xpsp_sp2_qfe.071206-1251)] . . C:\WINDOWS\$NtUninstallKB947864$\wininet.dll

[-] 2007-10-11 05:58:24 . 6BE2CDDC28610D9E73E54678A131B253 . 671744 . . [6.00.2900.3231 (xpsp_sp2_qfe.071010-1316)] . . C:\WINDOWS\$NtUninstallKB944533$\wininet.dll

[-] 2007-08-22 12:56:40 . D6140D5095E62BD609DF3201C7B854AC . 671232 . . [6.00.2900.3199 (xpsp_sp2_qfe.070821-1250)] . . C:\WINDOWS\$NtUninstallKB942615$\wininet.dll

[-] 2007-06-26 14:39:14 . 8FFB79A006666912364801AE679E618E . 671232 . . [6.00.2900.3164 (xpsp_sp2_qfe.070626-1258)] . . C:\WINDOWS\$NtUninstallKB939653$\wininet.dll

[-] 2007-04-18 12:44:36 . AF95C8D19C4391550DBB9FB78D078FA2 . 671232 . . [6.00.2900.3121 (xpsp_sp2_qfe.070418-1302)] . . C:\WINDOWS\$NtUninstallKB937143$\wininet.dll

[-] 2007-02-19 15:22:00 . E2CB4D46FF3638BFF234AE4253BC6430 . 671232 . . [6.00.2900.3086 (xpsp_sp2_qfe.070218-2342)] . . C:\WINDOWS\$NtUninstallKB933566$\wininet.dll

[-] 2007-01-04 14:02:18 . 04A670155A6D86DFBF562F45544E1908 . 670720 . . [6.00.2900.3059 (xpsp_sp2_qfe.070104-0040)] . . C:\WINDOWS\$NtUninstallKB931768$\wininet.dll

[-] 2006-10-23 15:34:37 . 47BBFEB4909D45064A992C3068610B06 . 670208 . . [6.00.2900.3020 (xpsp.061023-0222)] . . C:\WINDOWS\$NtUninstallKB928090$\wininet.dll

[-] 2006-09-14 08:36:16 . C98F3024049AAEAFAE1340D94C16FDC8 . 670208 . . [6.00.2900.2995 (xpsp.060913-0019)] . . C:\WINDOWS\$NtUninstallKB925454$\wininet.dll

[-] 2006-06-23 11:25:32 . 05E47EA6708BD99DF2D8E4ABD55DF079 . 670208 . . [6.00.2900.2937 (xpsp.060623-0011)] . . C:\WINDOWS\$NtUninstallKB922760$\wininet.dll

[-] 2006-01-09 18:00:36 . 957B39EFDAAFC58F43FB233933265F95 . 667648 . . [6.00.2900.2823 (xpsp.060106-1527)] . . C:\WINDOWS\$NtUninstallKB918899$\wininet.dll

[-] 2005-07-03 02:15:28 . 9AD1C82368BBEC1C1414A3F8820C7CF9 . 664064 . . [6.00.2900.2713 (xpsp_sp2_gdr.050702-1513)] . . C:\WINDOWS\$NtUninstallKB912945$\wininet.dll

[-] 2005-07-03 02:11:25 . E992695B2D5628154B65FE8DFB0F3CCA . 665088 . . [6.00.2900.2713 (xpsp.050702-1518)] . . C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\wininet.dll

[-] 2004-08-10 13:00:00 . B1A1DA99C4A6EBFD59F86A453BF02F39 . 662016 . . [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB896727$\wininet.dll
 

[7] 2008-04-14 02:22:32 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll

[7] 2008-04-14 02:22:32 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\ws2_32.dll

[-] 2004-08-10 13:00:00 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
 

[7] 2008-04-14 02:22:32 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\ws2help.dll

[7] 2008-04-14 02:22:32 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\ws2help.dll

[-] 2004-08-10 13:00:00 . B3ADA72D1E3E10A8F6430669DFC38ED0 . 19968 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ws2help.dll
 

[7] 2008-04-14 02:22:45 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\explorer.exe

[7] 2008-04-14 02:22:45 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\explorer.exe

[-] 2007-06-13 13:21:45 . 64D320C0E301EEDC5A4ADBBDC5024F7F . 1036288 . . [6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] . . C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

[-] 2007-06-13 13:10:08 . 331ED93570BAF3CFE30340298762CD56 . 1036288 . . [6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)] . . C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

[-] 2004-08-10 13:00:00 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
 

[7] 2008-04-14 02:22:58 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\regedit.exe

[7] 2008-04-14 02:22:58 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\regedit.exe

[-] 2004-08-10 13:00:00 . 8193CE5FB09E83F2699FD65BBCBE2FD2 . 153600 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
 

[7] 2011-11-01 16:07:05 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168 (xpsp_sp3_gdr.111101-1829)] . . C:\WINDOWS\system32\ole32.dll

[7] 2011-11-01 16:07:05 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168 (xpsp_sp3_gdr.111101-1829)] . . C:\WINDOWS\system32\dllcache\ole32.dll

[7] 2011-11-01 16:05:36 . D684C601EC79D9543D50EB2DB124FE78 . 1289216 . . [5.1.2600.6168 (xpsp_sp3_qfe.111101-1828)] . . C:\WINDOWS\$hf_mig$\KB2624667\SP3QFE\ole32.dll

[7] 2010-07-16 12:05:01 . B28AF7976F2D8109C0DC2CF2460BEDC2 . 1288192 . . [5.1.2600.6010 (xpsp_sp3_gdr.100712-1633)] . . C:\WINDOWS\$NtUninstallKB2624667$\ole32.dll

