Home » Viren, Trojaner & Malware Forum » PC bleibt hängen! Trojaner oder Malware?! » Themenansicht

PC bleibt hängen! Trojaner oder Malware?!
#0
11.09.2008, 01:44
whycan
Member

Beiträge: 39
#1 hallo!

brauche bitte hilfe!
kurz und prägnant hab ich folgendes problem:

mitte juli läuft mein norton antivirus ab

ein monat lang ca. ohne antivirus update etc.

seit 2 bleibt pc ab und zu hängen, mitten in der arbeit, später dann auch beim hochfahren oder beim benutzer log in

wie kann ich nun herausfinden wo hier das problem liegt?!

danke für eure hilfe
lg
whycan
Seitenanfang Seitenende
11.09.2008, 11:38
raman
Moderator

Beiträge: 7805
#2 Arbeite die Punktee 1-4 von http://board.protecus.de/t23188.htm bitte genau ab...
__________
MfG Ralf
SEO-Spam Hunter
Seitenanfang Seitenende
23.09.2008, 23:30
whycan
Member

Themenstarter

Beiträge: 39
#3 Malwarebytes Log:

Malwarebytes' Anti-Malware 1.28
Datenbank Version: 1200
Windows 5.1.2600 Service Pack 2

23.9.2008 23:00:38
mbam-log-2008-09-23 (23-00-28).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 58175
Laufzeit: 9 minute(s), 28 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 15
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\codecbho.codecplugin (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\codecbho.codecplugin.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\codecbho.xmldomdocumenteventssink (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\codecbho.xmldomdocumenteventssink.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{48e92754-2daf-4de4-8385-34f631580e9b} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a1c23ba2-8f20-4c01-b663-7ff2b3421194} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{af1a6b09-a361-4c27-b5d6-61705f7c28b2} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e5df674f-3727-4856-8d74-8db49a4ce9f1} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d37d6c1a-7ba4-47f4-9bf2-75031e257df6} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{600b86be-a420-44e4-b179-ea0728329d2c} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{f4406238-983a-4845-9053-f1d0007fd135} (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\VirusIsolator (Rogue.VirusIsolator) -> No action taken.
HKEY_CLASSES_ROOT\AppID\CodecBHO.DLL (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\RichVideoCodec (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\RichVideoCodec (Trojan.FakeAlert) -> No action taken.

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)




COMBOFIX LOG
ComboFix 08-09-22.06 - WEIKEN 2008-09-23 23:07:41.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1031.18.226 [GMT 2:00]
ausgeführt von:: C:\Dokumente und Einstellungen\WEIKEN\Desktop\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt

[color=red]Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !![/color]
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\imgpdf2.dll
C:\Dokumente und Einstellungen\MeiSian\Cookies\meisian@cs.sexcounter[2].txt
C:\Dokumente und Einstellungen\MeiSian\Cookies\meisian@news.sina.com[3].txt
C:\Dokumente und Einstellungen\MeiSian\Cookies\meisian@news.sohu[1].txt
C:\Dokumente und Einstellungen\MeiSian\Cookies\meisian@scupio[1].txt
C:\Dokumente und Einstellungen\MeiSian\Cookies\meisian@tv.yam[2].txt
C:\Dokumente und Einstellungen\MeiSian\Cookies\meisian@twsina.allyes[3].txt
C:\Dokumente und Einstellungen\MeiSian\Cookies\meisian@www.jiazu5157[1].txt
C:\Dokumente und Einstellungen\WEIKEN\Lokale Einstellungen\Tempmjiwep0.exe
.
---- Previous Run -------
.
C:\sys.txt
C:\WINDOWS\system32\FTPx.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IPRIP
-------\Service_Iprip


((((((((((((((((((((((( Dateien erstellt von 2008-08-23 bis 2008-09-23 ))))))))))))))))))))))))))))))
.

2008-09-23 22:44 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-23 22:43 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-19 23:09 . 2008-09-19 23:09 <DIR> d-------- C:\Programme\CCleaner
2008-09-15 08:24 . 2008-09-15 08:24 <DIR> dr------- C:\Dokumente und Einstellungen\MeiSian\Anwendungsdaten\Brother
2008-09-15 04:32 . 2008-09-15 05:01 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-09-11 00:56 . 2008-09-11 00:56 <DIR> d-------- C:\Programme\Sunbelt Software
2008-09-07 12:49 . 2008-09-07 12:49 <DIR> d-------- C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\AVS4YOU
2008-09-07 12:48 . 2008-09-07 12:48 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVS4YOU
2008-09-07 12:44 . 2008-09-07 12:45 <DIR> d-------- C:\Programme\Gemeinsame Dateien\AVSMedia
2008-09-07 12:43 . 2008-09-07 12:46 <DIR> d-------- C:\Programme\AVS4YOU
2008-09-07 12:43 . 2007-02-27 19:36 1,700,352 --a------ C:\WINDOWS\system32\GdiPlus.dll
2008-09-07 12:43 . 2007-02-27 19:36 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2008-09-03 16:39 . 2008-09-21 18:51 <DIR> d-------- C:\Dokumente und Einstellungen\MeiSian\Anwendungsdaten\Symantec
2008-09-03 16:35 . 2008-09-03 16:35 <DIR> d-------- C:\Programme\Windows Sidebar
2008-09-03 16:34 . 2008-09-20 00:07 <DIR> d-------- C:\Programme\Norton 360
2008-09-03 16:31 . 2008-09-15 00:31 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-09-03 16:31 . 2008-09-15 00:31 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-09-03 16:30 . 2008-09-15 02:07 <DIR> d-------- C:\Programme\Symantec
2008-09-03 16:30 . 2008-09-15 00:19 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec
2008-09-03 13:22 . 2008-09-03 13:22 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Symantec Temporary Files

