Home » Viren, Trojaner & Malware Forum » Win32:Trojan-gen {Other} » Themenansicht

Win32:Trojan-gen {Other}
#0
20.08.2008, 22:18
Moka
Member

Beiträge: 38
#1 Guten Abend,
jetzt bin ich total verwirrt ;)
Da hab ich seit ca. 5Jahren mein tolles Trillian (ICQ,MSN usw zusammen) und heute sagt Avast: Achtung Achtung Win32:Trojan-gen {Other}

ALso ich lösche die Datei, suche mir die uralte Cd raus wo ich die exe nochmal hab und versuche einfach diese. Der gleiche Virenalarm. Wie kann denn sowas sein? Ich brauch die exe ;)

Kann Sabina wieder helfen?
Danke im voraus und Gruß

Moka

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:17:41, on 20.08.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
C:\Programme\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\Programme\PC Connectivity Solution\ServiceLayer.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SpybotSnD] "C:\Programme\Spybot - Search & Destroy\SpybotSD.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Programme\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.pe.studivz.net/photouploader/ImageUploader4.cab?nocache=1203274215
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1206815132
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6684 bytes
Seitenanfang Seitenende
21.08.2008, 01:17
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 es kann ein Fehlalarm sein - am besten mal Avast anmailen und nachfragen
Uns prüfen, was andere Scanner meinen

Virustotal http://www.virustotal.com/flash/index_en.html

Auf Durchsuchen klicken --> Datei aussuchen (oder gleich die Datei mit korrektem Pfad einkopieren mit Strg V) --> Klick auf die zu prüfende Datei und öffnen--> klick auf "Senden der Datei"... jetzt abwarten

----------

doch irgendwas stimmt nicht auf deinem Rechner:

Zitat

C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
wende mal Combofix an + poste den report
http://virus-protect.org/artikel/tools/combofix.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
21.08.2008, 16:55
Moka
Member

Themenstarter

Beiträge: 38
#3 hi, danke erstmal

achso, hier noch das virustotal resultat:

Datei trillian-pro-v2.013-full-version- empfangen 2008.08.21 16:58:20 (CET)
Ergebnis: 10/35 (28.58%)
AhnLab-V3 2008.8.21.0 2008.08.21 -
AntiVir 7.8.1.23 2008.08.21 TR/Small.7168.B
Authentium 5.1.0.4 2008.08.21 W32/Heuristic-210!Eldorado
Avast 4.8.1195.0 2008.08.21 Win32:Trojan-gen {Other}
AVG 8.0.0.161 2008.08.21 -
BitDefender 7.2 2008.08.21 -
CAT-QuickHeal 9.50 2008.08.21 -
ClamAV 0.93.1 2008.08.21 -
DrWeb 4.44.0.09170 2008.08.21 -
eSafe 7.0.17.0 2008.08.21 Suspicious File
eTrust-Vet 31.6.6039 2008.08.21 -
Ewido 4.0 2008.08.21 -
F-Prot 4.4.4.56 2008.08.20 W32/Heuristic-210!Eldorado
Fortinet 3.14.0.0 2008.08.21 W32/Dorf.A
GData 2.0.7306.1023 2008.08.20 Win32:Trojan-gen
Ikarus T3.1.1.34.0 2008.08.21 Trojan.Small.7168.B
K7AntiVirus 7.10.422 2008.08.20 -
Kaspersky 7.0.0.125 2008.08.21 -
McAfee 5366 2008.08.21 -
Microsoft 1.3807 2008.08.21 -
NOD32v2 3375 2008.08.21 -
Norman 5.80.02 2008.08.20 -
Panda 9.0.0.4 2008.08.21 -
PCTools 4.4.2.0 2008.08.21 -
Prevx1 V2 2008.08.21 -
Rising 20.58.32.00 2008.08.21 -
Sophos 4.32.0 2008.08.21 Mal/Dorf-A
Sunbelt 3.1.1564.1 2008.08.21 -
Symantec 10 2008.08.21 -
TheHacker 6.3.0.6.056 2008.08.21 -
TrendMicro 8.700.0.1004 2008.08.21 -
VBA32 3.12.8.4 2008.08.21 -
ViRobot 2008.8.21.1344 2008.08.21 -
VirusBuster 4.5.11.0 2008.08.21 -
Webwasher-Gateway 6.6.2 2008.08.21 Trojan.Small.7168.B


hier der ellenlange log

ComboFix 08-08-19.06 - Moritz 2008-08-21 16:50:36.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1031.18.622 [GMT 2:00]
ausgeführt von:: C:\Dokumente und Einstellungen\Moritz\Eigene Dateien\Install\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt

[color=red]Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !![/color]
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Dokumente und Einstellungen\Moritz\Cookies\moritz@2o7[1].txt
C:\Dokumente und Einstellungen\Moritz\Cookies\moritz@indextools[2].txt
C:\Dokumente und Einstellungen\Moritz\Cookies\moritz@komtrack[2].txt
C:\Dokumente und Einstellungen\Moritz\Cookies\moritz@komtrack[3].txt
C:\WINDOWS\system32\actskn43.ocx

.
((((((((((((((((((((((( Dateien erstellt von 2008-07-21 bis 2008-08-21 ))))))))))))))))))))))))))))))
.