[7] 2010-07-16 12:03:47 . B3D7633CF83B09042A49810A7A72ADED . 1289216 . . [5.1.2600.6010 (xpsp_sp3_qfe.100712-1633)] . . C:\WINDOWS\$hf_mig$\KB979687\SP3QFE\ole32.dll

[7] 2008-04-14 02:22:23 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\$NtUninstallKB979687$\ole32.dll

[7] 2008-04-14 02:22:23 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\ServicePackFiles\i386\ole32.dll

[-] 2005-07-26 04:29:16 . 24EDF93FD04CA1A98D32F092DD4F9953 . 1286144 . . [5.1.2600.2726 (xpsp.050725-1531)] . . C:\WINDOWS\$NtServicePackUninstall$\ole32.dll

[-] 2005-04-28 19:31:43 . 9752FA23CE81D3A2BD2125F40C24A723 . 1285120 . . [5.1.2600.2665 (xpsp_sp2_gdr.050427-1553)] . . C:\WINDOWS\$NtUninstallKB894391$\ole32.dll

[-] 2005-04-28 11:35:40 . D3653209882B5645223B1EA958EEE3A6 . 1286656 . . [5.1.2600.2665 (xpsp.050427-1553)] . . C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\ole32.dll

[-] 2005-04-28 11:35:40 . D3653209882B5645223B1EA958EEE3A6 . 1286656 . . [5.1.2600.2665 (xpsp.050427-1553)] . . C:\WINDOWS\$NtUninstallKB902400$\ole32.dll

[-] 2005-01-14 05:08:03 . 11565070406B8892149C360A4FB23731 . 1285120 . . [5.1.2600.2595 (xpsp.041130-1728)] . . C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\ole32.dll

[-] 2005-01-13 23:57:04 . B84D629E121F94FB0844EAD65C823E6A . 1285120 . . [5.1.2600.2595 (xpsp_sp2_gdr.041130-1729)] . . C:\WINDOWS\$NtUninstallKB894391_0$\ole32.dll

[-] 2004-08-10 13:00:00 . D700449AD3045E81680C25A79620A171 . 1281536 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB873333$\ole32.dll
 

[7] 2010-04-16 15:36:58 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969 (xpsp_sp3_gdr.100416-1716)] . . C:\WINDOWS\system32\usp10.dll

[7] 2010-04-16 15:36:58 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969 (xpsp_sp3_gdr.100416-1716)] . . C:\WINDOWS\system32\dllcache\usp10.dll

[7] 2010-04-16 15:29:51 . EB2AD9C7DADE6C63F5F933881BA2A430 . 406016 . . [1.0420.2600.5969 (xpsp_sp3_qfe.100416-1736)] . . C:\WINDOWS\$hf_mig$\KB981322\SP3QFE\usp10.dll

[7] 2008-04-14 02:22:31 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\$NtUninstallKB981322$\usp10.dll

[7] 2008-04-14 02:22:31 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\usp10.dll

[-] 2004-08-10 13:00:00 . E4E40EAFF464EBE7752BAD3D82AF1715 . 406528 . . [1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\usp10.dll
 

[7] 2008-04-14 02:22:13 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\ServicePackFiles\i386\ksuser.dll

[7] 2008-04-14 02:22:13 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\ksuser.dll

[7] 2004-08-03 23:57:24 . 4721744CE11F385073F6F9F7831752C7 . 4096 . . [5.3.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ksuser.dll
 

[7] 2008-04-14 02:22:40 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe

[7] 2008-04-14 02:22:40 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\ctfmon.exe

[-] 2004-08-10 13:00:00 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe
 

[7] 2009-07-27 23:16:05 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853 (xpsp_sp3_gdr.090727-1736)] . . C:\WINDOWS\system32\shsvcs.dll

[7] 2009-07-27 23:16:05 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853 (xpsp_sp3_gdr.090727-1736)] . . C:\WINDOWS\system32\dllcache\shsvcs.dll

[7] 2009-07-27 22:09:53 . 927666F4228E3FBBC3D1171581DC8BDC . 135680 . . [6.00.2900.5853 (xpsp_sp3_qfe.090727-1747)] . . C:\WINDOWS\$hf_mig$\KB971029\SP3QFE\shsvcs.dll

[7] 2008-04-14 02:22:25 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\$NtUninstallKB971029$\shsvcs.dll

[7] 2008-04-14 02:22:25 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\shsvcs.dll

[-] 2006-12-19 21:49:41 . 521A4CB71CC419FDF60DB83E7308AE2B . 135168 . . [6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] . . C:\WINDOWS\$NtServicePackUninstall$\shsvcs.dll

[-] 2006-12-19 21:48:12 . B5B37E7C51A551F60A1254E63C878FA9 . 135680 . . [6.00.2900.3051 (xpsp_sp2_qfe.061219-0311)] . . C:\WINDOWS\$hf_mig$\KB928255\SP2QFE\shsvcs.dll

[-] 2004-08-10 13:00:00 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB928255$\shsvcs.dll
 

[7] 2008-04-14 02:22:17 . DC4E223F5813150073FB5CC63D13293B . 4608 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\msimg32.dll

[7] 2008-04-14 02:22:17 . DC4E223F5813150073FB5CC63D13293B . 4608 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\msimg32.dll

[-] 2004-08-10 13:00:00 . 3B8A9C87027BF8D6D156BE5FA6E8EBC6 . 4608 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\msimg32.dll
 

[7] 2008-04-14 02:22:30 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\ServicePackFiles\i386\srsvc.dll

[7] 2008-04-14 02:22:30 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\srsvc.dll

[-] 2004-08-10 13:00:00 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\srsvc.dll
 

[7] 2008-04-14 02:23:06 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe

[7] 2008-04-14 02:23:06 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\wscntfy.exe

[-] 2004-08-10 13:00:00 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe
 

[7] 2008-04-14 02:22:33 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll

[7] 2008-04-14 02:22:33 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\xmlprov.dll