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-23 21:14 --------- d-----w C:\Programme\Gemeinsame Dateien\Symantec Shared
2008-09-23 21:06 --------- d-----w C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\Skype
2008-09-23 21:05 --------- d-----w C:\Programme\OpenOffice.org 2.3
2008-09-23 20:44 --------- d-----w C:\Programme\Malwarebytes' Anti-Malware
2008-09-23 20:23 --------- d-----w C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\skypePM
2008-09-15 06:23 660 ----a-w C:\Dokumente und Einstellungen\MeiSian\Anwendungsdaten\wklnhst.dat
2008-09-14 22:31 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-09-14 22:31 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-09-07 14:55 39,078 ----a-w C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\wklnhst.dat
2008-09-05 11:19 --------- d-----w C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\Audacity
2008-09-05 09:47 --------- d-----w C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\Symantec
2008-09-03 11:41 --------- d-----w C:\Programme\Norton Internet Security
2008-08-17 19:02 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-08-17 19:02 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2008-08-17 19:01 --------- d-----w C:\Programme\Motorola Phone Tools
2008-08-17 18:52 --------- d-----w C:\Programme\Gemeinsame Dateien\Motorola Shared
2008-08-17 18:17 --------- d-----w C:\Programme\Avanquest update
2008-08-13 03:32 --------- d-----w C:\Programme\Apple Software Update
2008-08-12 22:08 --------- d-----w C:\Programme\iTunes
2008-08-12 22:07 --------- d-----w C:\Programme\iPod
2008-08-06 17:38 --------- d-----w C:\Dokumente und Einstellungen\MeiSian\Anwendungsdaten\OpenOffice.org2
2008-08-05 14:29 --------- d-----w C:\Dokumente und Einstellungen\MeiSian\Anwendungsdaten\Skype
2008-08-02 14:24 --------- d-----w C:\Programme\Gemeinsame Dateien\Skype
2008-07-31 21:52 --------- d--h--w C:\Programme\InstallShield Installation Information
2008-07-31 21:50 --------- d-----w C:\Programme\Google
2008-07-30 15:42 23,888 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-07-30 15:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-07-30 15:28 10,537 ----a-w C:\WINDOWS\system32\drivers\coh_mon.cat
2008-07-27 22:52 --------- d-----w C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\Apple Computer
2008-07-23 18:49 65,024 ----a-w C:\WINDOWS\IFinst26.exe
2008-07-23 18:49 --------- d-----w C:\Programme\XviD
2008-07-23 18:49 --------- d-----w C:\Programme\Lame MP3 Codec
2008-07-23 18:46 --------- d-----w C:\Programme\MarkAny
2008-07-23 18:46 --------- d-----w C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\DataCast
2008-07-23 18:45 --------- d-----w C:\Programme\Samsung
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:30 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:22 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-23 16:14 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-15 21:03 73,792 ----a-w C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2008-06-11 13:18 92,064 ----a-w C:\Dokumente und Einstellungen\WEIKEN\mqdmmdm.sys
2008-06-11 13:18 9,232 ----a-w C:\Dokumente und Einstellungen\WEIKEN\mqdmmdfl.sys
2008-06-11 13:18 79,328 ----a-w C:\Dokumente und Einstellungen\WEIKEN\mqdmserd.sys
2008-06-11 13:18 66,656 ----a-w C:\Dokumente und Einstellungen\WEIKEN\mqdmbus.sys
2008-06-11 13:18 6,208 ----a-w C:\Dokumente und Einstellungen\WEIKEN\mqdmcmnt.sys
2008-06-11 13:18 5,936 ----a-w C:\Dokumente und Einstellungen\WEIKEN\mqdmwhnt.sys
2008-06-11 13:18 4,048 ----a-w C:\Dokumente und Einstellungen\WEIKEN\mqdmcr.sys
2008-06-11 13:18 25,600 ----a-w C:\Dokumente und Einstellungen\WEIKEN\usbsermptxp.sys
2008-06-11 13:18 22,768 ----a-w C:\Dokumente und Einstellungen\WEIKEN\usbsermpt.sys
2005-08-22 12:31 255 ---ha-w C:\Programme\hpothb07.tif
2005-08-22 12:31 142 ---ha-w C:\Programme\hpothb07.dat
2005-08-19 03:11 323 ---ha-w C:\Dokumente und Einstellungen\WEIKEN\hpothb07.dat
2005-06-01 13:51 1,598 ----a-w C:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\wklnhst.dat
2005-05-21 20:17 868 ----a-w C:\Programme\INSTALL.LOG
2005-03-03 23:55 156 ---ha-w C:\Dokumente und Einstellungen\ADMIN\hpothb07.dat
.