2009-09-07 15:44 . 2009-09-07 15:44 292 --ah----- C:\sqmdata03.sqm
2009-09-07 15:44 . 2009-09-07 15:44 244 --ah----- C:\sqmnoopt03.sqm
2008-08-20 22:17 . 2008-08-20 22:17 <DIR> d-------- C:\Programme\Trend Micro
2008-08-14 17:30 . 2008-08-14 17:30 244 --ah----- C:\sqmnoopt08.sqm
2008-08-14 17:30 . 2008-08-14 17:30 232 --ah----- C:\sqmdata08.sqm

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-20 21:30 --------- d---a-w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2008-08-20 14:32 --------- d-----w C:\Programme\Spybot - Search & Destroy
2008-08-20 14:31 --------- d-----w C:\Dokumente und Einstellungen\Moritz\Anwendungsdaten\LimeWire
2008-08-20 14:11 --------- d-----w C:\Programme\Trillian
2008-08-13 20:08 --------- d-----w C:\Dokumente und Einstellungen\Moritz\Anwendungsdaten\uTorrent
2008-08-13 14:49 --------- d-----w C:\Programme\Tibia8.2
2008-08-13 14:46 --------- d-----w C:\Programme\TibiaBot NG
2008-08-12 18:11 --------- d-----w C:\Dokumente und Einstellungen\Moritz\Anwendungsdaten\Tibia
2008-08-11 20:33 --------- d-----w C:\Programme\Windows Live Safety Center
2008-07-07 20:30 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-06 09:53 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\shctxex.vb
2008-07-06 09:52 --------- d-----w C:\Programme\VIDEOzilla
2008-06-29 17:01 --------- d-----w C:\Programme\Foxit Software
2008-06-24 16:22 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 20:22 --------- d-----w C:\Programme\WinAVI Video Converter
2008-06-23 20:18 3,082 ----a-w C:\WINDOWS\system32\affv9869p2now.sys
2008-06-23 20:18 --------- d-----w C:\Programme\WinAVIVideoConverter
2008-06-23 20:10 --------- d-----w C:\Dokumente und Einstellungen\Moritz\Anwendungsdaten\SpeedProject
2008-06-23 20:09 --------- d-----w C:\Programme\SpeedProject
2008-06-23 16:14 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-22 14:52 --------- d-----w C:\Programme\Avi2Dvd
2008-06-22 14:26 --------- d-----w C:\Programme\AviSynth 2.5
2008-06-22 12:55 --------- d-----w C:\Programme\eMule.de
2008-06-20 17:39 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
.