[-] 2004-08-10 13:00:00 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\xmlprov.dll
 

[7] 2010-12-09 15:15:46 . 0314B25236E38383DACD4527C40156E8 . 743936 . . [5.1.2600.6055 (xpsp_sp3_qfe.101209-1646)] . . C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntdll.dll

[7] 2010-12-09 15:15:07 . E3BDD71DA7EAB0A503129D4D127AF1CB . 743936 . . [5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] . . C:\WINDOWS\system32\ntdll.dll

[7] 2010-12-09 15:15:07 . E3BDD71DA7EAB0A503129D4D127AF1CB . 743936 . . [5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] . . C:\WINDOWS\system32\dllcache\ntdll.dll

[7] 2009-02-09 10:54:49 . 06DA2C9091606174BFC6F46037AAFFF8 . 740864 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntdll.dll

[7] 2009-02-09 10:51:43 . 1392B1FB3CD232D4439418DB91DB57A1 . 740352 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\$NtUninstallKB2393802$\ntdll.dll

[7] 2008-04-14 02:21:52 . 95092EFBE367A108ECDD5D6E439754C3 . 731648 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\$NtUninstallKB956572$\ntdll.dll

[7] 2008-04-14 02:21:52 . 95092EFBE367A108ECDD5D6E439754C3 . 731648 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\ntdll.dll

[-] 2004-08-10 13:00:00 . 00E9FF65CC5C4F965ABB0C7BBDAE8309 . 733696 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ntdll.dll
 

[7] 2008-04-14 02:20:58 . 275CAC40038A2643833B5F48FB474857 . 177152 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\msctfime.ime

[7] 2008-04-14 02:20:58 . 275CAC40038A2643833B5F48FB474857 . 177152 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\msctfime.ime

[-] 2004-08-10 13:00:00 . C7329927E2C73450323565DCFE17D78E . 177152 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\msctfime.ime
 

[7] 2008-04-14 02:22:10 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[7] 2008-04-14 02:22:10 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\eventlog.dll

[-] 2004-08-10 13:00:00 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 

[7] 2008-04-14 02:22:25 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll

[7] 2008-04-14 02:22:25 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfcfiles.dll

[-] 2004-08-10 13:00:00 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\sfcfiles.dll
 

[7] 2008-04-13 19:19:42 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\ipsec.sys

[7] 2008-04-13 19:19:42 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\ipsec.sys

[-] 2004-08-10 13:00:00 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys
 

[7] 2008-04-14 02:22:23 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\regsvc.dll

[7] 2008-04-14 02:22:23 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\regsvc.dll

[-] 2004-08-10 13:00:00 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\regsvc.dll
 

[7] 2008-04-14 02:22:23 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\ServicePackFiles\i386\schedsvc.dll

[7] 2008-04-14 02:22:23 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\schedsvc.dll

[-] 2004-08-10 13:00:00 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\schedsvc.dll
 

[7] 2008-04-14 02:22:30 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\ssdpsrv.dll

[7] 2008-04-14 02:22:30 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\ssdpsrv.dll

[-] 2004-08-10 13:00:00 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ssdpsrv.dll
 

[7] 2008-04-14 02:22:30 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\termsrv.dll

[7] 2008-04-14 02:22:30 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\termsrv.dll

[-] 2005-03-10 07:49:53 . A0E72E14B0E12B9AA3648FDB31BDE332 . 297472 . . [5.1.2600.2627 (xpsp.050309-1716)] . . C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll

[-] 2004-08-10 13:00:00 . 1850BC10DE5DCCCEDE063FC2D0F2CEDA . 297472 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB895961$\termsrv.dll
 

[7] 2008-04-14 02:22:11 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\hnetcfg.dll

[7] 2008-04-14 02:22:11 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\hnetcfg.dll

[-] 2004-08-10 13:00:00 . AE93E415220A4C0112768A0DEE36D28D . 348672 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\hnetcfg.dll
 

[7] 2008-04-14 02:22:07 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\appmgmts.dll

[7] 2008-04-14 02:22:07 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\appmgmts.dll

[-] 2004-08-10 13:00:00 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\appmgmts.dll
 

[7] 2004-08-10 13:00:00 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0 (xpclient.010817-1148)] . . C:\WINDOWS\system32\drivers\acpiec.sys
 

[7] 2008-04-13 16:39:23 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . C:\WINDOWS\ServicePackFiles\i386\aec.sys

[7] 2008-04-13 16:39:23 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . C:\WINDOWS\system32\drivers\aec.sys

[-] 2006-02-15 00:30:07 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys

[-] 2006-02-15 00:22:26 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . C:\WINDOWS\$NtServicePackUninstall$\aec.sys

[7] 2004-08-03 21:39:38 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . C:\WINDOWS\$NtUninstallKB900485$\aec.sys
 

[7] 2008-04-13 18:36:38 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[7] 2008-04-13 18:36:38 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\drivers\agp440.sys
 

[7] 2008-04-13 18:53:34 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys

[7] 2008-04-13 18:53:34 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\ip6fw.sys

[-] 2004-08-10 13:00:00 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ip6fw.sys
 

[7] 2010-09-18 07:18:09 . 4891FCDAE77486BFB56999AA217651FA . 953856 . . [4.1.6151] . . C:\WINDOWS\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll

[7] 2010-09-18 06:52:56 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . C:\WINDOWS\system32\mfc40u.dll

[7] 2010-09-18 06:52:56 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . C:\WINDOWS\system32\dllcache\mfc40u.dll

[7] 2008-04-14 02:22:14 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . C:\WINDOWS\$NtUninstallKB2387149$\mfc40u.dll

