Home » Spyware & Browser Hijacker Support Forum » verdacht auf malware » Themenansicht

verdacht auf malware
#0
11.01.2009, 01:22
wolverine26
Member

Beiträge: 135
#1 Hi


mein pc meldet beim runterfahren von windows xp ein fehler mit explorer.exe und da meine Internetverbindung auch etwas langsam ist hab ich den verdacht auf eine backdoor oder trojaner.Hier mal das log von combofix-->


ComboFix 09-01-10.01 - Administrator 2009-01-11 0:53:11.3 - NTFSx86
ausgeführt von:: c:\dokumente und einstellungen\Administrator\Desktop\ComboFix.exe
* Resident AV is active

.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\java2.sys c:\windows\system32\snjava.dll
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ISODRIVE
-------\Service_ISODrive


((((((((((((((((((((((( Dateien erstellt von 2008-12-11 bis 2009-01-11 ))))))))))))))))))))))))))))))
.

2009-01-09 22:18 . 2009-01-09 22:18 237 --a------ c:\windows\RomeTW.ini
2009-01-09 22:02 . 2009-01-09 22:02 <DIR> d-------- c:\programme\Activision
2009-01-08 13:44 . 2009-01-08 13:44 <DIR> d-------- c:\programme\UltraISO
2009-01-08 13:44 . 2009-01-08 13:44 <DIR> d-------- c:\programme\Gemeinsame Dateien\EZB Systems
2009-01-08 13:35 . 2009-01-08 13:35 <DIR> d-------- c:\programme\Alcohol Soft
2009-01-08 13:31 . 2009-01-08 13:31 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-01-06 20:40 . 2008-04-13 20:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2009-01-06 20:40 . 2008-04-13 20:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2009-01-06 20:40 . 2008-04-14 04:22 21,504 --a------ c:\windows\system32\hidserv.dll
2009-01-06 20:40 . 2008-04-14 04:22 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll
2009-01-03 12:31 . 2009-01-03 12:31 <DIR> d-------- c:\programme\Spyware Doctor
2009-01-03 12:31 . 2009-01-03 12:31 <DIR> d-------- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\PC Tools
2009-01-03 12:31 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2009-01-03 12:31 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2009-01-03 12:31 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys
2009-01-03 12:31 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2009-01-01 01:43 . 2009-01-01 01:43 <DIR> d-------- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\PeaZip
2008-12-30 21:58 . 2008-12-30 21:58 <DIR> d-------- c:\programme\Lavasoft
2008-12-30 21:58 . 2008-12-30 21:58 <DIR> d-------- c:\programme\Gemeinsame Dateien\Wise Installation Wizard
2008-12-30 01:42 . 2008-08-21 10:05 625,144 --a------ c:\windows\system32\ikmapi.dll
2008-12-30 01:42 . 2008-08-21 10:05 113,144 --a------ c:\windows\system32\ikproc.dll
2008-12-30 01:04 . 2008-12-30 01:04 <DIR> d-------- c:\programme\Ikarus
2008-12-28 23:01 . 2008-12-28 23:01 <DIR> d-------- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\DivX
2008-12-21 00:14 . 2008-12-21 00:14 <DIR> d-------- c:\programme\Security Task Manager
2008-12-21 00:14 . 2008-12-21 00:16 <DIR> d-------- c:\dokumente und einstellungen\All Users\Anwendungsdaten\SecTaskMan

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-09 21:31 --------- d--h--w c:\programme\InstallShield Installation Information
2009-01-09 21:31 --------- d-----w c:\dokumente und einstellungen\Administrator\Anwendungsdaten\OpenOffice.org2
2009-01-09 21:02 --------- d-----w c:\programme\Gemeinsame Dateien\InstallShield
2009-01-09 11:43 --------- d-----w c:\programme\a-squared Anti-Malware
2009-01-08 12:37 --------- d-----w c:\programme\Gemeinsame Dateien\Blizzard Entertainment
2009-01-04 23:31 --------- d---a-w c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
2009-01-04 16:00 --------- d-----w c:\programme\KaLoMa
2008-12-26 20:40 --------- d-----w c:\programme\DivX
2008-12-19 15:58 --------- d-----w c:\programme\Malwarebytes' Anti-Malware
2008-12-14 15:22 --------- d-----w c:\programme\QIP
2008-12-09 20:40 --------- d-----w c:\dokumente und einstellungen\Administrator\Anwendungsdaten\QIP
2008-12-09 20:39 --------- d-----w c:\programme\QIP Infium psYNovA-Edition
2008-12-09 01:25 --------- d-----w c:\programme\Java
2008-12-03 18:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 18:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-11-22 00:53 --------- d-----w c:\programme\WebWasher
2008-11-21 21:47 9,464 ------w c:\windows\system32\drivers\cdralw2k.sys
2008-11-21 21:47 9,336 ------w c:\windows\system32\drivers\cdr4_xp.sys
2008-11-21 21:47 43,528 ------w c:\windows\system32\drivers\PxHelp20.sys