((((((((((((((((((((((((((((( snapshot@2008-04-04_16.06.01,32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:49:00 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2008-03-20 07:56:37 1,846,016 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
+ 2008-02-20 05:20:09 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:50:10 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
+ 2008-03-01 12:33:31 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 12:33:31 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 12:33:31 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 12:33:31 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 12:33:31 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 12:33:32 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 12:33:32 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 12:33:32 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 12:33:32 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 12:33:34 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 12:33:34 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 12:33:35 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 12:33:35 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 12:33:36 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 12:33:36 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 12:33:37 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 12:33:37 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 12:33:38 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 12:33:38 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 12:33:38 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 12:33:38 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 12:33:38 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 12:33:41 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 12:33:41 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 12:33:41 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:14:08 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:14:13 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:14:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-02-20 06:52:36 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:14:08 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:14:13 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:14:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:14:30 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:15:22 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:15:30 187,168 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:31 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-23 04:19:40 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 04:19:40 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 04:19:40 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 04:19:40 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 04:19:40 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 04:19:40 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 04:19:40 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 04:19:40 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 04:19:40 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 04:19:40 6,068,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 04:19:40 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 04:19:40 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 04:19:41 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 04:19:41 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 04:19:41 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 04:19:41 3,593,728 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 04:19:41 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 04:19:41 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 04:19:41 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 04:19:41 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 04:19:41 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 04:19:41 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 04:19:41 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 04:19:41 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 04:19:41 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:14:08 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:14:13 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:14:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-06-14 18:01:09 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:32:01 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:37:44 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:34 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:35 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:16:13 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:58:22 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:21:08 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:18:34 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:18:35 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:02 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:10:35 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:30 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:34 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:13:36 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:12 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:12 247,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:10 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:10 247,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:49 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:49 247,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:08 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:08 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2004-08-04 12:00:00 294,400 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\updspapi.dll
+ 2007-03-08 15:32:24 1,843,712 -c----w C:\WINDOWS\$NtUninstallKB941693$\win32k.sys
+ 2006-06-26 17:40:34 148,480 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll
+ 2004-08-04 12:00:00 45,568 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\updspapi.dll
+ 2007-06-19 13:31:19 282,112 -c----w C:\WINDOWS\$NtUninstallKB948590$\gdi32.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\updspapi.dll
+ 2007-03-06 01:14:13 217,312 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe
+ 2007-03-06 01:15:22 377,568 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\updspapi.dll
+ 2004-08-04 12:00:00 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-04 12:00:00 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-04 12:00:00 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-04 12:00:00 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-08-04 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2004-08-04 12:00:00 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-04 12:00:00 180,255 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-04 12:00:00 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-04 12:00:00 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-04 12:00:00 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-04 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-04 12:00:00 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-04 12:00:00 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-04 12:00:00 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-04 12:00:00 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-04 12:00:00 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-04 12:00:00 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-04 12:00:00 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2008-04-14 15:51:00 273,024 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:18:34 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:35 388,984 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2007-11-30 11:18:34 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:18:35 388,984 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:42:30 1,293,312 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:18:34 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2004-08-04 12:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748$\afd.sys
+ 2008-02-20 05:33:54 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
+ 2004-08-04 12:00:00 247,296 -c----w C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:08 388,984 -c----w C:\WINDOWS\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys
+ 2008-06-14 17:57:40 273,024 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2007-12-07 02:04:44 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-19 22:48:07 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:04:44 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:04:44 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:04:44 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-06 11:00:26 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:04:44 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:04:44 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-12-07 02:04:44 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:04:45 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:04:46 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:04:46 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:04:46 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:00:51 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:04:47 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:04:47 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:04:47 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-08 05:04:50 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-07 02:04:48 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:04:48 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:04:49 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:04:49 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:32:59 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:14:13 217,312 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:04:49 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:04:49 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:04:49 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:04:49 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
+ 2008-03-01 12:53:51 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:53:51 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:53:52 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:53:52 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:53:52 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:54:43 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:53:52 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:53:52 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:53:52 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:53:53 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:53:56 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:53:57 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:53:57 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:55:08 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:53:58 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:53:59 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:53:59 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:24:04 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:54:02 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:54:03 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:54:03 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:54:03 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:54:04 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:14:13 217,312 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:54:04 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:54:04 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:54:05 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:54:05 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