[7] 2008-04-14 02:22:14 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . C:\WINDOWS\ServicePackFiles\i386\mfc40u.dll

[-] 2006-11-01 19:17:41 . B80F1D82969BD31392F1867936E96448 . 927504 . . [4.1.0.61] . . C:\WINDOWS\$NtServicePackUninstall$\mfc40u.dll

[-] 2004-08-10 13:00:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . C:\WINDOWS\$NtUninstallKB924667$\mfc40u.dll
 

[7] 2008-04-14 02:22:16 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\msgsvc.dll

[7] 2008-04-14 02:22:16 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\msgsvc.dll

[-] 2004-08-10 13:00:00 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\msgsvc.dll
 

[7] 2006-10-18 20:47:16 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\mspmsnsv.dll

[7] 2005-08-03 17:29:52 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll

[7] 2005-08-03 17:29:52 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll

[-] 2004-08-10 13:00:00 . 5FDCCC838CD95F61097D8A637F842AA8 . 25600 . . [10.0.3790.3646] . . C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
 

[7] 2012-08-23 06:26:57 . 683CCEEF613AB24D24C9A764C79A80F2 . 2071936 . . [5.1.2600.6284 (xpsp_sp3_gdr.120821-1629)] . . C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe

[7] 2012-08-23 06:26:57 . 683CCEEF613AB24D24C9A764C79A80F2 . 2071936 . . [5.1.2600.6284 (xpsp_sp3_gdr.120821-1629)] . . C:\WINDOWS\system32\ntkrnlpa.exe

[7] 2012-08-23 06:26:57 . 683CCEEF613AB24D24C9A764C79A80F2 . 2071936 . . [5.1.2600.6284 (xpsp_sp3_gdr.120821-1629)] . . C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

[7] 2012-08-23 06:26:13 . 3E6F700819774FD290FA8A79465E41DA . 2071936 . . [5.1.2600.6284 (xpsp_sp3_qfe.120821-1630)] . . C:\WINDOWS\$hf_mig$\KB2724197\SP3QFE\ntkrnlpa.exe

[7] 2012-05-05 03:14:34 . 0A7BFA15D9F9432DB882CD2A174E7F7F . 2071424 . . [5.1.2600.6223 (xpsp_sp3_gdr.120504-1619)] . . C:\WINDOWS\$NtUninstallKB2724197$\ntkrnlpa.exe

[7] 2012-05-05 03:14:13 . 339D9DA45F631C9D9D7132D9F6957943 . 2071424 . . [5.1.2600.6223 (xpsp_sp3_qfe.120504-1617)] . . C:\WINDOWS\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe

[7] 2012-04-11 13:51:20 . FCDFEE91E13E7A2433B053A53645EB39 . 2071424 . . [5.1.2600.6206 (xpsp_sp3_gdr.120411-1615)] . . C:\WINDOWS\$NtUninstallKB2707511$\ntkrnlpa.exe

[7] 2012-04-11 13:50:29 . C3124524EDDDA49504AE558352440F65 . 2071424 . . [5.1.2600.6206 (xpsp_sp3_qfe.120411-1615)] . . C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe

[7] 2011-10-26 10:49:49 . 525C18123E6FAF032E3853A4B9D8F255 . 2071680 . . [5.1.2600.6165 (xpsp_sp3_gdr.111025-1629)] . . C:\WINDOWS\$NtUninstallKB2676562$\ntkrnlpa.exe

[7] 2011-10-26 10:49:08 . ADD968B4D4A095407FD5B915F89BA8B5 . 2071680 . . [5.1.2600.6165 (xpsp_sp3_qfe.111025-1623)] . . C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe

[7] 2010-12-09 19:44:32 . 7B1CA0A6C042E4B90A18B49ED73CBA76 . 2071680 . . [5.1.2600.6055 (xpsp_sp3_qfe.101209-1646)] . . C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe

[7] 2010-12-09 15:13:53 . 59BCD807F5FC0AB291E9EA1E2CB598B1 . 2071680 . . [5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] . . C:\WINDOWS\$NtUninstallKB2633171$\ntkrnlpa.exe

[7] 2010-04-28 21:15:34 . 4EACA49489EB3C4A2E83C5546EB5884C . 2069248 . . [5.1.2600.5973 (xpsp_sp3_qfe.100427-1650)] . . C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe

[7] 2010-04-28 05:41:29 . 989290FBD9A7E90CD8B8E9C96817804D . 2069120 . . [5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)] . . C:\WINDOWS\$NtUninstallKB2393802$\ntkrnlpa.exe

[7] 2010-02-16 19:04:25 . 9F24D01B6027FED0423FD28F1055E3DD . 2069120 . . [5.1.2600.5938 (xpsp_sp3_gdr.100216-1514)] . . C:\WINDOWS\$NtUninstallKB981852$\ntkrnlpa.exe

[7] 2010-02-16 18:58:40 . CEE28C8C47E52F185F9F8F3A2E31880C . 2069248 . . [5.1.2600.5938 (xpsp_sp3_qfe.100216-1510)] . . C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe

[7] 2009-12-09 14:29:14 . 2E72317A93EF61138E43DCF7CD423EDF . 2068480 . . [5.1.2600.5913 (xpsp_sp3_qfe.091208-2029)] . . C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe

[7] 2009-12-09 10:06:03 . ADB6D671931D876CD7D53A5E2C147DBB . 2068352 . . [5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)] . . C:\WINDOWS\$NtUninstallKB979683$\ntkrnlpa.exe

[7] 2009-08-04 20:50:20 . C50ED62BB5CDC5AD4F3985ED39C6AE87 . 2068480 . . [5.1.2600.5857 (xpsp_sp3_qfe.090804-1456)] . . C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe

[7] 2009-08-04 17:26:06 . 602A85B23E5D9E6402D7205AFBE6FEB4 . 2068352 . . [5.1.2600.5857 (xpsp_sp3_gdr.090804-1435)] . . C:\WINDOWS\$NtUninstallKB977165$\ntkrnlpa.exe

[7] 2009-02-10 17:03:46 . 321917CFF934663C48C1E91A930E5D71 . 2068352 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\$NtUninstallKB971486$\ntkrnlpa.exe

[7] 2009-02-09 11:14:44 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe

[7] 2008-08-14 17:22:14 . C789B5AEA9AB71C5BEF6DD568F744842 . 2068352 . . [5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)] . . C:\WINDOWS\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe

[7] 2008-08-14 13:36:00 . 8F54D426024BC7E45A6F32253BBB572E . 2065280 . . [5.1.2600.3427 (xpsp_sp2_qfe.080814-1242)] . . C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe

[7] 2008-08-14 13:19:48 . 326C258774EB791E78FEA8A9E14D5C3E . 2068352 . . [5.1.2600.5657 (xpsp_sp3_gdr.080814-1236)] . . C:\WINDOWS\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe

[7] 2008-08-14 13:19:48 . 326C258774EB791E78FEA8A9E14D5C3E . 2068352 . . [5.1.2600.5657 (xpsp_sp3_gdr.080814-1236)] . . C:\WINDOWS\$NtUninstallKB956572$\ntkrnlpa.exe

[7] 2008-04-14 02:00:00 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\$NtUninstallKB956841$\ntkrnlpa.exe

[7] 2008-04-14 02:00:00 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe

[-] 2007-02-28 16:06:12 . 9B9CA27AD315C02B71510238574894B2 . 2061696 . . [5.1.2600.3093 (xpsp_sp2_qfe.070227-2300)] . . C:\WINDOWS\$NtUninstallKB956841_0$\ntkrnlpa.exe

[-] 2006-12-19 18:43:40 . D3767E1A7E6674CE671A8A8254945C29 . 2061696 . . [5.1.2600.3051 (xpsp_sp2_qfe.061219-0311)] . . C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe

[-] 2005-09-29 18:28:16 . 85C9D9BC2EBA2821668D80599960BBBD . 2059776 . . [5.1.2600.2765 (xpsp.050928-1517)] . . C:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe

[-] 2005-03-02 18:06:16 . BDFF8FFA77EE7DF9758EF8C1E0DA8EFF . 2059136 . . [5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] . . C:\WINDOWS\$NtUninstallKB896256$\ntkrnlpa.exe

[-] 2005-03-02 09:11:32 . AE8364004BBFD70461D2EF34888D3360 . 2059264 . . [5.1.2600.2622 (xpsp.050301-1521)] . . C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe

[7] 2004-08-10 13:00:00 . CE41FC4C06499A389D39B301879535FB . 2059136 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
 

[7] 2008-04-14 02:22:20 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll

[7] 2008-04-14 02:22:20 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . C:\WINDOWS\system32\ntmssvc.dll

[-] 2004-08-10 13:00:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . C:\WINDOWS\$NtServicePackUninstall$\ntmssvc.dll
 

[7] 2008-04-14 02:22:31 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\upnphost.dll

[7] 2008-04-14 02:22:31 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\upnphost.dll

[-] 2007-02-05 20:19:54 . 5C686B95470AC24E133AB4DAC4639A6C . 185856 . . [5.1.2600.3077 (xpsp_sp2_qfe.070205-0007)] . . C:\WINDOWS\$hf_mig$\KB931261\SP2QFE\upnphost.dll

[-] 2007-02-05 20:18:44 . 855790C1BACED245A6B210AF430ED17B . 185856 . . [5.1.2600.3077 (xpsp_sp2_gdr.070204-2255)] . . C:\WINDOWS\$NtServicePackUninstall$\upnphost.dll

[-] 2004-08-10 13:00:00 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB931261$\upnphost.dll
 

[7] 2008-04-14 02:22:09 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\ServicePackFiles\i386\dsound.dll

[7] 2008-04-14 02:22:09 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\dsound.dll

[-] 2004-08-10 13:00:00 . 7DB3393F98E4211F5CE8F003DE0615CF . 367616 . . [5.3.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\dsound.dll
 

[7] 2008-04-14 02:22:08 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\ServicePackFiles\i386\d3d9.dll

[7] 2008-04-14 02:22:08 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\d3d9.dll

[-] 2004-08-10 13:00:00 . 20AE7889467887B869F30308EEED9A2A . 1689088 . . [5.03.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\d3d9.dll
 

[7] 2008-04-14 02:22:08 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\ServicePackFiles\i386\ddraw.dll

[7] 2008-04-14 02:22:08 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\ddraw.dll

[-] 2004-08-10 13:00:00 . CAC545A56482DE01640E6B791DE19944 . 266240 . . [5.03.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll
 

[7] 2008-04-14 02:22:23 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . C:\WINDOWS\ServicePackFiles\i386\olepro32.dll

[7] 2008-04-14 02:22:23 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . C:\WINDOWS\system32\olepro32.dll

[-] 2004-08-10 13:00:00 . 1404D3DD4ED4F5E2A938B43794049A81 . 83456 . . [5.1.2600.2180] . . C:\WINDOWS\$NtServicePackUninstall$\olepro32.dll
 

[7] 2008-04-14 02:22:23 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\perfctrs.dll

[7] 2008-04-14 02:22:23 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\perfctrs.dll

[-] 2004-08-10 13:00:00 . 007BFD01772B5202C5CE4F208A2F3F46 . 41984 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\perfctrs.dll
 

[7] 2008-04-14 02:22:31 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\version.dll

[7] 2008-04-14 02:22:31 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\version.dll