2008-11-21 15:39 --------- d-----w c:\programme\iTunes
2008-11-21 15:39 --------- d-----w c:\programme\iPod
2008-11-21 15:39 --------- d-----w c:\programme\Gemeinsame Dateien\Apple
2008-11-21 15:39 --------- d-----w c:\dokumente und einstellungen\All Users\Anwendungsdaten\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-21 15:37 --------- d-----w c:\programme\QuickTime
2008-11-14 15:30 --------- d-----w c:\programme\Safari
2008-11-11 01:21 --------- d-----w c:\programme\NetObjects
2008-04-26 20:50 32 ----a-w c:\dokumente und einstellungen\All Users\Anwendungsdaten\ezsid.dat
2008-04-19 12:23 2 --shatr c:\windows\winstart.bat
2008-09-21 10:59 16,384 --sha-w c:\windows\system32\config\systemprofile\Cookies\index.dat
2008-09-21 10:59 32,768 --sha-w c:\windows\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat
2008-09-21 10:59 32,768 --sha-w c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat
2008-09-21 10:59 32,768 --sha-w c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\MSHist012008092120080922\index.dat
2008-07-02 00:37 12,251,936 --sha-w c:\windows\system32\drivers\fidbox.dat
.

((((((((((((((((((((((((((((( snapshot_2008-10-24_13.55.54.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-15 15:18:58 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:14 18,808 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:37:08 765,304 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-09-10 01:11:32 1,379,840 ----a-w c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll
+ 2007-11-30 12:39:14 18,808 ----a-w c:\windows\$hf_mig$\KB954459\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w c:\windows\$hf_mig$\KB954459\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w c:\windows\$hf_mig$\KB954459\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w c:\windows\$hf_mig$\KB954459\update\updspapi.dll
+ 2008-09-04 17:10:27 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll
+ 2007-11-30 11:18:34 18,808 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe
+ 2008-07-09 12:07:18 388,984 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-08-26 09:08:36 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:08:37 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:08:37 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:08:37 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:08:37 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:08:37 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:08:37 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:08:37 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:08:37 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 16:21:48 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:08:40 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:08:40 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:08:41 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:08:42 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:08:42 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:08:44 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:08:44 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:08:44 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:08:45 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:08:45 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:08:45 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:08:45 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:08:45 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:08:45 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:08:45 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:14:12 15,584 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:14 18,808 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:14 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:14 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:15 388,984 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:18:34 18,808 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:18:35 388,984 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:52:09 2,147,840 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 18:22:14 2,068,352 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:52:09 2,026,496 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 18:22:14 2,191,488 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:18:34 18,808 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:14 765,304 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:37:16 388,984 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:18:34 18,808 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:18:35 388,984 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