+ 2008-04-23 04:16:29 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:29 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:29 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:29 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:29 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:39:48 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:29 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:29 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:29 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:29 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:30 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:30 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:30 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:40:19 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:30 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:30 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:30 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 20:16:32 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:31 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:31 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:31 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:31 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:31 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:14:13 217,312 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:31 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:31 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:32 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:32 826,368 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
+ 2008-06-04 18:22:15 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-0407-0000-0000000FF1CE}\O12ConvIcon.exe
- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
+ 2006-06-27 22:46:39 2,378 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2004-08-04 12:00:00 2,000 ----a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2004-08-04 12:00:00 2,032 ----a-w C:\WINDOWS\system\MOUSE.DRV
+ 2004-08-04 12:00:00 1,744 ----a-w C:\WINDOWS\system\SOUND.DRV
+ 2004-08-04 12:00:00 2,176 ----a-w C:\WINDOWS\system\VGA.DRV
- 2007-12-07 02:04:44 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-06-23 16:14:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-29 17:45:49 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe
+ 2008-07-19 14:43:08 1,163,960 ----a-w C:\WINDOWS\system32\aswBoot.exe
- 2008-03-29 17:23:22 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
+ 2008-07-19 14:30:53 94,392 ----a-w C:\WINDOWS\system32\AvastSS.scr
+ 2007-05-17 15:30:48 318,976 ----a-w C:\WINDOWS\system32\avisynth.dll
+ 2004-08-04 12:00:00 1,788 ----a-w C:\WINDOWS\system32\Dcache.bin
+ 2006-07-12 15:13:08 73,728 ----a-w C:\WINDOWS\system32\DetectDxQT.dll
+ 2004-02-22 08:11:08 719,872 ----a-w C:\WINDOWS\system32\devil.dll
- 2007-12-07 02:04:44 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-23 16:14:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2004-08-04 12:00:00 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-20 10:44:38 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-14 17:57:40 273,024 -c----w C:\WINDOWS\system32\dllcache\bthport.sys
- 2004-08-04 12:00:00 561,179 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25 554,008 -c--a-w C:\WINDOWS\system32\dllcache\dao360.dll
- 2006-06-26 17:40:34 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:39:48 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2004-08-04 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2008-02-20 05:33:54 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2004-08-03 21:07:58 2,944 -c--a-w C:\WINDOWS\system32\dllcache\drmkaud.sys
- 2007-12-19 22:48:07 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:14:40 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-12-07 02:04:44 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:14:40 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2005-07-26 04:39:46 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
+ 2008-07-07 20:30:55 253,952 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
- 2007-12-07 02:04:44 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 16:14:40 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-06-19 13:31:19 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2008-02-20 06:50:29 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
- 2007-12-07 02:04:44 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-06-23 16:14:40 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-12-06 11:00:26 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-06-23 09:20:01 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-12-07 02:04:44 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-06-23 16:14:40 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-12-07 02:04:44 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-06-23 16:14:40 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-12-07 02:04:44 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-06-23 16:14:40 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-12-07 02:04:45 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-06-23 16:14:40 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-12-07 02:04:46 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-06-23 16:14:41 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-12-07 02:04:46 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-06-23 16:14:41 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-12-07 02:04:46 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-06-23 16:14:42 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-12-06 11:00:51 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-06-23 09:20:25 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-21 06:16:14 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:50:09 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2007-12-07 02:04:47 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 16:14:42 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2004-08-04 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
+ 2004-08-04 12:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2004-08-04 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
- 2004-08-04 12:00:00 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
+ 2008-05-01 14:30:33 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
- 2005-06-29 01:49:39 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
+ 2008-06-24 16:22:31 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
- 2004-08-04 12:00:00 294,400 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-02-26 11:59:49 294,912 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
- 2004-08-04 12:00:00 512,029 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28 518,944 -c--a-w C:\WINDOWS\system32\dllcache\msexch40.dll
- 2004-08-04 12:00:00 319,517 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 -c--a-w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2007-12-07 02:04:47 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-06-23 16:14:42 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-12-07 02:04:47 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-06-23 16:14:42 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-12-08 05:04:50 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-24 08:14:44 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-12-07 02:04:48 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 16:14:44 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-04 12:00:00 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-08-04 12:00:00 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
- 2004-08-04 12:00:00 180,255 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:51:12 187,168 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
- 2004-08-04 12:00:00 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 60,192 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
- 2004-08-04 12:00:00 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
- 2004-08-04 12:00:00 213,023 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44 219,936 -c--a-w C:\WINDOWS\system32\dllcache\msltus40.dll
- 2004-08-04 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 -c--a-w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2007-12-07 02:04:48 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 16:14:44 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2004-08-04 12:00:00 421,919 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 -c--a-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
- 2004-08-04 12:00:00 315,423 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 -c--a-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
- 2004-08-04 12:00:00 552,989 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 -c--a-w C:\WINDOWS\system32\dllcache\msrepl40.dll
- 2004-08-04 12:00:00 258,077 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55 264,992 -c--a-w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2007-12-07 02:04:49 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 16:14:44 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-04 12:00:00 831,519 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 -c--a-w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-08-04 12:00:00 247,296 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-06-20 17:39:48 247,296 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
- 2004-08-04 12:00:00 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:51:12 621,344 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
- 2004-08-04 12:00:00 348,189 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 -c--a-w C:\WINDOWS\system32\dllcache\msxbde40.dll
+ 2004-08-04 12:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
- 2007-12-07 02:04:49 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-06-23 16:14:44 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-01-11 05:32:59 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:14:44 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:42:30 1,293,312 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:14:45 1,293,312 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2004-08-04 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
- 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2007-12-07 02:04:49 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-06-23 16:14:44 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-12-07 02:04:49 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 16:14:44 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2004-08-04 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
- 2007-12-07 02:04:49 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-06-23 16:14:44 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-03-08 15:32:24 1,843,712 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
+ 2008-03-20 08:03:19 1,845,376 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
- 2007-12-07 02:04:49 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 16:14:45 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2004-08-04 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2004-08-04 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
+ 2004-08-04 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
- 2006-06-26 17:40:34 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:39:48 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-04 12:00:00 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
+ 2008-02-20 05:33:54 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
- 2008-03-29 17:26:52 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-07-19 14:32:15 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
