Virus Alert mit Combofix behoben

#1 Guten Morgen

Ich bin neu hier und hab eben meinen PC dank diesem Forum und mit Hlfe von Combofix in Ordnung gebracht. Jedenfalls läuft alles wieder wie vorher. Kann ich mich jetzt erleichtert zurücklehnen oder muss ich noch weitere Arbeiten ausführen? Herzlichen Dank schon mal für die wertvolle Hilfe und hier das Logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:58, on 2008-06-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\Explorer.EXE
D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe
D:\Programme\AntiVir PersonalEdition Classic\sched.exe
D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\Program Files\Siemens\Adsl\dslstat.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
D:\Programme\HP\HP Software Update\HPWuSchd2.exe
D:\WINDOWS\System32\svchost.exe
D:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE
D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
D:\Programme\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\Programme\Logitech\Video\LogiTray.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programme\Microsoft ActiveSync\wcescomm.exe
D:\Programme\MSN Messenger\MsnMsgr.Exe
D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe
D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe
D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
D:\Programme\Google\Google Updater\GoogleUpdater.exe
D:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
D:\Programme\Netropa\Multimedia Keyboard\TrayMon.exe
D:\Programme\Netropa\Onscreen Display\OSD.exe
D:\Programme\Netropa\InetKb\Inetkb.exe
D:\Programme\Logitech\Video\FxSvr2.exe
D:\Programme\Microsoft Office\Office\1031\msoffice.exe
D:\Programme\iPod\bin\iPodService.exe
D:\Programme\PC Connectivity Solution\ServiceLayer.exe
D:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
D:\Programme\PC Connectivity Solution\Transports\NclIrSrv.exe
D:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
D:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Programme\Gemeinsame Dateien\Nokia\MPAPI\MPAPI3s.exe
D:\Programme\Trend Micro\HijackThis\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sunrise.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ch/0SEDECH/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {1962c5bc-e475-465b-823b-133e711bceb9} - (no file)
O3 - Toolbar: (no name) - {CD242757-42DC-4A43-9FAA-72667BB8F32B} - (no file)
O4 - HKLM\..\Run: [DSLSTATEXE] D:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] D:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [avgnt] "D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] D:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [REGSHAVE] D:\Programme\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LWBMOUSE] D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [204601ea] rundll32.exe "D:\WINDOWS\system32\rhkobkcc.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SHCenter.exe] D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe
O4 - HKCU\..\Run: [runner.exe] D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [RTEGPRS] "D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [Nokia.PCSync] "D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Performance Center] D:\Programme\Ascentive\Performance Center\APCMain.exe -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Erinnerungen für Microsoft Works-Kalender.lnk = ?
O4 - Global Startup: Google Updater.lnk = D:\Programme\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://D:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Bild in &Microsoft PhotoDraw öffnen - res://C:\PROGRA~1\MICROS~1\OFFICE\1031\PHDINTL.DLL/phdContext.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161325769843
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{2EBBC515-3A77-40B2-85DD-DD0117491D8B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{9877EC34-CEB4-4ECD-9C75-DD4CFF9F63F8}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{E63FB20D-DD70-41AA-832F-156B90A452EF}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF3178E4-D0B9-40CC-A7C6-97C0D590C01B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.39 85.255.112.99
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 85.255.114.39,85.255.112.99
O17 - HKLM\System\CS2\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 208.67.220.220,208.67.222.222
O20 - Winlogon Notify: awturRjg - awturRjg.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - D:\Programme\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - D:\Programme\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 12266 bytes
__________
MfG Bruno

#2 Da ist noch einiges. Koenntest du das Combofix Log hier noch einstellen, um zu sehen, was alles geloescht wurde und was noch alles da ist!?
__________
MfG Ralf
SEO-Spam Hunter

#3 Ich versuche dieses Log zu finden, es wurde nicht angezeigt. Dieses hier:

ComboFix 08-06-09.7 - Anwender 2008-06-10 9:13:24.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.217 [GMT 2:00]
ausgeführt von:: D:\Dokumente und Einstellungen\Anwender.ERIKA\Desktop\ComboFix.exe
Command switches used :: D:\Dokumente und Einstellungen\Anwender.ERIKA\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
* Neuer Wiederherstellungspunkt wurde erstellt
.

(((((((((((((((((((((((((((((((((((( Weitere L”schungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Dokumente und Einstellungen\Admin\Desktop\Privacy Protector.url
D:\WINDOWS\boqnrwdmsvr.dll
D:\WINDOWS\system32\bwglsudr.ini
D:\WINDOWS\system32\cckbokhr.ini
D:\WINDOWS\system32\cmoitpyc.dll
D:\WINDOWS\system32\cyptiomc.ini
D:\WINDOWS\system32\irywhral.ini
D:\WINDOWS\system32\larhwyri.dll
D:\WINDOWS\system32\mcrh.tmp
D:\WINDOWS\system32\olkkpfcs.ini
D:\WINDOWS\system32\sDcJkUvw.ini
D:\WINDOWS\system32\sDcJkUvw.ini2
D:\WINDOWS\system32\TBKSAyxx.ini
D:\WINDOWS\system32\TBKSAyxx.ini2
D:\WINDOWS\system32\tjwjajks.ini
D:\WINDOWS\system32\ujffjenf.ini
D:\WINDOWS\system32\vEegOnmp.ini
D:\WINDOWS\system32\vEegOnmp.ini2
D:\WINDOWS\system32\wajynvfo.ini
D:\WINDOWS\system32\wvUkJcDs.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CSDDRIVER
-------\Service_CsdDriver


((((((((((((((((((((((( Dateien erstellt von 2008-05-10 bis 2008-06-10 ))))))))))))))))))))))))))))))
.

2008-06-10 09:23 . 2008-06-10 09:23 294 ---hs---- D:\WINDOWS\system32\cckbokhr.ini
2008-06-10 06:49 . 2008-06-10 06:49 <DIR> d-------- D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\InstallShield
2008-06-10 06:17 . 2008-03-12 14:13 208,896 --a------ D:\WINDOWS\system32\ConTest.dll
2008-06-10 06:17 . 2007-10-17 10:19 20,480 --a------ D:\WINDOWS\system32\SysRestore.dll
2008-06-09 23:26 . 2008-06-09 23:26 <DIR> d-------- D:\Programme\Trend Micro
2008-06-09 13:15 . 2008-06-09 13:15 93,056 --a------ D:\WINDOWS\system32\rhkobkcc.dll
2008-06-04 18:45 . 2008-06-04 18:45 <DIR> d-------- D:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Software4u
2008-06-04 11:37 . 2008-06-04 11:38 <DIR> d-------- D:\Programme\Spybot - Search & Destroy
2008-06-04 11:37 . 2008-06-04 15:18 <DIR> d-------- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2008-06-02 21:21 . 2008-06-02 21:21 <DIR> d-------- D:\Programme\Microsoft Windows OneCare Live
2008-06-02 13:59 . 2008-06-02 21:21 <DIR> d-------- D:\Programme\Windows Live Safety Center
2008-06-02 13:16 . 2008-06-03 10:11 <DIR> dr------- D:\Dokumente und Einstellungen\Administrator\Eigene Dateien
2008-06-02 13:12 . 2006-06-27 10:08 <DIR> d--h----- D:\Dokumente und Einstellungen\Administrator\Vorlagen
2008-06-02 13:12 . 2006-06-27 10:57 <DIR> dr------- D:\Dokumente und Einstellungen\Administrator\Startmen�
2008-06-02 13:12 . 2008-06-02 13:32 <DIR> d--h----- D:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung
2008-06-02 13:12 . 2008-06-03 10:30 <DIR> d--h----- D:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen
2008-06-02 13:12 . 2006-06-27 10:57 <DIR> d-------- D:\Dokumente und Einstellungen\Administrator\Favoriten
2008-06-02 13:12 . 2006-06-27 10:57 <DIR> d--h----- D:\Dokumente und Einstellungen\Administrator\Druckumgebung
2008-06-02 13:12 . 2008-06-06 11:37 <DIR> dr-h----- D:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
2008-06-02 13:12 . 2008-06-04 18:49 <DIR> d-------- D:\Dokumente und Einstellungen\Administrator
2008-06-02 12:46 . 2008-06-02 12:46 <DIR> d-------- D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\TmpRecentIcons
2008-06-01 23:08 . 2008-06-01 17:59 94,208 --a------ D:\WINDOWS\evmk.exe
2008-05-26 21:30 . 2008-05-26 21:30 <DIR> d-------- D:\WINDOWS\system32\de
2008-05-26 21:16 . 2008-04-13 22:06 144,384 --------- D:\WINDOWS\system32\drivers\hdaudbus.sys
2008-05-26 21:16 . 2008-04-14 00:10 10,240 --------- D:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-05-26 21:13 . 2006-12-29 00:31 19,569 --a------ D:\WINDOWS\005739_.tmp
2008-05-26 19:22 . 2008-06-02 23:23 <DIR> d-------- D:\WINDOWS\system32\NtmsData
2008-05-25 20:09 . 2008-05-25 20:12 <DIR> d-------- D:\7f6af308274b1f7a337e6b8d7c97caed
2008-05-15 10:58 . 2008-05-15 10:58 <DIR> d-------- D:\Dokumente und Einstellungen\Anwender.ERIKA\AcrobatFonts