+ 2008-07-08 13:00:44 18,808 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll
+ 2008-07-08 13:00:44 234,872 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe
+ 2008-07-08 13:00:44 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll
+ 2008-07-08 13:00:47 765,304 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe
+ 2008-07-08 13:00:56 388,984 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll
+ 2008-10-15 16:26:12 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll
+ 2007-11-30 11:18:34 18,808 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll
+ 2007-11-30 11:18:34 234,872 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe
+ 2007-11-30 11:18:34 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll
+ 2007-11-30 11:18:35 765,304 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe
+ 2007-11-30 11:18:35 388,984 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll
+ 2006-10-18 20:47:16 414,208 -c----w c:\windows\$NtUninstallKB929399$\msscp.dll
+ 2005-06-28 09:23:26 213,216 -c----w c:\windows\$NtUninstallKB929399$\spuninst\spuninst.exe
+ 2005-06-28 09:23:54 371,424 -c----w c:\windows\$NtUninstallKB929399$\spuninst\updspapi.dll
+ 2005-06-28 09:23:44 217,312 -c----w c:\windows\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe
+ 2005-06-28 09:23:54 371,424 -c----w c:\windows\$NtUninstallKB936782_WMP11$\spuninst\updspapi.dll
+ 2006-10-18 20:47:20 10,834,432 -c----w c:\windows\$NtUninstallKB936782_WMP11$\wmp.dll
+ 2005-06-28 09:23:44 217,312 -c----w c:\windows\$NtUninstallKB939683$\spuninst\spuninst.exe
+ 2005-06-28 09:23:54 371,424 -c----w c:\windows\$NtUninstallKB939683$\spuninst\updspapi.dll
+ 2006-11-03 08:55:48 316,928 -c----w c:\windows\$NtUninstallKB939683$\unregmp2.exe
+ 2007-07-27 07:16:50 234,872 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe
+ 2007-07-27 09:41:48 382,840 -c----w c:\windows\$NtUninstallKB954154_WM11$\spuninst\updspapi.dll
+ 2006-10-18 20:47:20 295,936 -c----w c:\windows\$NtUninstallKB954154_WM11$\wmpeffects.dll
+ 2007-11-30 12:39:14 234,872 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll
+ 2008-04-14 01:53:16 1,845,760 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2008-04-14 02:22:18 1,306,624 -c----w c:\windows\$NtUninstallKB954459$\msxml6.dll
+ 2007-11-30 12:39:14 234,872 -c----w c:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w c:\windows\$NtUninstallKB954459$\spuninst\updspapi.dll
+ 2008-04-14 02:22:18 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-11-30 11:18:34 234,872 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe
+ 2008-07-09 12:07:18 388,984 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll
+ 2007-11-30 12:39:14 234,872 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:15 388,984 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-06-20 11:40:08 138,496 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:18:34 234,872 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2007-11-30 11:18:35 388,984 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll
+ 2008-04-14 02:00:00 2,068,224 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2008-04-14 02:00:24 2,191,360 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:18:34 234,872 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe
+ 2008-07-09 07:37:16 388,984 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll
+ 2007-11-30 11:18:34 234,872 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe
+ 2007-11-30 11:18:35 388,984 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll
+ 2008-04-13 19:15:11 334,848 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
+ 2008-04-13 19:17:01 456,576 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2008-07-08 13:00:44 234,872 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe
+ 2008-07-08 13:00:56 388,984 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll
+ 2008-04-14 02:22:19 337,408 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
+ 2007-11-30 11:18:34 234,872 -c----w c:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe
+ 2007-11-30 11:18:35 388,984 -c----w c:\windows\$NtUninstallKB958644$\spuninst\updspapi.dll