- 2004-08-04 12:00:00 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2008-03-29 17:35:49 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
+ 2008-07-19 14:37:42 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
- 2008-03-29 17:35:21 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-07-19 14:37:21 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
- 2008-03-29 17:29:08 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-07-19 14:33:42 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
- 2008-03-29 17:31:34 75,856 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
+ 2008-07-19 14:35:18 78,416 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
- 2008-03-29 17:27:33 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2008-07-19 14:32:36 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2008-06-14 17:57:40 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
+ 2006-05-19 21:16:24 2,432 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
+ 2006-05-19 21:16:24 2,560 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
+ 2004-08-03 21:07:58 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
+ 2004-08-04 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
- 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2007-12-19 22:48:07 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 16:14:40 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-12-07 02:04:44 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 16:14:40 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-12-07 02:04:44 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:14:40 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2006-08-29 15:10:16 2,121,728 ----a-w C:\WINDOWS\system32\Flix_COM_VZ.dll
- 2007-04-05 14:01:29 188,200 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-06-06 15:40:47 207,304 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-06-19 13:31:19 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2008-02-20 06:50:29 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
+ 2003-05-21 22:50:34 1,700,352 ----a-w C:\WINDOWS\system32\GdiPlus.dll
- 2007-12-07 02:04:44 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-06-23 16:14:40 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-12-06 11:00:26 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-06-23 09:20:01 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2007-12-07 02:04:44 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2008-06-23 16:14:40 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2007-12-07 02:04:44 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2008-06-23 16:14:40 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2007-12-06 04:59:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2008-06-21 05:23:54 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2007-12-07 02:04:44 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-06-23 16:14:40 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-12-07 02:04:45 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-06-23 16:14:40 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2007-12-07 02:04:46 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-06-23 16:14:41 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-12-07 02:04:46 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-06-23 16:14:41 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2007-12-07 02:04:46 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-06-23 16:14:42 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-08-21 06:16:14 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:50:09 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2007-09-24 21:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-02-21 23:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-09-24 21:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-02-21 23:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-09-24 22:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-02-22 00:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2007-12-07 02:04:47 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 16:14:42 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2004-08-04 12:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
+ 2004-08-04 12:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
- 2008-02-27 19:01:41 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2006-06-08 07:57:13 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2002-01-05 13:48:16 974,848 ----a-w C:\WINDOWS\system32\mfc70.dll
+ 2004-08-04 12:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
- 2008-03-05 16:30:54 19,148,408 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
- 2004-08-04 12:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll
+ 2008-02-26 11:59:49 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
- 2004-08-04 12:00:00 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-04 12:00:00 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2007-12-07 02:04:47 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-06-23 16:14:42 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-12-07 02:04:47 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-06-23 16:14:42 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-12-08 05:04:50 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-24 08:14:44 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-12-07 02:04:48 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 16:14:44 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-04 12:00:00 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-08-04 12:00:00 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-04 12:00:00 180,255 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-03-25 04:51:12 187,168 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-08-04 12:00:00 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-04 12:00:00 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-08-04 12:00:00 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-04 12:00:00 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2007-12-07 02:04:48 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 16:14:44 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2004-08-04 12:00:00 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-04 12:00:00 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-04 12:00:00 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-08-04 12:00:00 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2007-12-07 02:04:49 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 16:14:44 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 1998-06-16 22:00:00 516,173 ----a-w C:\WINDOWS\system32\msvcp60d.dll
+ 2002-01-05 12:40:18 332,288 ----a-w C:\WINDOWS\system32\msvcp70.dll
+ 1998-06-16 22:00:00 385,100 ----a-w C:\WINDOWS\system32\MSVCRTD.DLL
- 2004-08-04 12:00:00 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-04 12:00:00 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:51:12 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-04 12:00:00 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
- 2007-12-07 02:04:49 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2008-06-23 16:14:44 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-03-31 19:50:38 72,480 ----a-w C:\WINDOWS\system32\perfc007.dat
+ 2004-12-31 22:02:15 72,480 ----a-w C:\WINDOWS\system32\perfc007.dat
- 2008-03-31 19:50:38 61,428 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2004-12-31 22:02:15 61,428 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-03-31 19:50:38 412,660 ----a-w C:\WINDOWS\system32\perfh007.dat
+ 2004-12-31 22:02:15 412,660 ----a-w C:\WINDOWS\system32\perfh007.dat
- 2008-03-31 19:50:38 401,220 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2004-12-31 22:02:15 401,220 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-01-11 05:32:59 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 16:14:44 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-10-29 22:42:30 1,293,312 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-05-07 05:14:45 1,293,312 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-08-20 14:33:21 89,036 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2000-08-08 11:59:54 123,224 ----a-w C:\WINDOWS\system32\SkyLt3Pr.dll
+ 2001-04-28 04:11:42 24,576 ----a-w C:\WINDOWS\system32\SmartSubClass.dll
+ 2004-08-04 12:00:00 1,744 ----a-w C:\WINDOWS\system32\sound.drv
- 2007-10-08 13:46:18 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 12:39:14 18,808 ------w C:\WINDOWS\system32\spmsg.dll
- 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
- 2007-12-07 02:04:49 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-06-23 16:14:44 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-12-07 02:04:49 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 16:14:44 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2004-08-04 12:00:00 2,176 ----a-w C:\WINDOWS\system32\vga.drv
+ 2007-03-24 18:19:56 69,632 ----a-w C:\WINDOWS\system32\vzcontextmenu.dll
+ 2003-12-22 06:20:26 2,272 ----a-w C:\WINDOWS\system32\W95INF16.DLL
+ 2003-12-22 06:20:26 4,608 ----a-w C:\WINDOWS\system32\W95INF32.DLL
- 2007-12-07 02:04:49 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-06-23 16:14:44 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2007-03-08 15:32:24 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2008-03-20 08:03:19 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2004-08-04 12:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
+ 2004-08-04 12:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe
+ 2004-08-04 12:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe
+ 2004-12-31 22:00:40 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_674.dat
+ 2005-09-22 21:48:08 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2005-09-22 21:48:08 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-22 21:48:06 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"RealPlayer"="C:\Programme\Real\RealPlayer\realplay.exe" [2006-08-22 18:42 1003520]
"SpybotSD TeaTimer"="C:\Programme\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 18:41 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 08:51 7323648]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-12-14 08:51 86016]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 15:40 155648]
"SpybotSnD"="C:\Programme\Spybot - Search & Destroy\SpybotSD.exe" [2008-01-28 12:43 5146448]
"QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2006-08-18 16:30 282624]
"Easy-PrintToolBox"="C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 03:10 409600]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008]
"PCSuiteTrayApplication"="C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 16:10 271360]
"SoundMan"="SOUNDMAN.EXE" [2004-12-22 11:09 77824 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2005-12-14 08:51 1519616 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]
"Nokia.PCSync"="C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 11:17 1241088]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programme\\Trillian\\trillian.exe"=
"C:\\Programme\\eMule.de\\emule.exe"=
"C:\\Programme\\Real\\RealPlayer\\trueplay.exe"=
"C:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"C:\\Programme\\MSN Messenger\\livecall.exe"=
"C:\\Programme\\SopCast\\SopCast.exe"=
"C:\\Dokumente und Einstellungen\\Moritz\\Anwendungsdaten\\SopCast\\adv\\SopAdver.exe"=
"C:\\Dokumente und Einstellungen\\Moritz\\Desktop\\tibicam\\TibiCAM.exe"=
"C:\\Programme\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Programme\\Gemeinsame Dateien\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programme\\SopCast\\adv\\SopAdver.exe"=
"C:\\Programme\\uTorrent\\uTorrent.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
S3 MIINPazX;MIINPazX NDIS Protocol Driver;C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS [2006-05-22 06:40]