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-10 04:49 --------- d--h--w D:\Programme\InstallShield Installation Information
2008-06-09 11:22 --------- d-----w D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater
2008-06-04 16:01 --------- d-----w D:\Programme\SBB.08
2008-05-26 19:46 --------- d-----w D:\Programme\MSN Messenger
2008-05-25 18:37 --------- d-----w D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\Image Zone Express
2008-05-21 17:37 --------- d-----w D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\Nokia
2008-04-28 14:26 --------- d-----w D:\Dokumente und Einstellungen\Gast\Anwendungsdaten\PC Suite
2008-04-25 20:52 --------- d-----w D:\Programme\Gemeinsame Dateien\Adobe
2008-04-24 17:29 --------- d-----w D:\Programme\eMule.de 0.48a v18
2008-04-17 22:05 --------- d-----w D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\PC Suite
2008-04-17 21:58 --------- d-----w D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Nokia Multimedia Player
2008-04-17 21:51 --------- d-----w D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
2008-04-17 21:51 --------- d-----w D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\PC Suite
2008-04-17 21:50 --------- d-----w D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Nokia
2008-04-17 21:49 --------- d-----w D:\Programme\Nokia
2008-04-17 21:49 --------- d-----w D:\Programme\Gemeinsame Dateien\PCSuite
2008-04-17 21:49 --------- d-----w D:\Programme\Gemeinsame Dateien\Nokia
2008-04-17 21:49 --------- d-----w D:\Programme\DIFX
2008-04-17 21:48 --------- d-----w D:\Programme\PC Connectivity Solution
2008-04-17 21:46 --------- d-----w D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
2008-04-17 20:45 --------- d-----w D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\RTE
2008-04-17 20:20 --------- d-----w D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RTE
2008-04-17 20:20 --------- d-----w D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\RTE
2008-04-14 18:47 --------- d-----w D:\Programme\Logitech
2008-04-14 18:47 --------- d-----w D:\Programme\Gemeinsame Dateien\Logitech
2008-04-14 18:41 --------- d-----w D:\Programme\Gemeinsame Dateien\LogiShrd
2008-04-14 05:53 40,840 ----a-w D:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 05:53 32,866 ------w D:\WINDOWS\slrundll.exe
2008-04-14 05:53 288,768 ----a-w D:\WINDOWS\winhlp32.exe
2008-04-14 05:53 21,896 ----a-w D:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 05:53 153,600 ----a-w D:\WINDOWS\regedit.exe
2008-04-14 05:53 139,656 ----a-w D:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 05:53 12,040 ----a-w D:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 05:32 80,384 ----a-w D:\WINDOWS\system32\drivers\parport.sys
2008-04-14 05:32 73,472 ----a-w D:\WINDOWS\system32\drivers\sr.sys
2008-04-14 05:32 68,224 ----a-w D:\WINDOWS\system32\drivers\pci.sys
2008-04-14 05:32 46,848 ----a-w D:\WINDOWS\system32\drivers\p3.sys
2008-04-14 05:32 120,576 ----a-w D:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 05:28 800,384 ----a-w D:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 05:28 37,632 ----a-w D:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 05:28 25,216 ----a-w D:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 05:28 154,112 ----a-w D:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 05:27 40,448 ------w D:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 05:26 40,832 ----a-w D:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 05:25 65,536 ----a-w D:\WINDOWS\system32\drivers\serial.sys
2008-04-14 05:25 52,992 ----a-w D:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 05:24 25,856 ------w D:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 05:22 57,728 ----a-w D:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 05:22 53,760 ----a-w D:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 05:22 44,672 ----a-w D:\WINDOWS\system32\drivers\fips.sys
2008-04-14 05:22 273,920 ------w D:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 05:21 39,936 ----a-w D:\WINDOWS\system32\drivers\processr.sys
2008-04-14 05:20 41,856 ------w D:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 05:20 41,472 ----a-w D:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 05:19 30,336 ----a-w D:\WINDOWS\system32\drivers\modem.sys
2008-04-14 05:19 23,552 ----a-w D:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 05:19 188,800 ----a-w D:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 22:58 175,744 ----a-w D:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 22:51 162,816 ----a-w D:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 22:50 91,520 ----a-w D:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 22:50 361,344 ----a-w D:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 22:50 182,656 ----a-w D:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 22:49 75,264 ----a-w D:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 22:49 51,328 ----a-w D:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 22:49 48,384 ----a-w D:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 22:49 146,048 ----a-w D:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 22:49 138,112 ----a-w D:\WINDOWS\system32\drivers\afd.sys
2008-04-13 22:47 83,072 ----a-w D:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 22:47 456,576 ----a-w D:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 22:47 105,344 ----a-w D:\WINDOWS\system32\drivers\mup.sys
2008-04-13 22:46 49,536 ----a-w D:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 22:46 141,056 ----a-w D:\WINDOWS\system32\drivers\ks.sys
2008-04-13 22:45 60,800 ----a-w D:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 22:45 574,976 ----a-w D:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 22:45 334,848 ----a-w D:\WINDOWS\system32\drivers\srv.sys
2008-04-13 22:44 63,744 ----a-w D:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 22:44 143,744 ----a-w D:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 22:30 225,664 ----a-w D:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 22:30 19,072 ----a-w D:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 22:27 41,472 ----a-w D:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 22:27 40,576 ----a-w D:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 22:27 34,560 ----a-w D:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 22:27 20,864 ----a-w D:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 22:27 152,832 ----a-w D:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 22:27 14,336 ----a-w D:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 22:27 10,112 ----a-w D:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 22:26 88,320 ----a-w D:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 22:26 69,120 ----a-w D:\WINDOWS\system32\drivers\psched.sys
2008-04-13 22:26 35,072 ----a-w D:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 22:26 34,688 ----a-w D:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 22:26 30,592 ----a-w D:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 22:26 30,592 ------w D:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 22:26 14,592 ----a-w D:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 22:26 12,800 ----a-w D:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 22:26 12,800 ------w D:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 22:26 12,288 ------w D:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 22:25 202,624 ----a-w D:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 22:24 88,192 ----a-w D:\WINDOWS\system32\drivers\irda.sys
2008-04-13 22:24 22,016 ----a-w D:\WINDOWS\system32\drivers\msircomm.sys
2008-04-13 22:24 11,264 ----a-w D:\WINDOWS\system32\drivers\irenum.sys
.

(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2008-04-14 07:52 15360]
"swg"="D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-27 16:09 68856]
"H/PC Connection Agent"="D:\Programme\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:09 1211176]
"SHCenter.exe"="D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe" [2003-09-16 18:58 135168]
"runner.exe"="D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe" [2003-09-16 18:58 135168]
"MsnMsgr"="D:\Programme\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"QuickTime Task"="D:\Programme\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"LogitechSoftwareUpdate"="D:\Programme\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"RTEGPRS"="D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe" [2004-07-23 19:50 2334720]
"Nokia.PCSync"="D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896]
"PC Suite Tray"="D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 11:20 1079296]
"Performance Center"="D:\Programme\Ascentive\Performance Center\APCMain.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DSLSTATEXE"="D:\Program Files\Siemens\Adsl\dslstat.exe" [2003-09-22 10:43 299008]
"DSLAGENTEXE"="D:\Program Files\Siemens\Adsl\dslagent.exe" [2003-08-19 12:47 16384]
"avgnt"="D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-17 22:05 262401]
"HP Software Update"="D:\Programme\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
"Adobe Photo Downloader"="D:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
"REGSHAVE"="D:\Programme\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32 53248]
"TkBellExe"="D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2007-10-15 21:50 185632]
"LWBMOUSE"="D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE" [2001-11-09 08:47 356352]
"MULTIMEDIA KEYBOARD"="D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe" [2003-06-04 02:32 163840]
"NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"QuickTime Task"="D:\Programme\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="D:\Programme\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"LVCOMSX"="D:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"LogitechVideoRepair"="D:\Programme\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"LogitechVideoTray"="D:\Programme\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"Adobe Reader Speed Launcher"="D:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"204601ea"="D:\WINDOWS\system32\rhkobkcc.dll" [2008-06-09 13:15 93056]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 07:52 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awturRjg]
awturRjg.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"D:\\Programme\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"D:\Programme\Microsoft ActiveSync\rapimgr.exe"= D:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"D:\Programme\Microsoft ActiveSync\wcescomm.exe"= D:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"D:\Programme\Microsoft ActiveSync\WCESMgr.exe"= D:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"D:\\Programme\\eMule.de 0.48a v18\\emule.exe"=
"D:\\Dokumente und Einstellungen\\Anwender.ERIKA\\Desktop\\PCconnect.exe"=
"D:\\Programme\\iTunes\\iTunes.exe"=
"D:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"D:\\Programme\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 msikbd2k;Multimedia Keyboard Filter Driver;D:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2001-12-20 11:02]
R2 nhksrv;Netropa NHK Server;D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe [2001-08-06 08:41]
R2 UxTuneUp;TuneUp Designerweiterung;D:\WINDOWS\System32\svchost.exe [2008-04-14 07:53]
R3 FA312;NETGEAR FA330/FA312/FA311-Fast Ethernet-Adaptertreiber;D:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 13:12]
S3 CableFlt;Quick Heal Network Protection Service;D:\WINDOWS\system32\DRIVERS\CableFlt.sys []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Inhalt des "geplante Tasks" Ordners
"2008-04-11 15:15:00 D:\WINDOWS\Tasks\1-Klick-Wartung.job"
- D:\Programme\TuneUp Utilities 2006\SystemOptimizer.exe
"2008-05-14 09:50:02 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- D:\Programme\Apple Software Update\SoftwareUpdate.exe
"2008-06-10 07:06:04 D:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job"
__________
MfG Bruno