+ 2006-09-25 16:58:48 221,488 -c----w c:\windows\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
+ 2006-09-25 16:58:48 379,184 -c----w c:\windows\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
+ 2005-01-28 13:23:20 486,400 -c----w c:\windows\$NtUninstallWMFDist11$\audiodev.dll
+ 2005-01-28 06:53:28 294,912 -c----w c:\windows\$NtUninstallWMFDist11$\blackbox.dll
+ 2005-01-28 06:53:20 164,864 -c----w c:\windows\$NtUninstallWMFDist11$\cewmdm.dll
+ 2005-01-28 06:53:38 502,272 -c----w c:\windows\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2005-01-28 06:53:16 6,656 -c----w c:\windows\$NtUninstallWMFDist11$\laprxy.dll
+ 2005-01-27 23:21:46 96,768 -c----w c:\windows\$NtUninstallWMFDist11$\logagent.exe
+ 2004-08-03 22:57:26 310,272 -c----w c:\windows\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2004-08-03 22:57:26 384,512 -c----w c:\windows\$NtUninstallWMFDist11$\mp4sdmod.dll
+ 2008-04-14 02:22:15 240,640 -c----w c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2005-01-28 06:53:22 142,336 -c----w c:\windows\$NtUninstallWMFDist11$\msnetobj.dll
+ 2005-01-28 06:53:20 25,088 -c----w c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
+ 2005-01-28 06:53:20 173,568 -c----w c:\windows\$NtUninstallWMFDist11$\mspmsp.dll
+ 2005-01-28 11:32:44 364,784 -c----w c:\windows\$NtUninstallWMFDist11$\msscp.dll
+ 2005-01-28 13:23:20 316,416 -c----w c:\windows\$NtUninstallWMFDist11$\mswmdm.dll
+ 2005-01-28 06:53:22 221,184 -c----w c:\windows\$NtUninstallWMFDist11$\qasf.dll
+ 2006-05-16 17:11:54 213,216 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2006-05-16 17:11:54 371,424 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\updspapi.dll
+ 2006-11-02 10:46:52 13,312 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
+ 2005-01-27 23:36:04 47,104 -c----w c:\windows\$NtUninstallWMFDist11$\uwdf.exe
+ 2005-01-27 23:35:58 15,872 -c----w c:\windows\$NtUninstallWMFDist11$\wdfapi.dll
+ 2005-01-27 23:36:00 38,912 -c----w c:\windows\$NtUninstallWMFDist11$\wdfmgr.exe
+ 2005-01-28 11:32:44 396,528 -c----w c:\windows\$NtUninstallWMFDist11$\wmadmod.dll
+ 2005-01-28 06:53:18 716,288 -c----w c:\windows\$NtUninstallWMFDist11$\wmadmoe.dll
+ 2005-01-28 06:53:16 224,768 -c----w c:\windows\$NtUninstallWMFDist11$\wmasf.dll
+ 2005-01-28 06:53:20 28,160 -c----w c:\windows\$NtUninstallWMFDist11$\wmdmlog.dll
+ 2005-01-28 06:53:20 33,792 -c----w c:\windows\$NtUninstallWMFDist11$\wmdmps.dll
+ 2005-01-28 06:53:50 335,872 -c----w c:\windows\$NtUninstallWMFDist11$\wmdrmdev.dll
+ 2005-01-28 06:53:54 290,816 -c----w c:\windows\$NtUninstallWMFDist11$\wmdrmnet.dll
+ 2005-01-28 06:53:16 150,016 -c----w c:\windows\$NtUninstallWMFDist11$\wmidx.dll
+ 2005-01-28 06:53:16 1,027,072 -c----w c:\windows\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2005-01-28 11:32:56 774,904 -c----w c:\windows\$NtUninstallWMFDist11$\wmsdmod.dll
+ 2005-01-28 06:53:18 1,119,744 -c----w c:\windows\$NtUninstallWMFDist11$\wmsdmoe2.dll
+ 2005-01-28 13:23:20 827,392 -c----w c:\windows\$NtUninstallWMFDist11$\wmsetsdk.exe
+ 2005-01-28 11:32:44 413,944 -c----w c:\windows\$NtUninstallWMFDist11$\wmspdmod.dll
+ 2005-01-28 06:53:18 940,544 -c----w c:\windows\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2005-01-28 11:32:56 1,218,808 -c----w c:\windows\$NtUninstallWMFDist11$\wmvadvd.dll
+ 2005-01-28 06:53:20 1,512,448 -c----w c:\windows\$NtUninstallWMFDist11$\wmvadve.dll
+ 2005-01-28 11:32:58 2,370,296 -c----w c:\windows\$NtUninstallWMFDist11$\wmvcore.dll
+ 2005-01-28 11:32:58 895,736 -c----w c:\windows\$NtUninstallWMFDist11$\wmvdmod.dll
+ 2005-01-28 06:53:18 1,003,008 -c----w c:\windows\$NtUninstallWMFDist11$\wmvdmoe2.dll
+ 2005-01-27 23:36:28 38,912 -c----w c:\windows\$NtUninstallWMFDist11$\wpd_ci.dll
+ 2005-01-27 23:36:20 61,952 -c----w c:\windows\$NtUninstallWMFDist11$\wpdconns.dll
+ 2005-01-27 23:36:24 114,176 -c----w c:\windows\$NtUninstallWMFDist11$\wpdmtp.dll
+ 2005-01-27 23:36:22 66,560 -c----w c:\windows\$NtUninstallWMFDist11$\wpdmtpus.dll
+ 2005-01-27 23:36:28 331,264 -c----w c:\windows\$NtUninstallWMFDist11$\wpdsp.dll
+ 2005-01-27 23:36:24 18,944 -c----w c:\windows\$NtUninstallWMFDist11$\wpdusb.sys
+ 2005-01-28 13:23:32 9,216 -c----w c:\windows\$NtUninstallwmp11$\asferror.dll
+ 2005-01-28 13:23:20 352,256 -c----w c:\windows\$NtUninstallwmp11$\mpvis.dll
+ 2005-01-28 13:23:20 827,392 -c----w c:\windows\$NtUninstallwmp11$\setup_wm.exe