*Newly Created Service* - CATCHME
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKLM-Run-RemoteControl - C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
HKLM-Run-ToADiMon.exe - C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe


.
------- Zusätzlicher Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.de/
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
O8 -: Nach Microsoft &Excel exportieren - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O16 -: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1206815132
C:\WINDOWS\Downloaded Program Files\ImageUploader5.inf
C:\WINDOWS\system32\unicows.dll
C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-21 16:53:05
Windows 5.1.2600 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostart Einträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
Zeit der Fertigstellung: 2008-08-21 16:54:07
ComboFix-quarantined-files.txt 2008-08-21 14:54:03
ComboFix2.txt 2008-04-04 14:06:16

Pre-Run: 9 Verzeichnis(se), 110,442,491,904 Bytes frei
Post-Run: 12 Verzeichnis(se), 110,488,854,528 Bytes frei

783 --- E O F --- 2008-08-14 13:57:52
Dieser Beitrag wurde am 21.08.2008 um 17:02 Uhr von Moka editiert.
Seitenanfang Seitenende
21.08.2008, 23:39
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#4

Zitat

mein tolles Trillian (ICQ,MSN usw zusammen) und heute sagt Avast: Achtung Achtung Win32:Trojan-gen {Other}
ja, die exe wird auch von anderen Scannern als Trojaner eingestuft....
wenn du nichts weiter wichtiges mit dem Rechner anstellst (also Onlinebanking usw) - verbleib mit der exe.

sdifx
http://virus-protect.org/artikel/tools/sdfix.html
unter C:\ findet man nun den SDFix-Ordner

boote in den abgesicherten Modus (die Taste F8 drücken, während der Rechner neustartet)

gehe in den Ordner C:\SDFix

RunThis.bat doppelt klicken
folge allen Anweisungen, während gescannt wird - dann wird der Rechner neustarten
kopiere mit der rechten Maustaste den Text ab, der erscheint - und in den Beitrag,
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
22.08.2008, 13:28
Moka
Member