#4 Da ist noch einiges:


1. Starte Notepad (Start / Ausführen / notepad[Enter])
S\sy
2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code

collect::[49]
D:\WINDOWS\system32\rhkobkcc.dll
D:\WINDOWS\evmk.exe

3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer!)

5. Dann ziehe die CFScript.txt auf die ComboFix.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.



6. Nach dem Neustart (falls gefragt wird ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

7. Danach meldet sich Combofix mit der Meldung, das eine Datei zur Ueberpruefung verschickt werden muss. Bestaetige die Meldung und folge den Schritten, die dir im Internetexplorer angezeigt werden.

8. Poste zu dem neuen Combofix Report auch ein aktuelles Hijackthis log.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann
__________
MfG Ralf
SEO-Spam Hunter

#5 Danke Ralf. Nach dem Neustart erschien eine Fehlermeldung:

Fehler beim Laden von D:\WINDOWS\system32\rhkopkcc.dll
Das angegebene Modul wurde nicht gefunden.

Weiter Combofix.log:

ComboFix 08-06-09.7 - Anwender 2008-06-10 12:12:35.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.139 [GMT 2:00]
ausgeführt von:: D:\Dokumente und Einstellungen\Anwender.ERIKA\Desktop\ComboFix.exe
Command switches used :: D:\Dokumente und Einstellungen\Anwender.ERIKA\Desktop\CFScript.txt
* Neuer Wiederherstellungspunkt wurde erstellt
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\WINDOWS\evmk.exe
D:\WINDOWS\system32\mcrh.tmp
D:\WINDOWS\system32\rhkobkcc.dll
.
---- Previous Run -------
.
D:\Dokumente und Einstellungen\Admin\Desktop\Privacy Protector.url
D:\WINDOWS\boqnrwdmsvr.dll
D:\WINDOWS\system32\bwglsudr.ini
D:\WINDOWS\system32\cckbokhr.ini
D:\WINDOWS\system32\cmoitpyc.dll
D:\WINDOWS\system32\cyptiomc.ini
D:\WINDOWS\system32\irywhral.ini
D:\WINDOWS\system32\larhwyri.dll
D:\WINDOWS\system32\mcrh.tmp
D:\WINDOWS\system32\olkkpfcs.ini
D:\WINDOWS\system32\sDcJkUvw.ini
D:\WINDOWS\system32\sDcJkUvw.ini2
D:\WINDOWS\system32\TBKSAyxx.ini
D:\WINDOWS\system32\TBKSAyxx.ini2
D:\WINDOWS\system32\tjwjajks.ini
D:\WINDOWS\system32\ujffjenf.ini
D:\WINDOWS\system32\vEegOnmp.ini
D:\WINDOWS\system32\vEegOnmp.ini2
D:\WINDOWS\system32\wajynvfo.ini
D:\WINDOWS\system32\wvUkJcDs.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CSDDRIVER
-------\Service_CsdDriver


((((((((((((((((((((((( Dateien erstellt von 2008-05-10 bis 2008-06-10 ))))))))))))))))))))))))))))))
.

2008-06-10 09:23 . 2008-06-10 12:04 1,282 ---hs---- D:\WINDOWS\system32\cckbokhr.ini
2008-06-10 06:49 . 2008-06-10 06:49 <DIR> d-------- D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\InstallShield
2008-06-10 06:17 . 2008-03-12 14:13 208,896 --a------ D:\WINDOWS\system32\ConTest.dll
2008-06-10 06:17 . 2007-10-17 10:19 20,480 --a------ D:\WINDOWS\system32\SysRestore.dll
2008-06-09 23:26 . 2008-06-09 23:26 <DIR> d-------- D:\Programme\Trend Micro
2008-06-04 18:45 . 2008-06-04 18:45 <DIR> d-------- D:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Software4u
2008-06-04 11:37 . 2008-06-04 11:38 <DIR> d-------- D:\Programme\Spybot - Search & Destroy
2008-06-04 11:37 . 2008-06-04 15:18 <DIR> d-------- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2008-06-02 21:21 . 2008-06-02 21:21 <DIR> d-------- D:\Programme\Microsoft Windows OneCare Live
2008-06-02 13:59 . 2008-06-02 21:21 <DIR> d-------- D:\Programme\Windows Live Safety Center
2008-06-02 13:16 . 2008-06-03 10:11 <DIR> dr------- D:\Dokumente und Einstellungen\Administrator\Eigene Dateien
2008-06-02 13:12 . 2006-06-27 10:08 <DIR> d--h----- D:\Dokumente und Einstellungen\Administrator\Vorlagen
2008-06-02 13:12 . 2006-06-27 10:57 <DIR> dr------- D:\Dokumente und Einstellungen\Administrator\Startmenü
2008-06-02 13:12 . 2008-06-02 13:32 <DIR> d--h----- D:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung
2008-06-02 13:12 . 2008-06-10 12:15 <DIR> d--h----- D:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen
2008-06-02 13:12 . 2006-06-27 10:57 <DIR> d-------- D:\Dokumente und Einstellungen\Administrator\Favoriten
2008-06-02 13:12 . 2006-06-27 10:57 <DIR> d--h----- D:\Dokumente und Einstellungen\Administrator\Druckumgebung
2008-06-02 13:12 . 2008-06-06 11:37 <DIR> dr-h----- D:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
2008-06-02 13:12 . 2008-06-04 18:49 <DIR> d-------- D:\Dokumente und Einstellungen\Administrator
2008-06-02 12:46 . 2008-06-02 12:46 <DIR> d-------- D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\TmpRecentIcons
2008-05-26 21:30 . 2008-05-26 21:30 <DIR> d-------- D:\WINDOWS\system32\de
2008-05-26 21:16 . 2008-04-13 22:06 144,384 --------- D:\WINDOWS\system32\drivers\hdaudbus.sys
2008-05-26 21:16 . 2008-04-14 00:10 10,240 --------- D:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-05-26 21:13 . 2006-12-29 00:31 19,569 --a------ D:\WINDOWS\005739_.tmp
2008-05-26 19:22 . 2008-06-02 23:23 <DIR> d-------- D:\WINDOWS\system32\NtmsData
2008-05-25 20:09 . 2008-05-25 20:12 <DIR> d-------- D:\7f6af308274b1f7a337e6b8d7c97caed
2008-05-15 10:58 . 2008-05-15 10:58 <DIR> d-------- D:\Dokumente und Einstellungen\Anwender.ERIKA\AcrobatFonts