((((((((((((((((((((((((((((( snapshot@2008-04-22_21.48.58.71 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:49:00 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2008-05-02 13:30:48 83,968 ----a-w C:\WINDOWS\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:49 83,968 ----a-w C:\WINDOWS\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:42:20 83,968 ----a-w C:\WINDOWS\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2007-11-01 05:15:30 187,168 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:31 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-23 04:19:40 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 04:19:40 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 04:19:40 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 04:19:40 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 04:19:40 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 04:19:40 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 04:19:40 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 04:19:40 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 04:19:40 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 04:19:40 6,068,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 04:19:40 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 04:19:40 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 04:19:41 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 04:19:41 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 04:19:41 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 04:19:41 3,593,728 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 04:19:41 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 04:19:41 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 04:19:41 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 04:19:41 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 04:19:41 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 04:19:41 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 04:19:41 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 04:19:41 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 04:19:41 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:14:08 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:14:13 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:14:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:16:43 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:19 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:08 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:08 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:40:03 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:04:24 691,712 ----a-w C:\WINDOWS\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 22:22:58 691,712 ----a-w C:\WINDOWS\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:25 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:34 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:01:09 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:32:01 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:37:44 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:18:34 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:18:35 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:16:13 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:58:22 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:21:08 273,024 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:18:34 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:18:35 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:02 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:10:35 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:30 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:34 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:13:36 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:12 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:12 247,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:10 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:10 247,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:49 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:49 247,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:08 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:08 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:04:02 331,776 ----a-w C:\WINDOWS\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:34:52 331,776 ----a-w C:\WINDOWS\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:38:50 331,776 ----a-w C:\WINDOWS\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:18:34 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:18:35 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:30:04 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:42:48 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:23 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 15:37:33 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 15:37:34 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 15:37:34 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 15:37:34 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 15:37:34 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 15:37:35 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 15:37:35 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 15:37:35 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 15:37:36 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 15:37:40 6,068,736 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 15:37:40 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 15:37:40 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 15:37:41 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 15:37:42 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 15:37:42 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 15:37:46 3,594,240 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 15:37:47 477,696 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 15:37:47 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 15:37:48 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 15:37:48 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 15:37:48 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 15:37:48 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 15:37:50 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 15:37:50 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 15:37:51 827,904 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:14:08 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:14:13 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:14:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 12:39:14 18,808 ----a-w C:\WINDOWS\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:18:35 388,984 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\updspapi.dll
+ 2004-08-04 07:57:24 294,400 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2004-08-04 07:57:26 82,944 -c----w C:\WINDOWS\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB946648$\spuninst\updspapi.dll
+ 2004-08-04 07:57:16 561,179 -c----w C:\WINDOWS\$NtUninstallKB950749$\dao360.dll
+ 2004-08-04 07:57:26 512,029 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-04 07:57:26 319,517 -c----w C:\WINDOWS\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-04 07:57:26 1,507,356 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjet40.dll
+ 2004-03-01 18:52:15 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetol1.dll
+ 2004-03-01 18:52:15 358,976 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-04 07:57:26 180,255 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-04 07:57:26 53,279 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-04 07:57:26 241,693 -c----w C:\WINDOWS\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-04 07:57:27 213,023 -c----w C:\WINDOWS\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-04 07:57:28 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-04 07:57:28 421,919 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-04 07:57:28 315,423 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-04 07:57:28 552,989 -c----w C:\WINDOWS\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-04 07:57:28 258,077 -c----w C:\WINDOWS\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-04 07:57:28 831,519 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-04 07:57:29 614,429 -c----w C:\WINDOWS\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-04 07:57:29 348,189 -c----w C:\WINDOWS\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w C:\WINDOWS\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2005-07-26 04:39:46 243,200 -c----w C:\WINDOWS\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2007-11-30 12:39:08 388,984 -c----w C:\WINDOWS\$NtUninstallKB950974$\spuninst\updspapi.dll
+ 2007-08-21 06:16:14 683,520 -c----w C:\WINDOWS\$NtUninstallKB951066$\inetcomm.dll
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB951066$\spuninst\updspapi.dll
+ 2007-11-30 11:18:34 234,872 -c----w C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2007-11-13 11:31:11 60,416 -c----w C:\WINDOWS\$NtUninstallKB951072-v2$\tzchange.exe
+ 2008-04-14 15:51:00 273,024 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:18:34 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:18:35 388,984 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2004-08-04 07:40:52 275,200 -c----w C:\WINDOWS\$NtUninstallKB951376$\bthport.sys
+ 2007-11-30 11:18:34 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:18:35 388,984 -c----w C:\WINDOWS\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:42:30 1,293,312 -c----w C:\WINDOWS\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:18:34 234,872 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2004-08-04 06:14:14 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748$\afd.sys
+ 2008-02-20 05:33:54 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
+ 2004-08-04 07:57:28 247,296 -c----w C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:08 388,984 -c----w C:\WINDOWS\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys
+ 2004-08-04 07:57:24 331,776 -c----w C:\WINDOWS\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:18:34 234,872 -c----w C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2007-11-30 11:18:35 388,984 -c----w C:\WINDOWS\$NtUninstallKB952287$\spuninst\updspapi.dll
+ 2005-06-29 01:49:39 74,240 -c----w C:\WINDOWS\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w C:\WINDOWS\$NtUninstallKB952954$\spuninst\updspapi.dll
+ 2007-11-30 12:39:14 234,872 -c----w C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe
+ 2007-11-30 11:18:35 388,984 -c----w C:\WINDOWS\$NtUninstallKB953839$\spuninst\updspapi.dll
+ 2006-11-02 05:22:52 51,680 -c----w C:\WINDOWS\$NtUninstallWdf01005$\spuninst\Kmdfcustom.dll
+ 2006-10-08 19:51:14 221,488 -c----w C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe
+ 2006-10-08 19:51:14 379,184 -c----w C:\WINDOWS\$NtUninstallWdf01005$\spuninst\updspapi.dll
+ 2008-03-24 17:33:02 1,527,056 ----a-w C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2008-06-14 17:57:40 273,024 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-03-01 12:53:51 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 12:53:51 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 12:53:52 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 12:53:52 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 12:53:52 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:54:43 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 12:53:52 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 12:53:52 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 12:53:52 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 12:53:53 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 12:53:56 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 12:53:57 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 12:53:57 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:55:08 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 12:53:58 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 12:53:59 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 12:53:59 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:24:04 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 12:54:02 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 12:54:03 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 12:54:03 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 12:54:03 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 12:54:04 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:14:13 217,312 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 12:54:04 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 12:54:04 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 12:54:05 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 12:54:05 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