+ 2006-05-16 17:11:54 213,216 -c----w c:\windows\$NtUninstallwmp11$\spuninst\spuninst.exe
+ 2006-05-16 17:11:54 377,568 -c----w c:\windows\$NtUninstallwmp11$\spuninst\updspapi.dll
+ 2005-01-28 13:23:20 196,608 -c----w c:\windows\$NtUninstallwmp11$\unregmp2.exe
+ 2005-01-28 13:23:32 228,352 -c----w c:\windows\$NtUninstallwmp11$\wmerror.dll
+ 2005-01-27 23:26:30 122,880 -c----w c:\windows\$NtUninstallwmp11$\wmlaunch.exe
+ 2005-01-28 06:53:16 5,525,504 -c----w c:\windows\$NtUninstallwmp11$\wmp.dll
+ 2005-01-28 06:53:20 135,168 -c----w c:\windows\$NtUninstallwmp11$\wmpasf.dll
+ 2005-01-28 13:23:20 77,824 -c----w c:\windows\$NtUninstallwmp11$\wmpband.dll
+ 2005-01-28 06:53:20 282,624 -c----w c:\windows\$NtUninstallwmp11$\wmpdxm.dll
+ 2005-01-27 23:26:30 28,672 -c----w c:\windows\$NtUninstallwmp11$\wmpenc.exe
+ 2005-01-28 06:53:18 1,594,880 -c----w c:\windows\$NtUninstallwmp11$\wmpencen.dll
+ 2005-01-28 13:23:20 73,728 -c----w c:\windows\$NtUninstallwmp11$\wmplayer.exe
+ 2005-01-28 13:23:22 3,407,872 -c----w c:\windows\$NtUninstallwmp11$\wmploc.dll
+ 2005-01-28 13:23:26 86,016 -c----w c:\windows\$NtUninstallwmp11$\wmpshell.dll
+ 2005-01-28 06:53:18 175,104 -c----w c:\windows\$NtUninstallwmp11$\wmpsrcwp.dll
+ 2006-09-16 00:05:22 221,488 -c----w c:\windows\$NtUninstallWudf01000$\spuninst\spuninst.exe
+ 2006-09-16 00:05:22 379,184 -c----w c:\windows\$NtUninstallWudf01000$\spuninst\updspapi.dll
+ 2006-09-28 18:01:52 58,368 -c----w c:\windows\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-08-14 13:19:42 2,147,840 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:19:48 2,068,352 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:19:43 2,026,496 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:19:48 2,191,488 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
- 2000-08-31 06:00:00 89,504 ----a-w c:\windows\fdsv.exe
+ 2000-08-31 07:00:00 89,504 ----a-w c:\windows\fdsv.exe
- 2000-08-31 06:00:00 80,412 ----a-w c:\windows\grep.exe
+ 2000-08-31 07:00:00 80,412 ----a-w c:\windows\grep.exe
+ 2008-06-23 16:14:39 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:14:40 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:14:40 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:14:40 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:14:40 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:20:01 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:14:40 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:14:40 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:14:40 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:14:40 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:14:41 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:14:41 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:14:42 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:20:25 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:14:42 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:14:42 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:14:42 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 08:14:44 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:14:44 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:14:44 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:14:44 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:14:44 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:14:44 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:14:17 217,312 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:14:44 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:14:44 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:14:44 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:14:45 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
- 2005-01-28 13:23:20 196,608 ----a-w c:\windows\inf\unregmp2.exe
+ 2007-06-29 11:02:06 318,464 ----a-w c:\windows\inf\unregmp2.exe
+ 2008-11-21 15:39:49 102,400 ----a-r c:\windows\Installer\{318AB667-3230-41B5-A617-CB3BF748D371}\iTunesIco.exe
+ 2008-11-14 15:30:56 307,200 ----a-r c:\windows\Installer\{34F85A4D-03CC-428A-80A4-880228646518}\SafariIco.exe
+ 2009-01-09 21:31:00 10,134 ----a-r c:\windows\Installer\{4089999C-6CB7-4F9D-A2F6-DB158DBF91FB}\ARPPRODUCTICON.exe
+ 2008-12-09 14:44:03 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2009-01-09 21:18:16 10,134 ----a-r c:\windows\Installer\{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}\ARPPRODUCTICON.exe