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-10 04:49 --------- d--h--w D:\Programme\InstallShield Installation Information
2008-06-09 11:22 --------- d-----w D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater
2008-06-04 16:01 --------- d-----w D:\Programme\SBB.08
2008-05-26 19:46 --------- d-----w D:\Programme\MSN Messenger
2008-05-25 18:37 --------- d-----w D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\Image Zone Express
2008-05-21 17:37 --------- d-----w D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\Nokia
2008-04-28 14:26 --------- d-----w D:\Dokumente und Einstellungen\Gast\Anwendungsdaten\PC Suite
2008-04-25 20:52 --------- d-----w D:\Programme\Gemeinsame Dateien\Adobe
2008-04-24 17:29 --------- d-----w D:\Programme\eMule.de 0.48a v18
2008-04-17 22:05 --------- d-----w D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\PC Suite
2008-04-17 21:58 --------- d-----w D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Nokia Multimedia Player
2008-04-17 21:51 --------- d-----w D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
2008-04-17 21:51 --------- d-----w D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\PC Suite
2008-04-17 21:50 --------- d-----w D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Nokia
2008-04-17 21:49 --------- d-----w D:\Programme\Nokia
2008-04-17 21:49 --------- d-----w D:\Programme\Gemeinsame Dateien\PCSuite
2008-04-17 21:49 --------- d-----w D:\Programme\Gemeinsame Dateien\Nokia
2008-04-17 21:49 --------- d-----w D:\Programme\DIFX
2008-04-17 21:48 --------- d-----w D:\Programme\PC Connectivity Solution
2008-04-17 21:46 --------- d-----w D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
2008-04-17 20:45 --------- d-----w D:\Dokumente und Einstellungen\Anwender.ERIKA\Anwendungsdaten\RTE
2008-04-17 20:20 --------- d-----w D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RTE
2008-04-17 20:20 --------- d-----w D:\Dokumente und Einstellungen\Admin\Anwendungsdaten\RTE
2008-04-14 18:47 --------- d-----w D:\Programme\Logitech
2008-04-14 18:47 --------- d-----w D:\Programme\Gemeinsame Dateien\Logitech
2008-04-14 18:41 --------- d-----w D:\Programme\Gemeinsame Dateien\LogiShrd
2008-04-14 06:06 1,804 ----a-w D:\WINDOWS\system32\dcache.bin
2008-04-14 05:55 333,312 ----a-w D:\WINDOWS\system32\netsetup.exe
2008-04-14 05:52 99,840 ----a-w D:\WINDOWS\system32\loadperf.dll
2008-04-14 05:51 762,368 ----a-w D:\WINDOWS\system32\winntbbu.dll
2008-04-14 05:51 731,648 ----a-w D:\WINDOWS\system32\ntdll.dll
2008-04-14 05:51 57,375 ----a-w D:\WINDOWS\system32\odbcji32.dll
2008-04-14 05:51 5,632 ----a-w D:\WINDOWS\system32\wmi.dll
2008-04-14 05:51 4,126 ----a-w D:\WINDOWS\system32\msdxmlc.dll
2008-04-14 05:51 24,064 ----a-w D:\WINDOWS\system32\pidgen.dll
2008-04-14 05:32 80,384 ----a-w D:\WINDOWS\system32\drivers\parport.sys
2008-04-14 05:32 73,472 ----a-w D:\WINDOWS\system32\drivers\sr.sys
2008-04-14 05:32 68,224 ----a-w D:\WINDOWS\system32\drivers\pci.sys
2008-04-14 05:32 46,848 ----a-w D:\WINDOWS\system32\drivers\p3.sys
2008-04-14 05:32 120,576 ----a-w D:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 05:30 2,191,360 ----a-w D:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 05:30 2,068,224 ----a-w D:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 05:29 4,096 ------w D:\WINDOWS\system32\dsprpres.dll
2008-04-14 05:28 800,384 ----a-w D:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 05:28 37,632 ----a-w D:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 05:28 25,216 ----a-w D:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 05:28 154,112 ----a-w D:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 05:27 93,184 ------w D:\WINDOWS\system32\msxml6r.dll
2008-04-14 05:27 40,448 ------w D:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 05:26 81,408 ------w D:\WINDOWS\system32\msshavmsg.dll
2008-04-14 05:26 51,712 ----a-w D:\WINDOWS\system32\inetres.dll
2008-04-14 05:26 40,832 ----a-w D:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 05:25 65,536 ----a-w D:\WINDOWS\system32\drivers\serial.sys
2008-04-14 05:25 572,928 ----a-w D:\WINDOWS\system32\shdoclc.dll
2008-04-14 05:25 52,992 ----a-w D:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 05:24 25,856 ------w D:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 05:24 10,752 ----a-w D:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 05:23 1,845,760 ----a-w D:\WINDOWS\system32\win32k.sys
2008-04-14 05:22 68,096 ----a-w D:\WINDOWS\system32\browselc.dll
2008-04-14 05:22 57,728 ----a-w D:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 05:22 53,760 ----a-w D:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 05:22 44,672 ----a-w D:\WINDOWS\system32\drivers\fips.sys
2008-04-14 05:22 273,920 ------w D:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 05:21 39,936 ----a-w D:\WINDOWS\system32\drivers\processr.sys
2008-04-14 05:20 41,856 ------w D:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 05:20 41,472 ----a-w D:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 05:19 30,336 ----a-w D:\WINDOWS\system32\drivers\modem.sys
2008-04-14 05:19 23,552 ----a-w D:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 05:19 188,800 ----a-w D:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 22:58 175,744 ----a-w D:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 22:51 162,816 ----a-w D:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 22:50 91,520 ----a-w D:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 22:50 361,344 ----a-w D:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 22:50 182,656 ----a-w D:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 22:49 75,264 ----a-w D:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 22:49 51,328 ----a-w D:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 22:49 48,384 ----a-w D:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 22:49 146,048 ----a-w D:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 22:49 138,112 ----a-w D:\WINDOWS\system32\drivers\afd.sys
2008-04-13 22:47 83,072 ----a-w D:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 22:47 456,576 ----a-w D:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 22:47 105,344 ----a-w D:\WINDOWS\system32\drivers\mup.sys
2008-04-13 22:46 49,536 ----a-w D:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 22:46 141,056 ----a-w D:\WINDOWS\system32\drivers\ks.sys
2008-04-13 22:45 60,800 ----a-w D:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 22:45 574,976 ----a-w D:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 22:45 334,848 ----a-w D:\WINDOWS\system32\drivers\srv.sys
2008-04-13 22:44 63,744 ----a-w D:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 22:44 143,744 ----a-w D:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 22:30 225,664 ----a-w D:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 22:30 19,072 ----a-w D:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 22:27 41,472 ----a-w D:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 22:27 40,576 ----a-w D:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 22:27 34,560 ----a-w D:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 22:27 20,864 ----a-w D:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 22:27 152,832 ----a-w D:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 22:27 14,336 ----a-w D:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 22:27 10,112 ----a-w D:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 22:26 88,320 ----a-w D:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 22:26 69,120 ----a-w D:\WINDOWS\system32\drivers\psched.sys
.