+ 2008-04-23 04:16:29 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:29 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:29 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:29 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:29 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:39:48 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:29 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:29 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:29 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:29 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:30 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:30 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:30 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:40:19 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:30 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:30 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:30 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 20:16:32 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:31 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:31 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:31 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:31 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:31 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:14:13 217,312 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:31 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:31 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:32 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:32 826,368 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
+ 2006-10-26 19:12:56 396,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6021\MOC.EXE
+ 2007-05-08 10:10:18 16,874,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6021\MSO.DLL
+ 2007-03-21 17:56:50 8,425,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2006-10-27 14:18:34 1,658,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-05-10 08:04:28 846,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6021\OICE.EXE
+ 2007-05-10 09:11:42 1,767,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2007-03-21 18:00:06 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2007-03-21 17:58:40 4,145,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6021\WRD12CNV.DLL
+ 2007-03-21 17:58:46 24,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6021\WRD12EXE.EXE
+ 2007-09-14 19:45:58 16,901,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 22:19:24 1,654,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-24 03:00:34 1,767,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6215\PPCNV.DLL
+ 2007-08-24 03:00:48 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020070400000000000F01FEC\12.0.6215\PXBCOM.EXE
+ 2003-07-15 05:52:56 55,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\MSOHTMED.EXE
+ 2003-07-15 05:57:08 58,944 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\7040580900063D11C8EF10054038389C\11.0.6506\SEQCHK10.DLL
+ 2008-02-21 14:02:40 873,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\FF26F08EC3D591A4489079122F292860\3.4.1\LUALL.EXE
+ 2008-02-21 14:02:46 3,220,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\FF26F08EC3D591A4489079122F292860\3.4.1\LuComServer.EXE
+ 2008-05-22 08:00:21 29,926 ----a-r C:\WINDOWS\Installer\{2B091530-69AA-442E-AB09-39ED06B58220}\MsblIco.Exe
+ 2008-08-12 22:09:02 102,400 ----a-r C:\WINDOWS\Installer\{3DE0053C-FD9A-483E-B7C9-B06E4392206E}\iTunesIco.exe
+ 2008-07-22 10:51:48 86,016 ----a-r C:\WINDOWS\Installer\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}\PrntWzrdIco.exe
+ 2008-08-12 22:13:53 27,136 ----a-r C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
- 2008-03-12 12:36:31 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-0407-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-09-09 22:16:07 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-0407-0000-0000000FF1CE}\O12ConvIcon.exe
- 2008-03-12 15:01:33 167,936 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2008-09-09 22:14:15 167,936 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2008-03-12 15:01:33 2,560 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2008-09-09 22:14:15 2,560 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2008-03-12 15:01:33 81,920 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2008-09-09 22:14:16 81,920 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2008-03-12 15:01:33 34,304 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2008-09-09 22:14:15 34,304 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2008-03-12 15:01:33 8,192 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2008-09-09 22:14:16 8,192 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2008-03-12 15:01:33 3,584 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2008-09-09 22:14:16 3,584 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2008-03-12 15:01:33 114,688 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2008-09-09 22:14:16 114,688 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2008-03-12 15:01:33 16,384 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2008-09-09 22:14:15 16,384 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2008-03-12 15:01:33 30,720 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2008-09-09 22:14:15 30,720 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2008-03-12 15:01:33 22,528 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2008-09-09 22:14:16 22,528 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2008-03-12 15:01:33 45,056 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2008-09-09 22:14:15 45,056 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2008-03-12 15:01:33 90,112 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2008-09-09 22:14:15 90,112 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2008-03-12 04:45:29 135,168 ----a-r C:\WINDOWS\Installer\{90850407-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-09 22:15:41 135,168 ----a-r C:\WINDOWS\Installer\{90850407-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-03-12 04:45:29 40,960 ----a-r C:\WINDOWS\Installer\{90850407-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
+ 2008-09-09 22:15:41 40,960 ----a-r C:\WINDOWS\Installer\{90850407-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe
- 2008-03-12 04:43:06 2,560 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2008-09-09 22:14:31 2,560 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2008-03-12 04:43:06 34,304 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2008-09-09 22:14:31 34,304 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2008-03-12 04:43:06 8,192 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2008-09-09 22:14:31 8,192 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2008-03-12 04:43:06 3,584 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2008-09-09 22:14:31 3,584 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2008-03-12 04:43:06 16,384 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2008-09-09 22:14:31 16,384 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2008-03-12 04:43:06 22,528 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2008-09-09 22:14:31 22,528 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2008-03-12 04:43:06 45,056 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2008-09-09 22:14:31 45,056 ----a-r C:\WINDOWS\Installer\{911B0407-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2008-09-03 14:30:56 7,406 ----a-r C:\WINDOWS\Installer\{E80F62FF-5D3C-4A19-8409-9721F2928206}\IconE80F62FF.exe
- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
- 2008-03-01 12:53:51 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-06-23 16:14:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2006-12-28 14:13:52 516,832 ----a-w C:\WINDOWS\system32\capicom.dll
+ 2007-04-11 11:11:20 511,328 ----a-w C:\WINDOWS\system32\capicom.dll
- 2008-03-01 12:53:51 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-23 16:14:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-20 10:44:38 138,368 -c----w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-14 17:57:40 273,024 -c----w C:\WINDOWS\system32\dllcache\bthport.sys
- 2007-07-30 17:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
+ 2008-07-18 20:10:48 94,920 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
+ 2008-03-25 04:50:25 554,008 -c----w C:\WINDOWS\system32\dllcache\dao360.dll
- 2008-02-20 05:33:54 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:39:48 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2008-03-01 12:53:51 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:14:40 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 12:53:52 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:14:40 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2005-07-26 04:39:46 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
+ 2008-07-07 20:30:55 253,952 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
- 2008-03-01 12:53:52 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 16:14:40 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 12:53:52 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-06-23 16:14:40 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-02-29 08:54:43 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-06-23 09:20:01 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-03-01 12:53:52 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-06-23 16:14:40 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 12:53:52 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-06-23 16:14:40 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-06-21 05:23:54 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-03-01 12:53:52 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-06-23 16:14:40 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 12:53:53 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-06-23 16:14:40 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 12:53:56 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-06-23 16:14:41 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 12:53:57 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-06-23 16:14:41 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 12:53:57 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-06-23 16:14:42 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-02-29 08:55:08 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-06-23 09:20:25 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-21 06:16:14 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:50:09 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2008-03-01 12:53:58 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 16:14:42 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-05-01 14:30:33 331,776 -c----w C:\WINDOWS\system32\dllcache\msadce.dll
+ 2008-06-24 16:22:31 74,240 -c----w C:\WINDOWS\system32\dllcache\mscms.dll