+ 2008-11-03 13:48:24 689,456 ----a-r c:\windows\Installer\{FE57DE70-95DE-4B64-9266-84DA811053DB}\HPSUShortcut_BB85ED9CAFC943BDB8DC258C3C7DF72E.exe
- 2000-08-31 06:00:00 28,672 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe
- 2000-08-31 06:00:00 98,816 ----a-w c:\windows\sed.exe
+ 2000-08-31 07:00:00 98,816 ----a-w c:\windows\sed.exe
- 2000-08-31 06:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe
- 2000-08-31 06:00:00 136,704 ----a-w c:\windows\SWSC.exe
+ 2000-08-31 07:00:00 136,704 ----a-w c:\windows\SWSC.exe
- 2000-08-31 06:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe
+ 2000-08-31 07:00:00 212,480 ----a-w c:\windows\SWXCACLS.exe
- 2008-06-23 16:14:39 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-08-26 07:57:14 124,928 ----a-w c:\windows\system32\advpack.dll
- 2005-01-28 13:23:32 9,216 ----a-w c:\windows\system32\asferror.dll
+ 2006-11-03 08:54:08 8,192 ----a-w c:\windows\system32\asferror.dll
- 2005-01-28 13:23:20 486,400 ----a-w c:\windows\system32\Audiodev.dll
+ 2006-10-18 20:47:08 276,992 ----a-w c:\windows\system32\audiodev.dll
- 2005-01-28 06:53:28 294,912 ----a-w c:\windows\system32\blackbox.dll
+ 2006-10-18 20:47:10 542,720 ----a-w c:\windows\system32\blackbox.dll
- 2008-07-18 20:10:48 94,920 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
- 2005-01-28 06:53:20 164,864 ----a-w c:\windows\system32\cewmdm.dll
+ 2006-10-18 20:47:10 229,376 ----a-w c:\windows\system32\cewmdm.dll
+ 2008-12-09 01:25:27 410,984 ----a-w c:\windows\system32\deploytk.dll
+ 2008-11-21 21:45:06 684,032 ----a-w c:\windows\system32\DivX.dll
+ 2008-11-21 21:45:08 823,296 ----a-w c:\windows\system32\divx_xx07.dll
+ 2008-11-21 21:45:08 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
+ 2008-11-21 21:45:08 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
+ 2008-11-21 21:45:08 802,816 ----a-w c:\windows\system32\divx_xx11.dll
+ 2008-11-21 21:44:38 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
+ 2008-11-21 21:47:56 524,288 ----a-w c:\windows\system32\DivXsm.exe
+ 2008-11-21 21:44:16 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
- 2008-06-23 16:14:39 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2008-08-26 07:57:14 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2008-06-20 11:40:08 138,496 -c----w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 10:04:36 138,496 -c----w c:\windows\system32\dllcache\afd.sys
- 2005-01-28 13:23:32 9,216 -c--a-w c:\windows\system32\dllcache\asferror.dll
+ 2006-11-03 08:54:08 8,192 -c--a-w c:\windows\system32\dllcache\asferror.dll
- 2005-01-28 06:53:28 294,912 -c--a-w c:\windows\system32\dllcache\blackbox.dll
+ 2006-10-18 20:47:10 542,720 -c--a-w c:\windows\system32\dllcache\blackbox.dll
- 2008-07-18 20:10:48 94,920 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 13:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll
- 2005-01-28 06:53:20 164,864 -c--a-w c:\windows\system32\dllcache\cewmdm.dll
+ 2006-10-18 20:47:10 229,376 -c--a-w c:\windows\system32\dllcache\cewmdm.dll
- 2005-01-28 06:53:38 502,272 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll
+ 2006-10-18 20:47:10 991,744 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll
- 2008-06-23 16:14:40 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:57:15 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-06-23 16:14:40 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-26 07:57:15 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
- 2008-06-23 16:14:40 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-26 07:57:15 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
- 2008-06-23 16:14:40 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-08-26 07:57:15 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-06-23 09:20:01 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-25 08:37:31 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-06-23 16:14:40 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-26 07:57:15 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2008-06-23 16:14:40 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:57:15 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2008-06-21 05:23:54 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