((((((((((((((((((((((((((((( snapshot@2008-06-10_ 9.31.01.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-27 19:59:04 68,608 -c--a-w D:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-06-10 07:42:38 68,608 ----a-w D:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2008-01-27 19:59:16 72,192 -c--a-w D:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-06-10 07:42:55 72,192 ----a-w D:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-01-27 19:59:17 4,308,992 -c--a-w D:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-06-10 07:42:56 4,308,992 ----a-w D:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2008-01-27 19:59:18 482,304 -c--a-w D:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-06-10 07:42:58 482,304 ----a-w D:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2008-01-27 19:59:12 2,878,976 -c--a-w D:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-06-10 07:42:48 2,902,016 ----a-w D:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2008-01-27 19:58:59 258,048 -c--a-w D:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-06-10 07:42:29 258,048 ----a-w D:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2008-01-27 19:58:59 114,176 -c--a-w D:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-06-10 07:42:29 114,176 ----a-w D:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2008-01-27 19:59:25 260,096 -c--a-w D:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-06-10 07:43:06 260,096 ----a-w D:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2008-01-27 19:59:07 5,025,792 -c--a-w D:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-06-10 07:42:42 5,156,864 ----a-w D:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-01-27 19:59:03 10,752 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-06-10 07:42:37 10,752 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-01-27 19:58:59 503,808 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-06-10 07:42:29 507,904 ----a-w D:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2008-01-27 19:59:00 13,312 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-06-10 07:42:32 13,312 ----a-w D:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2008-01-27 19:59:14 8,192 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-06-10 07:42:51 8,192 ----a-w D:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-01-27 19:59:15 36,864 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-06-10 07:42:53 36,864 ----a-w D:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-01-27 19:59:15 5,632 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-06-10 07:42:54 5,632 ----a-w D:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2008-01-27 19:59:01 413,696 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-06-10 07:42:33 413,696 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2008-01-27 19:59:01 36,864 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-06-10 07:42:34 36,864 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-01-27 19:59:02 647,168 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-06-10 07:42:35 647,168 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2008-01-27 19:59:02 73,728 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-06-10 07:42:36 73,728 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-01-27 19:59:00 745,472 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-06-10 07:42:33 749,568 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2008-01-27 19:59:28 110,592 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-06-10 07:43:09 110,592 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2008-01-27 19:59:27 372,736 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-06-10 07:43:08 372,736 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2008-01-27 19:58:57 28,672 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-06-10 07:42:26 28,672 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-01-27 19:59:26 667,648 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-06-10 07:43:08 667,648 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2008-01-27 19:59:28 5,632 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-06-10 07:43:10 5,632 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-01-27 19:58:58 12,800 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-06-10 07:42:28 12,800 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2008-01-27 19:58:58 32,768 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-06-10 07:42:27 32,768 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-01-27 19:58:58 7,168 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-06-10 07:42:28 7,168 ----a-w D:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-01-27 19:59:22 110,592 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-06-10 07:43:02 110,592 ----a-w D:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2008-01-27 19:59:05 81,920 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-06-10 07:42:38 81,920 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2008-01-27 19:59:22 389,120 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-06-10 07:43:02 413,696 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2008-01-27 19:59:19 716,800 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-06-10 07:42:59 716,800 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2008-01-27 19:59:00 884,736 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-06-10 07:42:31 888,832 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2008-01-27 19:59:13 5,050,368 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-06-10 07:42:50 5,001,216 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2008-01-27 19:59:06 188,416 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-06-10 07:42:40 188,416 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2008-01-27 19:59:05 397,312 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-06-10 07:42:39 397,312 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2008-01-27 19:59:06 81,920 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-06-10 07:42:40 81,920 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-01-27 19:59:24 700,416 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-06-10 07:43:05 577,536 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2008-01-27 19:59:20 368,640 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-06-10 07:43:00 372,736 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2008-01-27 19:59:25 258,048 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-06-10 07:43:06 258,048 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2008-01-27 19:59:20 299,008 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-06-10 07:43:00 299,008 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2008-01-27 19:59:21 131,072 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-06-10 07:43:01 131,072 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2008-01-27 19:59:04 258,048 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-06-10 07:42:37 258,048 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2008-01-27 19:59:07 114,688 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-06-10 07:42:41 114,688 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2008-01-27 19:59:26 835,584 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-06-10 07:43:07 835,584 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2008-01-27 19:59:08 86,016 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-06-10 07:42:43 86,016 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2008-01-27 19:59:09 823,296 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-06-10 07:42:44 823,296 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2008-01-27 19:59:10 5,316,608 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-06-10 07:42:45 5,152,768 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2008-01-27 19:59:11 2,035,712 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-06-10 07:42:46 2,027,520 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2008-01-27 19:59:23 3,018,752 -c--a-w D:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-06-10 07:43:04 2,940,928 ----a-w D:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-06-10 08:50:16 26,624 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\af5b098952be4f89dce4a369afd82fbf\Accessibility.ni.dll
+ 2008-06-10 08:50:28 888,832 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\53ea06d3d25c6cb1a0a677605c5d3427\AspNetMMCExt.ni.dll
+ 2008-06-10 08:50:31 237,568 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\b902748dddc5013b2071a12a13933f22\CustomMarshalers.ni.dll
+ 2008-06-10 08:50:32 15,360 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\b1993ef9a9fd619b4987e8c8390983bd\dfsvc.ni.exe
+ 2008-06-10 07:46:04 11,304,960 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\2b5be2282b3418a6a3be01ebfc67cda3\mscorlib.ni.dll
+ 2008-06-10 07:51:38 6,676,480 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\52373a35ac313dae956940731c0ba36d\System.Data.ni.dll
+ 2008-06-10 07:52:27 10,702,848 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\6e48fd6c2cbb5ac6387ae89c58943c54\System.Design.ni.dll
+ 2008-06-10 07:52:39 229,376 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\62b564d4968698234a1c2bda6fe8188b\System.Drawing.Design.ni.dll
+ 2008-06-10 07:52:36 1,601,536 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f11fd9e6d99d3f3e0e29d2c8fdd4fed6\System.Drawing.ni.dll
+ 2008-06-10 07:53:40 13,107,200 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c1d4acb8b4fcbe2379edd4fbb2597da6\System.Windows.Forms.ni.dll
+ 2008-06-10 07:54:15 5,623,808 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\da8da075eedab46f6d68365c7ed85f8b\System.Xml.ni.dll
+ 2008-06-10 07:47:03 8,130,560 ----a-w D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\6de50867cd26f0e98a3847a424458d53\System.ni.dll
- 2008-06-10 07:21:55 2,048 --s-a-w D:\WINDOWS\bootstat.dat
+ 2008-06-10 10:03:01 2,048 --s-a-w D:\WINDOWS\bootstat.dat
+ 2007-10-10 23:46:47 124,928 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2006-10-17 09:58:06 346,624 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-10-10 23:46:47 214,528 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-10-10 23:46:47 132,608 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-10-10 23:46:47 63,488 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-10-10 10:59:01 70,656 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-10-10 23:46:47 153,088 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-10-10 23:46:47 230,400 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-10-10 05:46:55 161,792 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-10-10 23:46:47 383,488 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-10-10 23:46:47 384,512 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-10-10 23:46:49 6,065,664 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-10-10 23:46:49 44,544 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-10-10 23:46:49 267,776 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-10-10 10:59:40 13,824 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-10-10 10:59:13 625,152 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-10-10 23:46:49 27,648 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-10-10 23:46:49 459,264 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-10-10 23:46:49 52,224 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-10-30 23:19:46 3,590,656 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-10-10 23:46:50 478,208 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-10-10 23:46:50 193,024 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-10-10 23:46:51 671,232 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-10-10 23:46:51 102,400 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2006-10-17 09:58:08 44,544 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:14:13 217,312 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-10-10 23:46:51 105,984 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-10-10 23:46:52 1,159,680 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-10-10 23:46:52 232,960 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-10-10 23:46:52 824,832 -c----w D:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
- 2005-09-23 06:28:58 55,488 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-04-13 01:21:18 58,712 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 06:28:32 10,752 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-04-13 01:20:52 10,752 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2005-09-23 06:28:32 8,192 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-04-13 01:20:52 8,192 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2005-09-23 06:28:32 23,552 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-04-13 01:20:52 23,552 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2005-09-23 06:28:32 70,656 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-04-13 01:20:50 75,264 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 06:28:32 26,824 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-04-13 01:20:52 32,608 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 06:28:32 29,896 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-04-13 01:20:52 33,632 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2005-09-23 06:28:32 29,888 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-04-13 01:20:52 32,600 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2005-09-23 06:28:32 503,808 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-04-13 01:20:52 507,904 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 06:28:56 88,576 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-04-13 01:21:16 88,576 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 06:28:38 4,608 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-04-13 01:20:58 5,120 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2005-09-23 06:28:56 9,728 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-04-13 01:21:16 9,728 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 06:28:56 224,952 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-04-13 01:21:16 228,688 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2005-09-23 06:28:56 28,672 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-04-13 01:21:16 28,672 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 06:28:48 413,696 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-04-13 01:21:10 413,696 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 06:28:48 647,168 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-04-13 01:21:10 647,168 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 06:28:48 745,472 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-04-13 01:21:08 749,568 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 06:28:32 87,552 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-04-13 01:20:52 87,040 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 06:28:56 800,768 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-04-13 01:21:18 802,304 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 06:28:56 36,864 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-04-13 01:21:16 36,864 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2005-09-23 06:28:56 326,144 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-04-13 01:21:16 326,656 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 06:28:56 4,308,992 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-04-13 01:21:16 4,308,992 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2005-09-23 06:28:56 102,400 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-04-13 01:21:16 102,912 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 06:28:56 226,816 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-04-13 01:21:18 227,328 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2005-09-23 06:28:56 66,240 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-04-13 01:21:18 68,952 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 06:28:50 5,615,616 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-04-13 01:21:12 5,634,048 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 06:28:56 96,440 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-04-13 01:21:16 99,152 