- 2004-08-04 07:57:24 294,400 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-02-26 11:59:49 294,912 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-03-25 04:50:28 518,944 -c----w C:\WINDOWS\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:30 326,432 -c----w C:\WINDOWS\system32\dllcache\msexcl40.dll
- 2008-03-01 12:53:59 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-06-23 16:14:42 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 12:53:59 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-06-23 16:14:42 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 16:24:04 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-24 08:14:44 3,592,192 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-03-01 12:54:02 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 16:14:44 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-03-25 04:50:34 1,516,568 -c----w C:\WINDOWS\system32\dllcache\msjet40.dll
- 2004-03-01 18:52:15 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40 355,112 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:51:12 187,168 -c----w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2008-03-25 04:50:42 60,192 -c----w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:42 248,608 -c----w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:44 219,936 -c----w C:\WINDOWS\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:45 355,104 -c----w C:\WINDOWS\system32\dllcache\mspbde40.dll
- 2008-03-01 12:54:03 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 16:14:44 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-03-25 04:50:47 432,928 -c----w C:\WINDOWS\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:49 322,336 -c----w C:\WINDOWS\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:52 559,904 -c----w C:\WINDOWS\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:55 264,992 -c----w C:\WINDOWS\system32\dllcache\mstext40.dll
- 2008-03-01 12:54:03 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 16:14:44 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-03-25 04:50:57 838,432 -c----w C:\WINDOWS\system32\dllcache\mswdat10.dll
- 2004-08-04 07:57:28 247,296 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-06-20 17:39:48 247,296 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-03-25 04:51:12 621,344 -c----w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58 355,104 -c----w C:\WINDOWS\system32\dllcache\msxbde40.dll
- 2008-03-01 12:54:03 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-06-23 16:14:44 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 12:54:04 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:14:44 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:42:30 1,293,312 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 05:14:45 1,293,312 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2008-03-01 12:54:04 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-06-23 16:14:44 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 12:54:04 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 16:14:44 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2004-08-04 05:08:42 25,600 -c--a-w C:\WINDOWS\system32\dllcache\usbser.sys
- 2008-03-01 12:54:05 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-06-23 16:14:44 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 12:54:05 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 16:14:45 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2007-07-30 17:19:36 549,720 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
+ 2008-07-18 20:09:44 563,912 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
- 2007-07-30 17:19:16 53,080 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
+ 2008-07-18 20:10:42 53,448 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
+ 2008-07-18 20:09:42 1,811,656 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
- 2007-07-30 17:19:32 325,976 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
+ 2008-07-18 20:09:46 325,832 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
- 2007-07-30 17:18:40 33,624 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
+ 2008-07-18 20:10:20 36,552 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
- 2007-07-30 17:19:28 203,096 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
+ 2008-07-18 20:09:44 205,000 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
+ 2007-07-24 13:17:08 81,920 ----a-w C:\WINDOWS\system32\dns-sd.exe
- 2008-02-20 05:33:54 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:39:48 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2007-07-24 13:17:08 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll
- 2004-08-04 06:14:14 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2004-08-04 07:40:52 275,200 ------w C:\WINDOWS\system32\drivers\bthport.sys
+ 2008-06-14 17:57:40 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
+ 2007-08-08 16:39:56 36,056 ----a-w C:\WINDOWS\system32\drivers\CO_Mon.sys
- 2006-09-19 14:44:04 15,664 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
+ 2008-01-29 10:01:28 16,168 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
+ 2007-02-27 12:31:28 21,504 ----a-w C:\WINDOWS\system32\drivers\motmodem.sys
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
- 2007-11-30 22:57:12 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
+ 2008-02-01 01:51:16 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
- 2007-11-30 22:57:12 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
+ 2008-02-01 01:51:16 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
- 2007-11-30 22:57:12 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
+ 2008-02-01 01:51:16 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
- 2007-10-30 18:55:14 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
+ 2008-06-13 12:13:38 13,616 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
- 2007-10-30 18:55:20 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
+ 2008-06-13 12:13:38 96,432 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
- 2007-10-30 18:55:28 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys
+ 2008-06-13 12:13:38 38,576 ----a-w C:\WINDOWS\system32\drivers\symids.sys
+ 2008-06-13 12:14:02 31,280 ----a-w C:\WINDOWS\system32\drivers\SymIM.sys
- 2007-10-30 18:55:24 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
+ 2008-06-13 12:13:38 37,424 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
- 2007-10-30 18:55:44 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
+ 2008-06-13 12:13:40 41,008 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
- 2007-10-30 18:55:34 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
+ 2008-06-13 12:13:38 22,320 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
- 2007-10-30 18:55:38 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
+ 2008-06-13 12:13:40 184,240 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
- 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-07-10 07:35:22 32,000 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
+ 2004-08-04 05:08:42 25,600 ----a-w C:\WINDOWS\system32\drivers\usbser.sys
+ 2006-11-02 05:22:54 492,000 ------w C:\WINDOWS\system32\drivers\wdf01000.sys
+ 2006-11-02 05:22:52 32,224 ------w C:\WINDOWS\system32\drivers\wdfldr.sys
+ 2007-02-27 12:31:18 17,792 -c--a-w C:\WINDOWS\system32\DRVSTORE\motccgp_B54E2AE72FC4F575918F765D66FD7A32A96B836E\motccgp.sys
+ 2007-01-23 17:03:44 7,680 -c--a-w C:\WINDOWS\system32\DRVSTORE\motccgp_B54E2AE72FC4F575918F765D66FD7A32A96B836E\motccgpfl.sys
+ 2006-12-06 15:33:54 6,400 -c--a-w C:\WINDOWS\system32\DRVSTORE\motccgp_B54E2AE72FC4F575918F765D66FD7A32A96B836E\motswch.sys
+ 2006-11-13 12:45:54 1,419,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\motccgp_B54E2AE72FC4F575918F765D66FD7A32A96B836E\wdfcoinstaller01005.dll
+ 2007-02-27 12:31:28 21,504 -c--a-w C:\WINDOWS\system32\DRVSTORE\motmodem_5A78965824B665693BA32EB804F366C0662AB61B\motmodem.sys
+ 2006-11-13 12:45:54 1,419,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\motmodem_5A78965824B665693BA32EB804F366C0662AB61B\wdfcoinstaller01005.dll
+ 2006-07-28 06:10:08 6,144 -c--a-w C:\WINDOWS\system32\DRVSTORE\motodrv_790AECF80A9B3907D8D111D32F7F2573FDCB388A\mot_ci.dll
+ 2006-12-14 08:27:18 40,832 -c--a-w C:\WINDOWS\system32\DRVSTORE\motodrv_790AECF80A9B3907D8D111D32F7F2573FDCB388A\motodrv.sys
+ 2007-01-23 19:36:20 6,016 -c--a-w C:\WINDOWS\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motfilt.sys
+ 2007-01-23 19:36:28 22,016 -c--a-w C:\WINDOWS\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\Motousbnet.sys
+ 2006-12-06 15:33:54 6,400 -c--a-w C:\WINDOWS\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motswch.sys
+ 2006-11-13 12:45:54 1,419,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\wdfcoinstaller01005.dll
+ 2007-02-27 12:31:30 21,504 -c--a-w C:\WINDOWS\system32\DRVSTORE\motport_71D29C62AEE638CB12228E143B8BA0A030CBEC0F\motport.sys
+ 2006-11-13 12:45:54 1,419,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\motport_71D29C62AEE638CB12228E143B8BA0A030CBEC0F\wdfcoinstaller01005.dll
+ 2008-07-10 07:35:22 32,000 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_97B931EF204A3188AFFD15A9A5337268E8B6F312\usbaapl.sys
- 2008-03-01 12:53:51 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 16:14:40 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 12:53:52 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 16:14:40 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 12:53:52 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:14:40 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2006-10-03 17:47:52 109,360 ----a-w C:\WINDOWS\system32\GEARAspi.dll
+ 2008-01-29 10:02:30 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
- 2008-03-01 12:53:52 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-06-23 16:14:40 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:54:43 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-06-23 09:20:01 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 12:53:52 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-06-23 16:14:40 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 12:53:52 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-06-23 16:14:40 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-06-21 05:23:54 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 12:53:52 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-06-23 16:14:40 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 12:53:53 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-06-23 16:14:40 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 12:53:56 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-06-23 16:14:41 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 12:53:57 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-06-23 16:14:41 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 12:53:57 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-06-23 16:14:42 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-08-21 06:16:14 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:50:09 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2008-03-01 12:53:58 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 16:14:42 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2005-05-03 07:33:58 299,008 ----a-w C:\WINDOWS\system32\LAME_MP3.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
+ 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-04-26 17:36:04 74,649 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-04-23 15:00:07 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
+ 2005-01-28 16:11:24 45,056 ----a-w C:\WINDOWS\system32\MACXMLProto.dll
+ 2004-10-11 21:20:50 118,784 ----a-w C:\WINDOWS\system32\MaDRM.dll
+ 2004-03-22 16:14:24 49,152 ----a-w C:\WINDOWS\system32\MaJGUILib.dll
+ 2004-05-30 19:13:20 106,609 ----a-w C:\WINDOWS\system32\MaJUtilLib.dll
+ 2004-05-31 10:50:04 40,960 ----a-w C:\WINDOWS\system32\MAMACExtract.dll
+ 2006-03-25 09:59:12 24,576 ----a-w C:\WINDOWS\system32\MASetupCleaner.exe
+ 2006-02-23 17:14:54 364,544 ----a-w C:\WINDOWS\system32\MASetupWizard.dll