Themenstarter

Beiträge: 38
#5 hab' ich was falsch gemacht?
gruß
moka
_________________________
oh, das mit dem "nichts weiter wichtiges mit dem Rechner anstellst" schrenkt aber doch schon ein ;(
ich werd also einmal die exe starten, mir alle wichtigen daten herauskopieren und dann alles wieder löschen, mache dann nochmal nen hijack und poste den, ok?

die sdfix geschichte mach ich gleich wenn ich zuhause bin.

danke schon mal und gruß
moka

hab 2 logs, aber ich glaube dieser hier ist der richtige:


SDFix: Version 1.218
Run by Moritz on 22.08.2008 at 15:52

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found




Folder C:\Dokumente und Einstellungen\Moritz\Anwendungsdaten\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#w*w.redtube.com - Removed


Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-22 15:59:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...


scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programme\\Trillian\\trillian.exe"="C:\\Programme\\Trillian\\trillian.exe:*:Enabled:Trillian"
"C:\\Programme\\eMule.de\\emule.exe"="C:\\Programme\\eMule.de\\emule.exe:*:Enabled:eMule"
"C:\\Programme\\Real\\RealPlayer\\trueplay.exe"="C:\\Programme\\Real\\RealPlayer\\trueplay.exe:*:Enabled:RealPlayer"
"C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programme\\MSN Messenger\\livecall.exe"="C:\\Programme\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Programme\\SopCast\\SopCast.exe"="C:\\Programme\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Dokumente und Einstellungen\\Moritz\\Anwendungsdaten\\SopCast\\adv\\SopAdver.exe"="C:\\Dokumente und Einstellungen\\Moritz\\Anwendungsdaten\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Dokumente und Einstellungen\\Moritz\\Desktop\\tibicam\\TibiCAM.exe"="C:\\Dokumente und Einstellungen\\Moritz\\Desktop\\tibicam\\TibiCAM.exe:*:Enabled:TibiCAM"
"C:\\Programme\\TVUPlayer\\TVUPlayer.exe"="C:\\Programme\\TVUPlayer\\TVUPlayer.exe:*:Enabled:TVU Player Component"
"C:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"="C:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\\Programme\\Gemeinsame Dateien\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="C:\\Programme\\Gemeinsame Dateien\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programme\\SopCast\\adv\\SopAdver.exe"="C:\\Programme\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Programme\\uTorrent\\uTorrent.exe"="C:\\Programme\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Programme\\MSN Messenger\\livecall.exe"="C:\\Programme\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :



Files with Hidden Attributes :

Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Programme\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Programme\Spybot - Search & Destroy\SpybotSD.exe"
Mon 18 Aug 2008 1,832,272 A.SHR --- "C:\Programme\Spybot - Search & Destroy\TeaTimer.exe"
Thu 12 Jun 2003 68,608 ..SHR --- "C:\Programme\You Don't Know Jack 4\Setup.exe"
Thu 12 Jun 2003 17,920 A..HR --- "C:\Programme\You Don't Know Jack 4\_Setup.dll"
Fri 17 Jun 2005 28,672 A..HR --- "C:\WINDOWS\MustRead\Must Read.exe"
Wed 2 Aug 2006 4,348 A.SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\DRMv1.bak"
Mon 4 Oct 2004 417,792 A..H. --- "C:\Programme\Canon\Canon Setup Utility 2.3\Maint.exe"
Thu 27 May 2004 61,440 A..H. --- "C:\Programme\Canon\Canon Setup Utility 2.3\uinstrsc.dll"
Sat 31 Mar 2007 0 A.SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\Cache\Indiv02.tmp"
Fri 22 Aug 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\851ec77bad9deffe5a3e6f29ba9e9716\BIT1.tmp"

Finished!
Dieser Beitrag wurde am 23.08.2008 um 11:30 Uhr von Moka editiert.
Seitenanfang Seitenende
24.08.2008, 11:25
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#6 Hallo Moka

was trillian betrifft... ich kenne das proggie, ist mir eigentlich noch nie als Trojaner untergekommen, aber mehrere Scanner stufen es als solchen ein ;)
Frag mal direkt bei Avast nach, die haben doch bestimmt eine Mail, zippe die exe und schicke sie hin.
Dann berichte, was sie schreiben.

-------

poste bitte noch mal ein Log vom Hijackthis.
mal sehen, ob sich die drei
C:\Programme\Internet Explorer\iexplore.exe
inzwischen auf einen verringert haben ;)

-------

was ist das ?