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2005-09-23 06:28:56 14,848 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-04-13 01:21:18 15,360 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 06:28:50 136,192 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-04-13 01:21:12 136,192 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 06:28:56 377,344 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-04-13 01:21:18 382,464 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2005-09-23 06:28:56 110,592 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-04-13 01:21:18 110,592 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2005-09-23 06:28:58 389,120 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-04-13 01:21:18 413,696 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 06:28:56 2,878,976 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-04-13 01:21:16 2,902,016 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2005-09-23 06:28:56 482,304 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-04-13 01:21:18 482,304 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2005-09-23 06:28:56 716,800 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-04-13 01:21:18 716,800 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2005-09-23 06:28:38 884,736 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-04-13 01:20:58 888,832 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2005-09-23 06:28:56 5,050,368 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-04-13 01:21:16 5,001,216 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 06:28:56 188,416 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-04-13 01:21:18 188,416 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2005-09-23 06:28:56 3,018,752 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-04-13 01:21:16 2,940,928 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 06:28:56 700,416 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-04-13 01:21:16 577,536 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 06:28:56 258,048 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-04-13 01:21:16 258,048 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2005-09-23 06:28:56 47,616 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-04-13 01:21:18 47,616 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2005-09-23 06:28:56 114,176 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-04-13 01:21:18 114,176 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 06:28:56 368,640 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-04-13 01:21:16 372,736 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 06:28:56 299,008 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-04-13 01:21:16 299,008 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 06:28:56 260,096 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-04-13 01:21:18 260,096 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2005-09-23 06:28:56 5,025,792 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-04-13 01:21:16 5,156,864 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 06:28:56 5,316,608 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-04-13 01:21:16 5,152,768 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2005-09-23 06:28:56 2,035,712 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-04-13 01:21:16 2,027,520 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 06:29:06 1,140,920 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-04-13 01:21:28 1,166,672 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2005-09-23 06:28:30 1,306,624 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-04-13 01:20:50 1,330,688 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2005-09-23 06:28:32 298,496 -c--a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-04-13 01:20:52 406,016 ----a-w D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2007-10-10 23:46:47 124,928 ----a-w D:\WINDOWS\system32\advpack.dll
+ 2008-03-01 12:53:51 124,928 ----a-w D:\WINDOWS\system32\advpack.dll
- 2007-10-10 23:46:47 124,928 -c----w D:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-03-01 12:53:51 124,928 -c----w D:\WINDOWS\system32\dllcache\advpack.dll
- 2006-10-17 09:58:06 346,624 -c--a-w D:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-03-01 12:53:51 347,136 -c--a-w D:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-10-10 23:46:47 214,528 -c--a-w D:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-03-01 12:53:52 214,528 -c--a-w D:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-10-10 23:46:47 132,608 -c--a-w D:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-03-01 12:53:52 133,120 -c--a-w D:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-10-10 23:46:47 63,488 -c----w D:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-03-01 12:53:52 63,488 -c----w D:\WINDOWS\system32\dllcache\icardie.dll
- 2007-10-10 10:59:01 70,656 -c----w D:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-02-29 08:54:43 70,656 -c----w D:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-10-10 23:46:47 153,088 -c----w D:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-03-01 12:53:52 153,088 -c----w D:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-10-10 23:46:47 230,400 -c----w D:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-03-01 12:53:52 230,400 -c----w D:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-10-10 05:46:55 161,792 -c--a-w D:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-02-15 05:44:25 161,792 -c--a-w D:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-10-10 23:46:47 383,488 -c----w D:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-03-01 12:53:52 383,488 -c----w D:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-10-10 23:46:47 384,512 -c----w D:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-03-01 12:53:53 384,512 -c----w D:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-10-10 23:46:49 6,065,664 -c----w D:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-03-01 12:53:56 6,066,176 -c----w D:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-10-10 23:46:49 44,544 -c----w D:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-03-01 12:53:57 44,544 -c----w D:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-10-10 23:46:49 267,776 -c----w D:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-03-01 12:53:57 267,776 -c----w D:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-10-10 10:59:40 13,824 -c----w D:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-02-22 10:00:51 13,824 -c----w D:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-10-10 10:59:13 625,152 -c--a-w D:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-02-29 08:55:08 625,664 -c--a-w D:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-10-10 23:46:49 27,648 -c--a-w D:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-03-01 12:53:58 27,648 -c--a-w D:\WINDOWS\system32\dllcache\jsproxy.dll
- 2007-10-10 23:46:49 459,264 -c----w D:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-03-01 12:53:59 459,264 -c----w D:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-10-10 23:46:49 52,224 -c----w D:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-03-01 12:53:59 52,224 -c----w D:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-10-30 23:19:46 3,590,656 -c--a-w D:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-03-01 16:24:04 3,591,680 -c--a-w D:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-10-10 23:46:50 478,208 -c--a-w D:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-01 12:54:02 478,208 -c--a-w D:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-10-10 23:46:50 193,024 -c--a-w D:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-01 12:54:03 193,024 -c--a-w D:\WINDOWS\system32\dllcache\msrating.dll
- 2007-10-10 23:46:51 671,232 -c--a-w D:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-01 12:54:03 671,232 -c--a-w D:\WINDOWS\system32\dllcache\mstime.dll
- 2007-10-10 23:46:51 102,400 -c----w D:\WINDOWS\system32\dllcache\occache.dll
+ 2008-03-01 12:54:03 102,912 -c----w D:\WINDOWS\system32\dllcache\occache.dll
- 2006-10-17 09:58:08 44,544 -c--a-w D:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-03-01 12:54:04 44,544 -c--a-w D:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-10 23:46:51 105,984 -c----w D:\WINDOWS\system32\dllcache\url.dll
+ 2008-03-01 12:54:04 105,984 -c----w D:\WINDOWS\system32\dllcache\url.dll
- 2007-10-10 23:46:52 1,159,680 -c--a-w D:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-03-01 12:54:04 1,159,680 -c--a-w D:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-10-10 23:46:52 232,960 -c----w D:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-03-01 12:54:05 233,472 -c----w D:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-10-10 23:46:52 824,832 -c--a-w D:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-03-01 12:54:05 826,368 -c--a-w D:\WINDOWS\system32\dllcache\wininet.dll
- 2006-10-17 09:58:06 346,624 ----a-w D:\WINDOWS\system32\dxtmsft.dll
+ 2008-03-01 12:53:51 347,136 ----a-w D:\WINDOWS\system32\dxtmsft.dll
- 2007-10-10 23:46:47 214,528 ----a-w D:\WINDOWS\system32\dxtrans.dll
+ 2008-03-01 12:53:52 214,528 ----a-w D:\WINDOWS\system32\dxtrans.dll
- 2007-10-10 23:46:47 132,608 ----a-w D:\WINDOWS\system32\extmgr.dll
+ 2008-03-01 12:53:52 133,120 ----a-w D:\WINDOWS\system32\extmgr.dll
- 2007-10-10 23:46:47 63,488 ----a-w D:\WINDOWS\system32\icardie.dll
+ 2008-03-01 12:53:52 63,488 ----a-w D:\WINDOWS\system32\icardie.dll
- 2007-10-10 10:59:01 70,656 ----a-w D:\WINDOWS\system32\ie4uinit.exe
+ 2008-02-29 08:54:43 70,656 ----a-w D:\WINDOWS\system32\ie4uinit.exe
- 2007-10-10 23:46:47 153,088 ----a-w D:\WINDOWS\system32\ieakeng.dll
+ 2008-03-01 12:53:52 153,088 ----a-w D:\WINDOWS\system32\ieakeng.dll
- 2007-10-10 23:46:47 230,400 ----a-w D:\WINDOWS\system32\ieaksie.dll
+ 2008-03-01 12:53:52 230,400 ----a-w D:\WINDOWS\system32\ieaksie.dll
- 2007-10-10 05:46:55 161,792 ----a-w D:\WINDOWS\system32\ieakui.dll
+ 2008-02-15 05:44:25 161,792 ----a-w D:\WINDOWS\system32\ieakui.dll
- 2007-10-10 23:46:47 383,488 ----a-w D:\WINDOWS\system32\ieapfltr.dll
+ 2008-03-01 12:53:52 383,488 ----a-w D:\WINDOWS\system32\ieapfltr.dll
- 2007-10-10 23:46:47 384,512 ----a-w D:\WINDOWS\system32\iedkcs32.dll
+ 2008-03-01 12:53:53 384,512 ----a-w D:\WINDOWS\system32\iedkcs32.dll
- 2007-10-10 23:46:49 6,065,664 ----a-w D:\WINDOWS\system32\ieframe.dll
+ 2008-03-01 12:53:56 6,066,176 ----a-w D:\WINDOWS\system32\ieframe.dll
- 2007-10-10 23:46:49 44,544 ----a-w D:\WINDOWS\system32\iernonce.dll
+ 2008-03-01 12:53:57 44,544 ----a-w D:\WINDOWS\system32\iernonce.dll
- 2007-10-10 23:46:49 267,776 ----a-w D:\WINDOWS\system32\iertutil.dll
+ 2008-03-01 12:53:57 267,776 ----a-w D:\WINDOWS\system32\iertutil.dll
- 2007-10-10 10:59:40 13,824 ----a-w D:\WINDOWS\system32\ieudinit.exe
+ 2008-02-22 10:00:51 13,824 ----a-w D:\WINDOWS\system32\ieudinit.exe
- 2007-10-10 23:46:49 27,648 ----a-w D:\WINDOWS\system32\jsproxy.dll
+ 2008-03-01 12:53:58 27,648 ----a-w D:\WINDOWS\system32\jsproxy.dll
- 2005-09-23 06:28:52 270,848 ----a-w D:\WINDOWS\system32\mscoree.dll
+ 2007-04-13 01:21:14 271,360 ----a-w D:\WINDOWS\system32\mscoree.dll
- 2007-10-10 23:46:49 459,264 ----a-w D:\WINDOWS\system32\msfeeds.dll
+ 2008-03-01 12:53:59 459,264 ----a-w D:\WINDOWS\system32\msfeeds.dll
- 2007-10-10 23:46:49 52,224 ----a-w D:\WINDOWS\system32\msfeedsbs.dll
+ 2008-03-01 12:53:59 52,224 ----a-w D:\WINDOWS\system32\msfeedsbs.dll
- 2007-10-30 23:19:46 3,590,656 ----a-w D:\WINDOWS\system32\mshtml.dll
+ 2008-03-01 16:24:04 3,591,680 ----a-w D:\WINDOWS\system32\mshtml.dll
- 2007-10-10 23:46:50 478,208 ----a-w D:\WINDOWS\system32\mshtmled.dll
+ 2008-03-01 12:54:02 478,208 ----a-w D:\WINDOWS\system32\mshtmled.dll
- 2007-10-10 23:46:50 193,024 ----a-w D:\WINDOWS\system32\msrating.dll
+ 2008-03-01 12:54:03 193,024 ----a-w D:\WINDOWS\system32\msrating.dll
- 2007-10-10 23:46:51 671,232 ----a-w D:\WINDOWS\system32\mstime.dll
+ 2008-03-01 12:54:03 671,232 ----a-w D:\WINDOWS\system32\mstime.dll
- 2007-10-10 23:46:51 102,400 ----a-w D:\WINDOWS\system32\occache.dll
+ 2008-03-01 12:54:03 102,912 ----a-w D:\WINDOWS\system32\occache.dll
- 2008-05-26 19:43:06 71,598 ----a-w D:\WINDOWS\system32\perfc007.dat
+ 2008-06-10 07:43:39 71,598 ----a-w D:\WINDOWS\system32\perfc007.dat
- 2008-05-26 19:43:06 59,440 ----a-w D:\WINDOWS\system32\perfc009.dat
+ 2008-06-10 07:43:39 59,440 ----a-w D:\WINDOWS\system32\perfc009.dat
- 2008-05-26 19:43:06 408,618 ----a-w D:\WINDOWS\system32\perfh007.dat
+ 2008-06-10 07:43:39 408,618 ----a-w D:\WINDOWS\system32\perfh007.dat
- 2008-05-26 19:43:06 395,200 ----a-w D:\WINDOWS\system32\perfh009.dat
+ 2008-06-10 07:43:39 395,200 ----a-w D:\WINDOWS\system32\perfh009.dat
- 2006-10-17 09:58:08 44,544 ----a-w D:\WINDOWS\system32\pngfilt.dll
+ 2008-03-01 12:54:04 44,544 ----a-w D:\WINDOWS\system32\pngfilt.dll
- 2007-10-10 23:46:51 105,984 ----a-w D:\WINDOWS\system32\url.dll
+ 2008-03-01 12:54:04 105,984 ----a-w D:\WINDOWS\system32\url.dll
- 2007-10-10 23:46:52 1,159,680 ----a-w D:\WINDOWS\system32\urlmon.dll
+ 2008-03-01 12:54:04 1,159,680 ----a-w D:\WINDOWS\system32\urlmon.dll
- 2007-10-10 23:46:52 232,960 ----a-w D:\WINDOWS\system32\webcheck.dll
+ 2008-03-01 12:54:05 233,472 ----a-w D:\WINDOWS\system32\webcheck.dll
- 2007-10-10 23:46:52 824,832 ----a-w D:\WINDOWS\system32\wininet.dll
+ 2008-03-01 12:54:05 826,368 ----a-w D:\WINDOWS\system32\wininet.dll
- 2008-01-27 19:58:59 258,048 -c--a-w D:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-06-10 07:42:29 258,048 ----a-w D:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-01-27 19:58:59 114,176 -c--a-w D:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2008-06-10 07:42:29 114,176 ----a-w D:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2008-04-14 07:52 15360]
"swg"="D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-27 16:09 68856]
"H/PC Connection Agent"="D:\Programme\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:09 1211176]
"SHCenter.exe"="D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe" [2003-09-16 18:58 135168]
"runner.exe"="D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe" [2003-09-16 18:58 135168]
"MsnMsgr"="D:\Programme\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"QuickTime Task"="D:\Programme\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"LogitechSoftwareUpdate"="D:\Programme\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"RTEGPRS"="D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe" [2004-07-23 19:50 2334720]
"Nokia.PCSync"="D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896]
"PC Suite Tray"="D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 11:20 1079296]
"Performance Center"="D:\Programme\Ascentive\Performance Center\APCMain.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DSLSTATEXE"="D:\Program Files\Siemens\Adsl\dslstat.exe" [2003-09-22 10:43 299008]
"DSLAGENTEXE"="D:\Program Files\Siemens\Adsl\dslagent.exe" [2003-08-19 12:47 16384]
"avgnt"="D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-17 22:05 262401]
"HP Software Update"="D:\Programme\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
"Adobe Photo Downloader"="D:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
"REGSHAVE"="D:\Programme\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32 53248]
"TkBellExe"="D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2007-10-15 21:50 185632]
"LWBMOUSE"="D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE" [2001-11-09 08:47 356352]
"MULTIMEDIA KEYBOARD"="D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe" [2003-06-04 02:32 163840]
"NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"QuickTime Task"="D:\Programme\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="D:\Programme\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"LVCOMSX"="D:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"LogitechVideoRepair"="D:\Programme\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"LogitechVideoTray"="D:\Programme\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"Adobe Reader Speed Launcher"="D:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"204601ea"="D:\WINDOWS\system32\rhkobkcc.dll" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 07:52 15360]