+ 2004-06-02 20:19:18 45,056 ----a-w C:\WINDOWS\system32\MaXMLProto.dll
+ 2004-11-24 08:31:20 57,344 ----a-w C:\WINDOWS\system32\MK_Lyric.dll
+ 2006-07-28 06:10:08 6,144 ----a-w C:\WINDOWS\system32\mot_ci.dll
- 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-26 20:28:12 16,208,504 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2006-01-17 09:29:34 245,760 ----a-w C:\WINDOWS\system32\MSCLib.dll
- 2004-08-04 07:57:24 294,400 ----a-w C:\WINDOWS\system32\msctf.dll
+ 2008-02-26 11:59:49 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
- 2004-08-04 07:57:26 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll
+ 2008-03-25 04:50:28 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll
- 2004-08-04 07:57:26 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll
+ 2008-03-25 04:50:30 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll
- 2008-03-01 12:53:59 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-06-23 16:14:42 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 12:53:59 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-06-23 16:14:42 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2006-01-17 09:29:34 155,648 ----a-w C:\WINDOWS\system32\MSFLib.dll
- 2008-03-01 16:24:04 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-24 08:14:44 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 12:54:02 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 16:14:44 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-04 07:57:26 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll
+ 2008-03-25 04:50:34 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll
- 2004-03-01 18:52:15 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll
- 2004-08-04 07:57:26 180,255 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-03-25 04:51:12 187,168 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-08-04 07:57:26 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll
+ 2008-03-25 04:50:42 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll
- 2004-08-04 07:57:26 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll
+ 2008-03-25 04:50:42 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll
- 2004-08-04 07:57:27 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll
+ 2008-03-25 04:50:44 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
- 2004-08-04 07:57:28 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll
+ 2008-03-25 04:50:45 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll
- 2008-03-01 12:54:03 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 16:14:44 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2004-08-04 07:57:28 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll
+ 2008-03-25 04:50:47 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll
- 2004-08-04 07:57:28 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll
+ 2008-03-25 04:50:49 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll
- 2004-08-04 07:57:28 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll
+ 2008-03-25 04:50:52 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll
- 2004-08-04 07:57:28 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll
+ 2008-03-25 04:50:55 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll
- 2008-03-01 12:54:03 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 16:14:44 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-08-04 07:57:28 1,392,671 ----a-w C:\WINDOWS\system32\msvbvm60.dll
+ 2004-02-23 18:42:40 1,386,496 ----a-w C:\WINDOWS\system32\MSVBVM60.DLL
- 2002-01-21 16:21:04 487,424 ------r C:\WINDOWS\system32\msvcp70.dll
+ 2007-02-27 17:36:14 487,424 ----a-w C:\WINDOWS\system32\msvcp70.dll
- 2001-12-17 02:12:38 344,064 ------r C:\WINDOWS\system32\msvcr70.dll
+ 2007-02-27 17:36:14 344,064 ----a-w C:\WINDOWS\system32\msvcr70.dll
- 2004-08-04 07:57:28 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll
+ 2008-03-25 04:50:57 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll
- 2004-08-04 07:57:28 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
+ 2008-06-20 17:39:48 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll
- 2004-08-04 07:57:29 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll
+ 2008-03-25 04:51:12 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
- 2004-08-04 07:57:29 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll
+ 2008-03-25 04:50:58 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll
- 2001-03-08 18:30:00 24,064 ------w C:\WINDOWS\system32\msxml3a.dll
+ 2007-02-27 17:36:12 24,576 ----a-w C:\WINDOWS\system32\msxml3a.dll
+ 2003-04-18 14:29:26 44,544 ----a-w C:\WINDOWS\system32\msxml4a.dll
- 2002-02-04 02:43:00 82,432 ------w C:\WINDOWS\system32\msxml4r.dll
+ 2003-04-18 14:29:26 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll
+ 2004-09-30 15:31:10 40,960 ----a-w C:\WINDOWS\system32\MTTELECHIP.dll
+ 2004-08-20 12:41:00 57,344 ----a-w C:\WINDOWS\system32\MTXSYNCICON.dll
+ 2006-04-11 10:26:28 135,168 ----a-w C:\WINDOWS\system32\muzaf1.dll
+ 2006-06-08 17:53:06 471,040 ----a-w C:\WINDOWS\system32\muzapp.dll
+ 2007-03-15 15:23:24 167,936 ----a-w C:\WINDOWS\system32\muzapp.exe
+ 2006-02-11 11:14:24 200,704 ----a-w C:\WINDOWS\system32\muzwmts.dll
- 2008-03-01 12:54:03 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-06-23 16:14:44 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2002-10-05 06:04:18 45,056 ----a-w C:\WINDOWS\system32\Ogg.dll
+ 2002-10-07 01:42:58 237,568 ----a-w C:\WINDOWS\system32\OggDS.dll
- 2008-03-30 05:28:16 65,324 ----a-w C:\WINDOWS\system32\perfc007.dat
+ 2008-04-22 19:36:15 65,324 ----a-w C:\WINDOWS\system32\perfc007.dat
- 2008-03-30 05:28:16 54,108 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-22 19:36:16 54,108 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-03-30 05:28:16 394,024 ----a-w C:\WINDOWS\system32\perfh007.dat
+ 2008-04-22 19:36:16 394,024 ----a-w C:\WINDOWS\system32\perfh007.dat
- 2008-03-30 05:28:16 383,034 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-22 19:36:16 383,034 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-03-01 12:54:04 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 16:14:44 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2004-09-27 05:35:22 2,768,896 ----a-w C:\WINDOWS\system32\psconv\GSDLL32.dll
+ 2005-01-24 23:52:26 40,960 ----a-w C:\WINDOWS\system32\psconv\PSConvert.exe
- 2007-10-29 22:42:30 1,293,312 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-05-07 05:14:45 1,293,312 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-07-10 07:35:22 32,000 ----a-w C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\usbaapl.sys
- 2007-01-19 11:53:04 51,056 ----a-w C:\WINDOWS\system32\sirenacm.dll
+ 2007-10-18 09:31:46 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
+ 2008-07-18 20:10:20 36,552 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-07-18 20:10:40 45,768 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
- 2006-11-17 14:14:30 16,176 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 12:39:14 18,808 ------w C:\WINDOWS\system32\spmsg.dll
- 2006-09-25 16:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2006-10-08 19:51:14 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
- 2007-10-30 18:55:50 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll
+ 2008-06-13 12:45:48 579,464 ----a-w C:\WINDOWS\system32\SymNeti.dll
- 2007-10-30 18:55:48 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll
+ 2008-06-13 12:45:44 207,240 ----a-w C:\WINDOWS\system32\SymRedir.dll
+ 2006-01-20 08:11:16 110,592 ----a-w C:\WINDOWS\system32\tg_dump.dll
- 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
- 2005-03-01 10:27:04 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
+ 2007-03-29 09:04:24 258,352 ----a-w C:\WINDOWS\system32\unicows.dll
- 2008-03-01 12:54:04 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-06-23 16:14:44 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 12:54:04 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 16:14:44 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2002-10-05 06:04:26 188,416 ----a-w C:\WINDOWS\system32\vorbis.dll
+ 2002-10-05 06:04:26 921,600 ----a-w C:\WINDOWS\system32\vorbisenc.dll
+ 2006-11-13 12:45:54 1,419,232 ----a-w C:\WINDOWS\system32\wdfcoinstaller01005.dll
- 2008-03-01 12:54:05 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-06-23 16:14:44 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2004-12-20 09:03:26 679,936 ----a-w C:\WINDOWS\system32\xvidcore.dll
+ 2004-12-20 09:08:28 155,648 ----a-w C:\WINDOWS\system32\xvidvfw.dll
+ 2008-09-23 15:17:37 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_5f4.dat
+ 2006-12-01 20:56:00 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-01 20:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-01 20:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 20:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 22:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-01 22:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 22:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 22:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-01 22:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 22:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 22:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 22:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 22:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 22:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-01 22:46:44 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2008-04-15 17:54:16 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-02-26 10:34 576352 --a------ C:\Programme\Gemeinsame Dateien\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-02-26 10:34 576352 --a------ C:\Programme\Gemeinsame Dateien\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-02-26 10:34 576352 --a------ C:\Programme\Gemeinsame Dateien\Symantec Shared\Backup\buShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"MSMSGS"="C:\Programme\Messenger\msmsgs.exe" [2004-10-13 1694208]
"swg"="C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-17 68856]
"Skype"="C:\Programme\Skype\Phone\Skype.exe" [2008-07-23 21738792]
"msnmsgr"="C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CamMonitor"="C:\Programme\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe" [2002-10-07 90112]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"Microsoft Works Update Detection"="C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-17 50688]
"type32"="C:\Programme\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]
"IntelliPoint"="C:\Programme\Microsoft IntelliPoint\point32.exe" [2004-06-03 204800]
"SSBkgdUpdate"="C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="C:\Programme\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 57393]
"IndexSearch"="C:\Programme\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 40960]
"SetDefPrt"="C:\Programme\Brother\Brmfl04b\BrStDvPt.exe" [2004-05-25 49152]
"ControlCenter2.0"="C:\Programme\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 851968]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 286720]
"AppleSyncNotifier"="C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2008-05-27 413696]
"SMSTray"="C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976]
"MAAgent"="C:\Programme\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 57344]
"iTunesHelper"="C:\Programme\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"ccApp"="C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" [2008-02-18 51048]
"osCheck"="C:\Programme\Norton 360\osCheck.exe" [2008-02-26 988512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv31"= C:\WINDOWS\System32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\System32\ir32_32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programme\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programme\\Bonjour\\mDNSResponder.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\Programme\\iTunes\\iTunes.exe"=
"C:\\Programme\\Skype\\Phone\\Skype.exe"=