2008-08-13 14:49 --------- d-----w C:\Programme\Tibia8.2
2008-08-13 14:46 --------- d-----w C:\Programme\TibiaBot NG
2008-08-12 18:11 --------- d-----w C:\Dokumente und Einstellungen\Moritz\Anwendungsdaten\Tibia

-----

Virustotal http://www.virustotal.com/flash/index_en.html

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\shctxex.vb

Auf Durchsuchen klicken --> Datei aussuchen (oder gleich die Datei mit korrektem Pfad einkopieren mit Strg V) --> Klick auf die zu prüfende Datei und öffnen--> klick auf "Senden der Datei"... jetzt abwarten - dann mit der rechten Maustaste den Text markieren -> kopieren
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
24.08.2008, 20:18
Moka
Member

Themenstarter

Beiträge: 38
#7 ach und noch was ist mir aufgefallen:
jedes mal wenn ich herunterfahre klappt das nicht und es kommt ein fenster von teatimer.exe. keine ahnung was das ist oder woher das kommt ;(

Zitat

Sabina postete
Hallo Moka

was trillian betrifft... ich kenne das proggie, ist mir eigentlich noch nie als Trojaner untergekommen, aber mehrere Scanner stufen es als solchen ein ;)
Frag mal direkt bei Avast nach, die haben doch bestimmt eine Mail, zippe die exe und schicke sie hin.
Dann berichte, was sie schreiben.

=> ok mach' ich asap

-------

poste bitte noch mal ein Log vom Hijackthis.
mal sehen, ob sich die drei
C:\Programme\Internet Explorer\iexplore.exe
inzwischen auf einen verringert haben ;)

=> s.u.

-------

was ist das ?

2008-08-13 14:49 --------- d-----w C:\Programme\Tibia8.2
2008-08-13 14:46 --------- d-----w C:\Programme\TibiaBot NG
2008-08-12 18:11 --------- d-----w C:\Dokumente und Einstellungen\Moritz\Anwendungsdaten\Tibia

=> das ist ein onlinespiel, da hatte ich vor einiger zeit mal angst vor keyloggern ;)

-----

Virustotal http://www.virustotal.com/flash/index_en.html

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\shctxex.vb

Auf Durchsuchen klicken --> Datei aussuchen (oder gleich die Datei mit korrektem Pfad einkopieren mit Strg V) --> Klick auf die zu prüfende Datei und öffnen--> klick auf "Senden der Datei"... jetzt abwarten - dann mit der rechten Maustaste den Text markieren -> kopieren
=>
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.8.21.0 2008.08.22 -
AntiVir 7.8.1.23 2008.08.24 -
Authentium 5.1.0.4 2008.08.24 -
Avast 4.8.1195.0 2008.08.23 -
AVG 8.0.0.161 2008.08.24 -
BitDefender 7.2 2008.08.24 -
CAT-QuickHeal 9.50 2008.08.22 -
ClamAV 0.93.1 2008.08.24 -
DrWeb 4.44.0.09170 2008.08.24 -
eSafe 7.0.17.0 2008.08.24 -
eTrust-Vet 31.6.6044 2008.08.23 -
Ewido 4.0 2008.08.24 -
F-Prot 4.4.4.56 2008.08.24 -
F-Secure 7.60.13501.0 2008.08.24 -
Fortinet 3.14.0.0 2008.08.24 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.24 -
K7AntiVirus 7.10.427 2008.08.23 -
Kaspersky 7.0.0.125 2008.08.24 -
McAfee 5368 2008.08.22 -
Microsoft 1.3807 2008.08.24 -
NOD32v2 3382 2008.08.23 -
Norman 5.80.02 2008.08.22 -
Panda 9.0.0.4 2008.08.24 -
PCTools 4.4.2.0 2008.08.24 -
Prevx1 V2 2008.08.24 -
Rising 20.58.62.00 2008.08.24 -
Sophos 4.32.0 2008.08.24 -
Sunbelt 3.1.1575.1 2008.08.23 -
Symantec 10 2008.08.24 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.23 -
VBA32 3.12.8.4 2008.08.23 -
ViRobot 2008.8.22.1346 2008.08.22 -
VirusBuster 4.5.11.0 2008.08.24 -
Webwasher-Gateway 6.6.2 2008.08.24 -


hier der hijack this

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:18:25, on 24.08.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
C:\Programme\Alwil Software\Avast4\ashWebSv.exe
C:\Programme\PC Connectivity Solution\ServiceLayer.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SpybotSnD] "C:\Programme\Spybot - Search & Destroy\SpybotSD.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RealPlayer] "C:\Programme\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.pe.studivz.net/photouploader/ImageUploader4.cab?nocache=1203274215
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1206815132
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6422 bytes
Seitenanfang Seitenende
24.08.2008, 20:21
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#8 es ist alles wieder in bester Ordnung, was Internet Explorer\iexplore.exe betrifft.
Mit dem Trillian kann ich dir nicht weiterhelfen....
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1