D:\Dokumente und Einstellungen\All Users\Startmen�\Programme\Autostart\
Erinnerungen f�r Microsoft Works-Kalender.lnk - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe [06.08.1999 09:53:00 53317]
Google Updater.lnk - D:\Programme\Google\Google Updater\GoogleUpdater.exe [27.08.2007 16:09:03 124912]
HP Digital Imaging Monitor.lnk - D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe [11.05.2005 23:23:26 282624]
Microsoft Office.lnk - D:\Programme\Microsoft Office\Office\OSA9.EXE [17.02.1999 22:05:56 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awturRjg]
awturRjg.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"D:\\Programme\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"D:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"D:\Programme\Microsoft ActiveSync\rapimgr.exe"= D:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"D:\Programme\Microsoft ActiveSync\wcescomm.exe"= D:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"D:\Programme\Microsoft ActiveSync\WCESMgr.exe"= D:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"D:\\Programme\\eMule.de 0.48a v18\\emule.exe"=
"D:\\Dokumente und Einstellungen\\Anwender.ERIKA\\Desktop\\PCconnect.exe"=
"D:\\Programme\\iTunes\\iTunes.exe"=
"D:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"D:\\Programme\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 msikbd2k;Multimedia Keyboard Filter Driver;D:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2001-12-20 11:02]
R2 nhksrv;Netropa NHK Server;D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe [2001-08-06 08:41]
R2 UxTuneUp;TuneUp Designerweiterung;D:\WINDOWS\System32\svchost.exe [2008-04-14 07:53]
R3 FA312;NETGEAR FA330/FA312/FA311-Fast Ethernet-Adaptertreiber;D:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 13:12]
S3 CableFlt;Quick Heal Network Protection Service;D:\WINDOWS\system32\DRIVERS\CableFlt.sys []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Inhalt des "geplante Tasks" Ordners
"2008-04-11 15:15:00 D:\WINDOWS\Tasks\1-Klick-Wartung.job"
- D:\Programme\TuneUp Utilities 2006\SystemOptimizer.exe
"2008-05-14 09:50:02 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- D:\Programme\Apple Software Update\SoftwareUpdate.exe
"2008-06-10 10:06:00 D:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job"
- D:\Programme\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-10 12:15:40
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostart Einträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
Zeit der Fertigstellung: 2008-06-10 12:18:31
ComboFix-quarantined-files.txt 2008-06-10 10:18:07