R3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver;C:\WINDOWS\system32\Drivers\BrSerIf.sys [2004-06-12 51712]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\WINDOWS\system32\Drivers\BrUsbSer.sys [2004-01-10 11648]
S3 jgameenp;jgameenp;C:\DOKUME~1\WEIKEN\LOKALE~1\Temp\jgameenp.sys [ ]
S3 Wdm1;Vivanco USB Link Cable Driver;C:\WINDOWS\system32\Drivers\usbbc.sys [2002-11-18 15576]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a9f7d71-3c7c-11dd-82b2-000d61c960a1}]
\Shell\AutoRun\command - D:\msdebug.exe

*Newly Created Service* - COMHOST
.
Inhalt des "geplante Tasks" Ordners
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKLM-Run-Wizard - (no file)
HKLM-Run-FirstSteps - (no file)


.
------- Zusätzlicher Suchlauf -------
.
FireFox -: Profile - C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\Mozilla\Firefox\Profiles\30iqz4do.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.studivz.net
FF -: plugin - C:\Programme\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 23:15:04
Windows 5.1.2600 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
Zeit der Fertigstellung: 2008-09-23 23:21:13
ComboFix-quarantined-files.txt 2008-09-23 21:20:57

Vor Suchlauf: 32 Verzeichnis(se), 74,299,215,872 Bytes frei
Nach Suchlauf: 35 Verzeichnis(se), 74,384,658,432 Bytes frei

998 --- E O F --- 2008-09-09 22:18:12




HIJACKTHIS LOG
Logfile of HijackThis v1.99.1
Scan saved at 23:25:57, on 23.09.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\iPod\bin\iPodService.exe
C:\PROGRA~1\GEMEIN~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\winlogon.exe
C:\Programme\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\Microsoft IntelliType Pro\type32.exe
C:\Programme\Microsoft IntelliPoint\point32.exe
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
C:\Programme\Brother\ControlCenter2\brctrcen.exe
C:\Programme\MarkAny\ContentSafer\MAAgent.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\WEIKEN\Eigene Dateien\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.at/0SEDEAT/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\GEMEIN~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [CamMonitor] C:\Programme\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [type32] "C:\Programme\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04b\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SMSTray] C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Programme\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\programme\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by22fd.bay22.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-AT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/saba/de/win/QuickTimeInstaller.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125807103937
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.studivz.net/photouploader/ImageUploader4.cab
O16 - DPF: {96512D57-F751-4088-A689-5778FCC77F7A} (Photo Uploader Control) - http://www.studivz.net/lib/photouploader/PhotoUploader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\GEMEIN~1\SYMANT~1\CCPD-LC\symlcsvc.exe


DATFIND.BAT

Verzeichnis von C:\WINDOWS\system32

23.09.2008 22:20 1.158 wpa.dbl
15.09.2008 08:24 0 Biport
15.09.2008 00:31 60.800 S32EVNT1.DLL
26.08.2008 22:28 16.208.504 MRT.exe
15.08.2008 16:11 118 MRT.INI
15.08.2008 16:06 609.048 TZLog.log
02.08.2008 16:27 56 ezsidmv.dat
18.07.2008 22:10 94.920 cdm.dll
18.07.2008 22:10 53.448 wuauclt.exe
18.07.2008 22:10 45.768 wups2.dll
18.07.2008 22:10 36.552 wups.dll
18.07.2008 22:10 33.992 wucltui.dll.mui
18.07.2008 22:09 29.896 wuaucpl.cpl.mui
18.07.2008 22:09 29.896 wuapi.dll.mui
18.07.2008 22:09 215.752 wuaucpl.cpl
18.07.2008 22:09 325.832 wucltui.dll
18.07.2008 22:09 563.912 wuapi.dll
18.07.2008 22:09 205.000 wuweb.dll
18.07.2008 22:09 1.811.656 wuaueng.dll
18.07.2008 22:08 21.192 wuaueng.dll.mui
18.07.2008 22:07 270.880 mucltui.dll
18.07.2008 22:07 29.728 mucltui.dll.mui
18.07.2008 22:07 210.976 muweb.dll
14.07.2008 13:09 62.976 tzchange.exe
07.07.2008 22:30 253.952 es.dll
30.06.2008 12:41 164 psconv.ini
24.06.2008 18:22 74.240 mscms.dll
24.06.2008 18:12 295.936 wmpeffects.dll
24.06.2008 10:14 3.592.192 mshtml.dll
23.06.2008 18:14 826.368 wininet.dll
23.06.2008 18:14 44.544 pngfilt.dll
23.06.2008 18:14 477.696 mshtmled.dll
23.06.2008 18:14 105.984 url.dll
23.06.2008 18:14 233.472 webcheck.dll
23.06.2008 18:14 193.024 msrating.dll
23.06.2008 18:14 1.159.680 urlmon.dll
23.06.2008 18:14 671.232 mstime.dll
23.06.2008 18:14 102.912 occache.dll
23.06.2008 18:14 1.831.424 inetcpl.cpl
23.06.2008 18:14 459.264 msfeeds.dll
23.06.2008 18:14 267.776 iertutil.dll
23.06.2008 18:14 27.648 jsproxy.dll
23.06.2008 18:14 52.224 msfeedsbs.dll
23.06.2008 18:14 6.066.176 ieframe.dll
23.06.2008 18:14 44.544 iernonce.dll
23.06.2008 18:14 214.528 dxtrans.dll
23.06.2008 18:14 347.136 dxtmsft.dll
23.06.2008 18:14 133.120 extmgr.dll
23.06.2008 18:14 383.488 ieapfltr.dll
23.06.2008 18:14 153.088 ieakeng.dll
23.06.2008 18:14 63.488 icardie.dll
23.06.2008 18:14 384.512 iedkcs32.dll
23.06.2008 18:14 230.400 ieaksie.dll
23.06.2008 18:14 124.928 advpack.dll
23.06.2008 11:20 13.824 ieudinit.exe
23.06.2008 11:20 70.656 ie4uinit.exe
21.06.2008 07:23 161.792 ieakui.dll
20.06.2008 19:39 247.296 mswsock.dll
20.06.2008 19:39 148.992 dnsapi.dll
13.06.2008 14:45 579.464 SymNeti.dll
13.06.2008 14:45 207.240 SymRedir.dll