[-] 2004-08-10 13:00:00 . 4EF2FDC0A085C8339ED4D9C59CE8FC60 . 18944 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\version.dll
 

[7] 2009-03-08 12:09:26 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] . . C:\WINDOWS\system32\dllcache\iexplore.exe

[7] 2008-04-14 02:22:48 . 3BFE49B4CDFAC83B0F3C79412895A179 . 93184 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ie8\iexplore.exe

[7] 2008-04-14 02:22:48 . 3BFE49B4CDFAC83B0F3C79412895A179 . 93184 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\iexplore.exe

[-] 2004-08-10 13:00:00 . B39A6AF04A431E317C85BF061719E705 . 93184 . . [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe
 
 

[7] 2012-08-23 06:26:57 . 777AC14497340CDCFC12438904528E67 . 2195200 . . [5.1.2600.6284 (xpsp_sp3_gdr.120821-1629)] . . C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe

[7] 2012-08-23 06:26:57 . 777AC14497340CDCFC12438904528E67 . 2195200 . . [5.1.2600.6284 (xpsp_sp3_gdr.120821-1629)] . . C:\WINDOWS\system32\ntoskrnl.exe

[7] 2012-08-23 06:26:57 . 777AC14497340CDCFC12438904528E67 . 2195200 . . [5.1.2600.6284 (xpsp_sp3_gdr.120821-1629)] . . C:\WINDOWS\system32\dllcache\ntoskrnl.exe

[7] 2012-08-23 06:26:13 . DEF6103237BB417D4082DB5077837853 . 2195328 . . [5.1.2600.6284 (xpsp_sp3_qfe.120821-1630)] . . C:\WINDOWS\$hf_mig$\KB2724197\SP3QFE\ntoskrnl.exe

[7] 2012-05-05 03:14:34 . 6005B4877E0E9AFB992615A0D5130D11 . 2194944 . . [5.1.2600.6223 (xpsp_sp3_gdr.120504-1619)] . . C:\WINDOWS\$NtUninstallKB2724197$\ntoskrnl.exe

[7] 2012-05-05 03:14:13 . C11516E90F6D8C45329A070429392A04 . 2194944 . . [5.1.2600.6223 (xpsp_sp3_qfe.120504-1617)] . . C:\WINDOWS\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe

[7] 2012-04-11 13:51:17 . 0D7DD9F68FA1B5D4A5571B0D53A8DF48 . 2194944 . . [5.1.2600.6206 (xpsp_sp3_gdr.120411-1615)] . . C:\WINDOWS\$NtUninstallKB2707511$\ntoskrnl.exe

[7] 2012-04-11 13:50:30 . 35BEC26067274CCFE4BE16CA22E54557 . 2194944 . . [5.1.2600.6206 (xpsp_sp3_qfe.120411-1615)] . . C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe

[7] 2011-10-26 10:49:49 . 8B4FC0BCA12CABFDE8C2E49B1B9A65E6 . 2195072 . . [5.1.2600.6165 (xpsp_sp3_gdr.111025-1629)] . . C:\WINDOWS\$NtUninstallKB2676562$\ntoskrnl.exe

[7] 2011-10-26 10:49:08 . 43BA9F58FD87BBF57F958C06241F2C9C . 2195072 . . [5.1.2600.6165 (xpsp_sp3_qfe.111025-1623)] . . C:\WINDOWS\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe

[7] 2010-12-09 15:14:37 . 2A5A8BE47E1F8E55520FB4031E21D129 . 2195072 . . [5.1.2600.6055 (xpsp_sp3_qfe.101209-1646)] . . C:\WINDOWS\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe

[7] 2010-12-09 15:13:59 . B7EF0123C501FFD1B47A86B44E710FD2 . 2195072 . . [5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] . . C:\WINDOWS\$NtUninstallKB2633171$\ntoskrnl.exe

[7] 2010-04-28 18:11:30 . FE9DA2C577DF69771B31183EF5684BE8 . 2192256 . . [5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)] . . C:\WINDOWS\$NtUninstallKB2393802$\ntoskrnl.exe

[7] 2010-04-28 05:15:39 . 6AF2E8CEB03F7CB3B8183359563DBB87 . 2192384 . . [5.1.2600.5973 (xpsp_sp3_qfe.100427-1650)] . . C:\WINDOWS\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe

[7] 2010-02-17 12:04:26 . 786F98EFD090AD93F03E3BD95FB68714 . 2192256 . . [5.1.2600.5938 (xpsp_sp3_gdr.100216-1514)] . . C:\WINDOWS\$NtUninstallKB981852$\ntoskrnl.exe

[7] 2010-02-16 18:58:35 . 4456016C2FF1A8CCCAC8309C9B76E2F5 . 2192384 . . [5.1.2600.5938 (xpsp_sp3_qfe.100216-1510)] . . C:\WINDOWS\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe

[7] 2009-12-09 14:29:16 . A97847B2D30F4A299B35239D26BAD948 . 2191616 . . [5.1.2600.5913 (xpsp_sp3_qfe.091208-2029)] . . C:\WINDOWS\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe

[7] 2009-12-09 10:06:03 . F71185C58C105BDB2BE1AEEAF4198F6E . 2191488 . . [5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)] . . C:\WINDOWS\$NtUninstallKB979683$\ntoskrnl.exe

[7] 2009-08-04 20:56:06 . 121AEDCE2F5A65D63C9D51B9198FA7B3 . 2191488 . . [5.1.2600.5857 (xpsp_sp3_gdr.090804-1435)] . . C:\WINDOWS\$NtUninstallKB977165$\ntoskrnl.exe

[7] 2009-08-04 17:20:18 . 4B86421F2D85D9A4ECB06885C40B8EEB . 2191616 . . [5.1.2600.5857 (xpsp_sp3_qfe.090804-1456)] . . C:\WINDOWS\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe

[7] 2009-02-10 17:12:40 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe

[7] 2009-02-09 11:21:46 . FEE1600B76B196D9993CD468DA7524F7 . 2191360 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\$NtUninstallKB971486$\ntoskrnl.exe

[7] 2008-08-14 17:22:14 . 59282EFE7147C011530E51FF92BA86AC . 2191488 . . [5.1.2600.5657 (xpsp_sp3_qfe.080814-1300)] . . C:\WINDOWS\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe

[7] 2008-08-14 13:36:00 . C7153F3F41C63C8CB912E973F2780495 . 2188288 . . [5.1.2600.3427 (xpsp_sp2_qfe.080814-1242)] . . C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe

[7] 2008-08-14 13:19:48 . 934FBEA25F8DE017ABFC6169B8446D94 . 2191488 . . [5.1.2600.5657 (xpsp_sp3_gdr.080814-1236)] . . C:\WINDOWS\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe

[7] 2008-08-14 13:19:48 . 934FBEA25F8DE017ABFC6169B8446D94 . 2191488 . . [5.1.2600.5657 (xpsp_sp3_gdr.080814-1236)] . . C:\WINDOWS\$NtUninstallKB956572$\ntoskrnl.exe

[7] 2008-04-14 02:00:24 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\$NtUninstallKB956841$\ntoskrnl.exe

[7] 2008-04-14 02:00:24 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe

[-] 2007-02-28 16:06:10 . E1DE7A10D46959560C3B617227D95C19 . 2184448 . . [5.1.2600.3093 (xpsp_sp2_qfe.070227-2300)] . . C:\WINDOWS\$NtUninstallKB956841_0$\ntoskrnl.exe

[-] 2006-12-19 18:43:37 . 00C476049FECF1D3A05C783015B9B518 . 2184320 . . [5.1.2600.3051 (xpsp_sp2_qfe.061219-0311)] . . C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe

[-] 2005-09-29 18:28:43 . 603416BFCCDC6444312993B9BA790EE2 . 2182528 . . [5.1.2600.2765 (xpsp.050928-1517)] . . C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe

[-] 2005-03-02 18:11:53 . EB5538A452E0E99169E2B6CDB62FF9D2 . 2181888 . . [5.1.2600.2622 (xpsp.050301-1521)] . . C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe

[-] 2005-03-02 18:06:32 . 7189A2391ADC1F65C9AE87B0ABE0F945 . 2181632 . . [5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] . . C:\WINDOWS\$NtUninstallKB896256$\ntoskrnl.exe

[7] 2004-08-10 13:00:00 . DC888C9C4CA0EEA7A3CB7E6B610F75C7 . 2183296 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
 

[7] 2008-04-14 02:22:30 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\ServicePackFiles\i386\srsvc.dll

[7] 2008-04-14 02:22:30 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\srsvc.dll

[-] 2004-08-10 13:00:00 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\srsvc.dll
 

[7] 2008-04-14 02:22:31 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\w32time.dll

[7] 2008-04-14 02:22:31 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\w32time.dll

[-] 2004-08-10 13:00:00 . C6D874CD2A5B83CD11CDEBD28A638584 . 176640 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\w32time.dll
 

[7] 2008-04-14 02:22:32 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\wiaservc.dll

[7] 2008-04-14 02:22:32 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\wiaservc.dll

[-] 2006-12-19 18:48:06 . 452AA1C0E7FEE4B2E78D32BCF36FCEBE . 334336 . . [5.1.2600.3051 (xpsp_sp2_qfe.061219-0311)] . . C:\WINDOWS\$hf_mig$\KB927802\SP2QFE\wiaservc.dll

[-] 2006-12-19 18:17:03 . 25E9B30AF1FA1B9AF1853577F39FF20B . 334336 . . [5.1.2600.3051 (xpsp_sp2_gdr.061219-0316)] . . C:\WINDOWS\$NtServicePackUninstall$\wiaservc.dll

[-] 2004-08-10 13:00:00 . 7E751068ADA60FC77638622E86A7CD9E . 333824 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB927802$\wiaservc.dll
 

[7] 2008-04-14 02:22:14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\ServicePackFiles\i386\midimap.dll

[7] 2008-04-14 02:22:14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\midimap.dll

[-] 2004-08-10 13:00:00 . 32641AE4D340C1AC2D9B3A3BD71F5C47 . 18944 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\midimap.dll
 

[7] 2008-04-14 02:22:23 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\rasadhlp.dll

[7] 2008-04-14 02:22:23 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\rasadhlp.dll

[-] 2006-06-26 17:46:11 . 45F87F6E7AB4F79B5C719B78C289DB66 . 7680 . . [5.1.2600.2938 (xpsp.060626-0041)] . . C:\WINDOWS\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll

[-] 2006-06-26 17:40:34 . DC940E8932827D65180F6A71BD4BD878 . 8192 . . [5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] . . C:\WINDOWS\$NtServicePackUninstall$\rasadhlp.dll

[-] 2004-08-10 13:00:00 . 84028E2EBE7A25494766673A5FF4B304 . 8192 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB920683$\rasadhlp.dll
 

[7] 2008-04-14 02:22:32 . 02AF8A799D173C2D0C71F399C03AC9E1 . 19456 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\wshtcpip.dll

[7] 2008-04-14 02:22:32 . 02AF8A799D173C2D0C71F399C03AC9E1 . 19456 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\wshtcpip.dll

[-] 2004-08-10 13:00:00 . 3FEADE4D0B41D22E8B8460739A9B4FEE . 19968 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\wshtcpip.dll
 

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
 
 

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4
 

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{17166733-40EA-4432-A85C-AE672FF0E236}]