9 Verzeichnis(se), 48,677,990,400 Bytes frei
11 Verzeichnis(se), 48,679,145,472 Bytes frei

654 --- E O F --- 2008-06-10 07:46:16


und hijack.log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:24, on 10.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe
D:\Programme\AntiVir PersonalEdition Classic\sched.exe
D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Siemens\Adsl\dslstat.exe
D:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
D:\Programme\HP\HP Software Update\HPWuSchd2.exe
D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE
D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
D:\Programme\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\Programme\Logitech\Video\LogiTray.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programme\Microsoft ActiveSync\wcescomm.exe
D:\Programme\MSN Messenger\MsnMsgr.Exe
D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe
D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe
D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
D:\Programme\Google\Google Updater\GoogleUpdater.exe
D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
D:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\Programme\iPod\bin\iPodService.exe
D:\Programme\Netropa\Multimedia Keyboard\TrayMon.exe
D:\Programme\Netropa\Onscreen Display\OSD.exe
D:\Programme\Netropa\InetKb\Inetkb.exe
D:\Programme\Microsoft Office\Office\1031\msoffice.exe
D:\Programme\PC Connectivity Solution\ServiceLayer.exe
D:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
D:\Programme\Logitech\Video\FxSvr2.exe
D:\Programme\PC Connectivity Solution\Transports\NclIrSrv.exe
D:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
D:\Programme\Gemeinsame Dateien\Nokia\MPAPI\MPAPI3s.exe
D:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\explorer.exe
D:\Programme\Trend Micro\HijackThis\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sunrise.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ch/0SEDECH/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {1962c5bc-e475-465b-823b-133e711bceb9} - (no file)
O3 - Toolbar: (no name) - {CD242757-42DC-4A43-9FAA-72667BB8F32B} - (no file)
O4 - HKLM\..\Run: [DSLSTATEXE] D:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] D:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [avgnt] "D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] D:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [REGSHAVE] D:\Programme\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LWBMOUSE] D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [204601ea] rundll32.exe "D:\WINDOWS\system32\rhkobkcc.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SHCenter.exe] D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe
O4 - HKCU\..\Run: [runner.exe] D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [RTEGPRS] "D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [Nokia.PCSync] "D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Performance Center] D:\Programme\Ascentive\Performance Center\APCMain.exe -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Erinnerungen für Microsoft Works-Kalender.lnk = ?
O4 - Global Startup: Google Updater.lnk = D:\Programme\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://D:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Bild in &Microsoft PhotoDraw öffnen - res://C:\PROGRA~1\MICROS~1\OFFICE\1031\PHDINTL.DLL/phdContext.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161325769843
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{2EBBC515-3A77-40B2-85DD-DD0117491D8B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{9877EC34-CEB4-4ECD-9C75-DD4CFF9F63F8}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{E63FB20D-DD70-41AA-832F-156B90A452EF}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF3178E4-D0B9-40CC-A7C6-97C0D590C01B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.39 85.255.112.99
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 85.255.114.39,85.255.112.99
O17 - HKLM\System\CS2\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 208.67.220.220,208.67.222.222
O20 - Winlogon Notify: awturRjg - awturRjg.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - D:\Programme\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - D:\Programme\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 12117 bytes
__________
MfG Bruno

#6 Hake bitte in Hijackthis folgendes an:

O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - {1962c5bc-e475-465b-823b-133e711bceb9} - (no file)
O3 - Toolbar: (no name) - {CD242757-42DC-4A43-9FAA-72667BB8F32B} - (no file)
O4 - HKLM\..\Run: [204601ea] rundll32.exe "D:\WINDOWS\system32\rhkobkcc.dll",b
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{2EBBC515-3A77-40B2-85DD-DD0117491D8B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{9877EC34-CEB4-4ECD-9C75-DD4CFF9F63F8}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{E63FB20D-DD70-41AA-832F-156B90A452EF}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF3178E4-D0B9-40CC-A7C6-97C0D590C01B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.39 85.255.112.99
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 85.255.114.39,85.255.112.99
O17 - HKLM\System\CS2\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{1F973B65-DEA5-4AD8-AFFE-A58CB3686934}: NameServer = 208.67.220.220,208.67.222.222
O20 - Winlogon Notify: awturRjg - awturRjg.dll (file missing)

Starte neu, erstelle und poste ein neues Hijackthis log

Habe oben noch O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
eingefuegt...
__________
MfG Ralf
SEO-Spam Hunter

#7 Vielen Dank, die Fehlermeldung erscheint nicht mehr und dies ist die neue Logdatei:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:01, on 10.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\irftp.exe
D:\Program Files\Siemens\Adsl\dslstat.exe
D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe
D:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
D:\Programme\HP\HP Software Update\HPWuSchd2.exe
D:\Programme\AntiVir PersonalEdition Classic\sched.exe
D:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE
D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Programme\iTunes\iTunesHelper.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\Programme\Logitech\Video\LogiTray.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programme\Microsoft ActiveSync\wcescomm.exe
D:\Programme\MSN Messenger\MsnMsgr.Exe
D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe
D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe
D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe
D:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
D:\Programme\Google\Google Updater\GoogleUpdater.exe
D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
D:\Programme\Netropa\Multimedia Keyboard\TrayMon.exe
D:\Programme\Netropa\Onscreen Display\OSD.exe
D:\Programme\Netropa\InetKb\Inetkb.exe
D:\Programme\Logitech\Video\FxSvr2.exe
D:\Programme\Microsoft Office\Office\1031\msoffice.exe
D:\Programme\iPod\bin\iPodService.exe
D:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Programme\PC Connectivity Solution\ServiceLayer.exe
D:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
D:\Programme\PC Connectivity Solution\Transports\NclIrSrv.exe
D:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
D:\Programme\Gemeinsame Dateien\Nokia\MPAPI\MPAPI3s.exe
D:\Programme\Internet Explorer\iexplore.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Programme\Trend Micro\HijackThis\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sunrise.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ch/0SEDECH/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programme\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [DSLSTATEXE] D:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] D:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [avgnt] "D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] D:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [REGSHAVE] D:\Programme\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LWBMOUSE] D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SHCenter.exe] D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe
O4 - HKCU\..\Run: [runner.exe] D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [RTEGPRS] "D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [Nokia.PCSync] "D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Performance Center] D:\Programme\Ascentive\Performance Center\APCMain.exe -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Erinnerungen für Microsoft Works-Kalender.lnk = ?
O4 - Global Startup: Google Updater.lnk = D:\Programme\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://D:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Bild in &Microsoft PhotoDraw öffnen - res://C:\PROGRA~1\MICROS~1\OFFICE\1031\PHDINTL.DLL/phdContext.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161325769843
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - D:\Programme\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - D:\Programme\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10849 bytes
__________
MfG Bruno

#8 Das sieht recht gut aus. Du kannst diesen EIntrag noch entfernen:
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)

oder du installierst dir eine aktuelle Version von Adobe Reader. Dann wird der Eintrag repariert.
__________
MfG Ralf
SEO-Spam Hunter

#9 Ok, sieh dir nochmals die Logdatei an. Wenn's das nun war, bedanke ich mich noch einmal ganz herzlich. Ich dachte ja schon, das gesamte Windows neu aufsetzen und viele wichtige Daten opfern zu müssen. Auch die Erleichterung meiner Frau (ihr halbes Leben hängt an diesem PC) gebe ich euch gerne als Dankeschön weiter.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:56, on 10.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\Explorer.EXE
D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe
D:\Programme\AntiVir PersonalEdition Classic\sched.exe
D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Siemens\Adsl\dslstat.exe
D:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
D:\Programme\HP\HP Software Update\HPWuSchd2.exe
D:\WINDOWS\System32\svchost.exe
D:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE
D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
D:\Programme\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\LVCOMSX.EXE
D:\Programme\Logitech\Video\LogiTray.exe
D:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programme\Microsoft ActiveSync\wcescomm.exe
D:\Programme\MSN Messenger\MsnMsgr.Exe
D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe
D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe
D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe
D:\PROGRA~1\MI3AA1~1\rapimgr.exe
D:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
D:\Programme\Google\Google Updater\GoogleUpdater.exe
D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
D:\Programme\Logitech\Video\FxSvr2.exe
D:\Programme\Netropa\Multimedia Keyboard\TrayMon.exe
D:\Programme\Microsoft Office\Office\1031\msoffice.exe
D:\Programme\Netropa\Onscreen Display\OSD.exe
D:\Programme\Netropa\InetKb\Inetkb.exe
D:\Programme\iPod\bin\iPodService.exe
D:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Programme\PC Connectivity Solution\ServiceLayer.exe
D:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
D:\Programme\PC Connectivity Solution\Transports\NclIrSrv.exe
D:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Programme\Gemeinsame Dateien\Nokia\MPAPI\MPAPI3s.exe
D:\Programme\Microsoft Office\Office\OUTLOOK.EXE
D:\Programme\Internet Explorer\IEXPLORE.EXE
D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Programme\Trend Micro\HijackThis\HJT.exe
D:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sunrise.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ch/0SEDECH/SAOS01?FORM=TOOLBR
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programme\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [DSLSTATEXE] D:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] D:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [avgnt] "D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] D:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [REGSHAVE] D:\Programme\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "D:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LWBMOUSE] D:\Programme\NASDAK\OmniMaus Software\2.1\MOUSE32A.EXE
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] D:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] D:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SHCenter.exe] D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe
O4 - HKCU\..\Run: [runner.exe] D:\Programme\IMSI\HiJaak Digital Photo Studio\bin\shcenter.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [RTEGPRS] "D:\Programme\Gemeinsame Dateien\RTE\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [Nokia.PCSync] "D:\Programme\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programme\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Performance Center] D:\Programme\Ascentive\Performance Center\APCMain.exe -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Erinnerungen für Microsoft Works-Kalender.lnk = ?
O4 - Global Startup: Google Updater.lnk = D:\Programme\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://D:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Bild in &Microsoft PhotoDraw öffnen - res://C:\PROGRA~1\MICROS~1\OFFICE\1031\PHDINTL.DLL/phdContext.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161325769843
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - D:\Programme\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - D:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - D:\Programme\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10829 bytes
__________
MfG Bruno

#10 Nutze nochmal malwarebytes Anti Malware http://www.trojaner-board.de/51187-anleitung-malwarebytes-anti-malware.html

Es kann sein, das es noch Kleinigkeiten findet. Schau halt mal...
__________
MfG Ralf
SEO-Spam Hunter