ich glaub das sollte reichen
danke vielmals!
Seitenanfang Seitenende
19.10.2008, 18:17
whycan
Member

Themenstarter

Beiträge: 39
#4 hilfe? bräuchte bitte wen der mir hlift und meine obigen daten checkt

dankesehr!
Seitenanfang Seitenende
20.10.2008, 00:33
Swisstreasure
Moderator

Beiträge: 5694
#5 Zuerst Frage ich mich, wieso du dann soo lange ohne Antivirenprogramm gearbeitet hast. Das ist quasi fahrlässig.

Mach folgendes:

>>
Combofix entfernen:
Start - Ausführen - Kopiere rein: Combofix /U - klicke "OK"
(oder, wenn es nicht funktioniert: C:\QooBox löschen)

>>
Lade bitte SDfix, wende es im abgesicherten Modus an + poste hier den Report, der nach Neustart erscheint
http://virus-protect.org/artikel/tools/sdfix.html

>>
mache einen Onlinescan mit eset + poste den report
http://virus-protect.org/artikel/tools/eset-nod.html

>>
Arbeite Comlpetbat ab und poste die Logs (jedes Verzeichnisses):
http://virus-protect.org/completbat.html

>>
Dann installier dringend ein Antivirusprogramm: z.B Avira
http://virus-protect.org/virenscanner.html

Gruss Swiss
Seitenanfang Seitenende
21.10.2008, 21:16
whycan
Member

Themenstarter

Beiträge: 39
#6 SDFix: Version 1.236
Run by WEIKEN on 21.10.2008 at 20:27

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\Dokumente und Einstellungen\WEIKEN\Desktop\SDFix\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-21 20:48:27
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\\Programme\\Bonjour\\mDNSResponder.exe"="C:\\Programme\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programme\\Windows Live\\Messenger\\livecall.exe"="C:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Programme\\iTunes\\iTunes.exe"="C:\\Programme\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Programme\\Skype\\Phone\\Skype.exe"="C:\\Programme\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programme\\Windows Live\\Messenger\\livecall.exe"="C:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :



Files with Hidden Attributes :

Tue 16 May 2006 0 A.SH. --- "C:\!KillBox\wupdmgr.tmp"
Fri 6 Jun 2003 77,824 A..H. --- "C:\Works\PIP\launcher.exe"
Wed 4 Aug 2004 4,348 ..SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\DRMv1.bak"
Sun 10 Apr 2005 401 ..SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\DRMv14.bak"
Thu 26 Aug 2004 400 ..SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\v2ks.bla.bak"
Thu 26 Aug 2004 48 ..SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\v2ks.sec.bak"
Thu 26 Aug 2004 400 ..SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\v3ks.bla.bak"
Wed 29 Nov 2006 0 A.SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\Cache\Indiv02.tmp"
Mon 13 Nov 2006 319,456 A..H. --- "C:\Programme\Gemeinsame Dateien\Motorola Shared\MotPCSDrivers\difxapi.dll"
Fri 18 Jan 2008 400 A..H. --- "C:\Programme\Gemeinsame Dateien\Symantec Shared\COH\COH32LU.reg"
Fri 18 Jan 2008 403 A..H. --- "C:\Programme\Gemeinsame Dateien\Symantec Shared\COH\COHDLU.reg"
Tue 1 Feb 2005 1,740 A..HR --- "C:\Programme\Gemeinsame Dateien\Symantec Shared\Registry Backup\ccReg.reg"
Tue 1 Feb 2005 274,702 A..HR --- "C:\Programme\Gemeinsame Dateien\Symantec Shared\Registry Backup\CommonClient.reg"
Tue 1 Feb 2005 156,022 A..HR --- "C:\Programme\Gemeinsame Dateien\Symantec Shared\Registry Backup\IAM.reg"
Wed 23 May 2007 4,083 ...HR --- "C:\WINDOWS\system32\drivers\etc\Hosts.bak"
Mon 6 Dec 2004 51,200 ...H. --- "C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\Microsoft\Word\~WRL0384.tmp"
Mon 7 Mar 2005 77,824 ...H. --- "C:\Dokumente und Einstellungen\WEIKEN\Anwendungsdaten\Microsoft\Word\~WRL2425.tmp"
Thu 26 Aug 2004 488 A.SH. --- "C:\Dokumente und Einstellungen\WEIKEN\Eigene Dateien\Eigene Musik\Lizenzsicherung\drmv2key.bak"
Thu 24 Aug 2006 705,024 A..H. --- "C:\Dokumente und Einstellungen\WEIKEN\Eigene Dateien\USB STICK\broadway connection\bis 2006_2007\~WRL0738.tmp"

Finished!
Seitenanfang Seitenende
22.10.2008, 14:29
Swisstreasure
Moderator

Beiträge: 5694
#7 Und der Rest:

Zitat

>>
mache einen Onlinescan mit eset + poste den report
http://virus-protect.org/artikel/tools/eset-nod.html

>>
Arbeite Comlpetbat ab und poste die Logs (jedes Verzeichnisses):
http://virus-protect.org/completbat.html

>>
Dann installier dringend ein Antivirusprogramm: z.B Avira
http://virus-protect.org/virenscanner.html
Gruss Swiss
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
  • »
  • »
  • »
  • »
  • » Tipp:
Seite(n): 1