2011-05-11 15:38:06        154216        ----a-w-        C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1und1InternetExplorerAddon\BHOXML.dll
 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 09:05:26 65536]

"OM2_Monitor"="C:\Programme\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-02-22 12:29:10 95536]

"1und1Dispatcher"="C:\Programme\1und1Softwareaktualisierung\SchedDispatcher.exe" [2011-11-17 08:08:24 223600]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 02:22:40 15360]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 12:34:32 64512]

"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-11-03 22:25:48 98304]

"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-11-03 22:22:36 77824]

"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-11-03 22:26:30 118784]

"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2005-12-29 21:21:02 61952]

"SynTPEnh"="C:\Programme\Synaptics\SynTP\SynTPEnh.exe" [2006-03-02 23:02:08 761948]

"Toshiba Hotkey Utility"="C:\Programme\Toshiba\Windows Utilities\Hotkey.exe" [2006-03-15 17:12:24 1769472]

"NDSTray.exe"="NDSTray.exe" [BU]

"SmoothView"="C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe" [2005-05-13 10:01:30 118784]

"mouseElf"="C:\PROGRA~1\NAVIGA~1\MouseElf.EXE" [2004-09-20 05:16:40 196608]

"OM2_Monitor"="C:\Programme\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-02-22 12:29:08 54576]

"Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 00:04:34 39792]

"Garmin Lifetime Updater"="C:\Programme\Garmin\Lifetime Updater\GarminLifetime.exe" [2011-12-15 09:40:54 1446248]

"APSDaemon"="C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 06:22:28 59240]

"QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2011-10-24 13:28:52 421888]

"TkBellExe"="C:\program files\real\realplayer\update\realsched.exe" [2012-11-30 14:23:35 296096]
 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 02:22:40 15360]
 

C:\Dokumente und Einstellungen\Reith\Startmenü\Programme\Autostart\

Microsoft Office OneNote 2003 Schnellstart.lnk - C:\Programme\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080]
 

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\

Dienst-Manager.lnk - C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

McAfee Security Scan Plus.lnk - C:\Programme\McAfee Security Scan\3.0.313\SSScheduler.exe [2012-10-26 271808]

Microsoft Office.lnk - C:\Programme\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001
 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001
 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Programme\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
 

R0 SymDS;Symantec Data Store;C:\WINDOWS\system32\drivers\N360\0502020.003\symds.sys [12.06.2012 06:36:04 340088]

R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\system32\drivers\N360\0502020.003\symefa.sys [12.06.2012 06:36:05 744568]

R1 BHDrvx86;BHDrvx86;C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130116.013\BHDrvx86.sys [16.01.2013 03:51:12 997464]

R1 SSHDRV5C;SSHDRV5C;C:\WINDOWS\system32\drivers\SSHDRV5C.sys [24.12.2006 10:48:36 34816]

R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\system32\drivers\N360\0502020.003\ironx86.sys [12.06.2012 06:36:04 136312]

R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;C:\Programme\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> C:\Programme\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]

R2 N360;Norton 360;C:\Programme\Norton 360\Engine\5.2.2.3\ccsvchst.exe [12.06.2012 06:35:43 130008]

R2 serviceIEConfig;IEConfig 1und1/WEB.DE/GMX Edition;C:\WINDOWS\system32\ieconfig_1und1_svc.exe [25.03.2011 14:44:57 1404008]

R3 IDSxpx86;IDSxpx86;C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130208.004\IDSXpx86.sys [09.02.2013 01:57:27 373728]

R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\drivers\x10hid.sys [22.03.2006 07:47:46 7040]

S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe" --> C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe [?]

S2 HPFECP15;HPFECP15;C:\WINDOWS\system32\drivers\HPFecp15.sys [15.10.1998 08:02:50 52800]

S3 genmcmnUSB;USB Scroll Mouse Driver;C:\WINDOWS\system32\drivers\gflmouhid.sys [24.04.2008 16:17:42 6656]

S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [29.09.2012 13:26:57 40776]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Programme\McAfee Security Scan\3.0.313\McCHSvc.exe [26.10.2012 19:15:26 234776]

S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;C:\Programme\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> C:\Programme\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
 

--- Andere Dienste/Treiber im Speicher ---
 

*NewlyCreated* - WS2IFSL

*Deregistered* - EraserUtilDrv11220
 

Inhalt des "geplante Tasks" Ordners
 

2013-02-09 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 07:21:23 . 2013-02-08 16:26:16]

hi
das log is nicht ganz vollständig. hängs mal als txt an bitte

Die Datei lässt sich nicht anhängen, ist zu groß. Was jetzt??:confused:

packen und anhängen.

OK, danke. Müsste funktioniert haben. Anhang 50216

hi
malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

So, der Scan ist durch. Hier das Logfile:

Code:

Malwarebytes Anti-Malware (Test) 1.70.0.1100

www.malwarebytes.org
 

Datenbank Version: v2013.02.11.04
 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

*** :: YOUR-2D1ABB0973 [Administrator]
 

Schutz: Aktiviert
 

11.02.2013 15:14:36

mbam-log-2013-02-11 (15-14-36).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 333732

Laufzeit: 1 Stunde(n), 27 Minute(n), 43 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 2

HKCR\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 6

C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\SoftonicDownloader_fuer_able-rawer(1).exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\SoftonicDownloader_fuer_able-rawer(2).exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\SoftonicDownloader_fuer_able-rawer.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Programme\Yontoo Layers Runtime\YontooIEClient.dll (Adware.Yontoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\System Volume Information\_restore{DD0FF237-AD14-4090-B42A-4C4F2C77CAA7}\RP1287\A0255929.exe (Trojan.FakeMS.ED) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\_OTL\MovedFiles\02082013_171530\C_Dokumente und Einstellungen\***\338359.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)