- 2008-06-23 16:14:40 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-26 07:57:15 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-06-23 16:14:40 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-26 07:57:15 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-06-23 16:14:41 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-03 16:58:14 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-06-23 16:14:41 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-26 07:57:18 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2008-06-23 16:14:42 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-26 07:57:18 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-06-23 09:20:26 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-06-23 09:20:25 625,664 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2008-06-23 16:14:42 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-26 07:57:18 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2005-01-28 06:53:16 6,656 -c--a-w c:\windows\system32\dllcache\laprxy.dll
+ 2006-10-18 20:47:14 11,264 -c--a-w c:\windows\system32\dllcache\LAPRXY.dll
- 2005-01-27 23:21:46 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2006-10-18 19:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2004-08-03 22:57:26 310,272 -c--a-w c:\windows\system32\dllcache\mp43dmod.dll
+ 2006-10-18 20:47:14 4,096 -c--a-w c:\windows\system32\dllcache\MP43DMOD.dll
- 2004-08-03 22:57:26 384,512 -c--a-w c:\windows\system32\dllcache\mp4sdmod.dll
+ 2006-10-18 20:47:14 4,096 -c--a-w c:\windows\system32\dllcache\MP4SDMOD.dll
- 2008-04-14 02:22:15 240,640 -c--a-w c:\windows\system32\dllcache\mpg4dmod.dll
+ 2006-10-18 20:47:14 4,096 -c--a-w c:\windows\system32\dllcache\MPG4DMOD.dll
- 2005-01-28 13:23:20 352,256 -c--a-w c:\windows\system32\dllcache\mpvis.dll
+ 2006-11-03 08:54:20 243,712 -c--a-w c:\windows\system32\dllcache\mpvis.dll
+ 2008-10-24 11:21:09 455,296 -c----w c:\windows\system32\dllcache\mrxsmb.sys
- 2008-06-23 16:14:42 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-26 07:57:19 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-06-23 16:14:42 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-26 07:57:19 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-06-24 08:14:44 3,592,192 -c----w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-27 08:57:22 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll
- 2008-06-23 16:14:44 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-26 07:57:21 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2005-01-28 06:53:22 142,336 -c--a-w c:\windows\system32\dllcache\msnetobj.dll
+ 2006-10-18 20:47:16 179,712 -c--a-w c:\windows\system32\dllcache\msnetobj.dll
- 2005-01-28 06:53:20 25,088 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll
+ 2006-10-18 20:47:16 27,136 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll
- 2005-01-28 06:53:20 173,568 -c--a-w c:\windows\system32\dllcache\mspmsp.dll
+ 2006-10-18 20:47:16 175,616 -c--a-w c:\windows\system32\dllcache\mspmsp.dll
- 2008-06-23 16:14:44 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-26 07:57:21 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
- 2005-01-28 11:32:44 364,784 -c--a-w c:\windows\system32\dllcache\msscp.dll
+ 2006-12-04 15:21:50 414,720 -c--a-w c:\windows\system32\dllcache\msscp.dll
- 2008-06-23 16:14:44 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-26 07:57:21 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
- 2005-01-28 13:23:20 316,416 -c--a-w c:\windows\system32\dllcache\mswmdm.dll
+ 2006-10-18 20:47:16 321,536 -c--a-w c:\windows\system32\dllcache\mswmdm.dll
+ 2008-09-04 17:15:03 1,106,944 -c----w c:\windows\system32\dllcache\msxml3.dll
- 2008-04-14 02:22:18 1,306,624 -c----w c:\windows\system32\dllcache\msxml6.dll
+ 2008-09-10 01:13:38 1,307,648 -c----w c:\windows\system32\dllcache\msxml6.dll
+ 2008-10-15 16:35:02 337,408 -c----w c:\windows\system32\dllcache\netapi32.dll
+ 2008-08-14 13:19:42 2,147,840 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 13:19:48 2,068,352 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 13:19:43 2,026,496 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 13:19:48 2,191,488 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-06-23 16:14:44 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2008-08-26 07:57:21 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2008-06-23 16:14:44 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-26 07:57:21 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
- 2005-01-28 06:53:22 221,184 -c--a-w c:\windows\system32\dllcache\qasf.dll
+ 2006-10-18 20:47:18 211,456 -c--a-w c:\windows\system32\dllcache\qasf.dll
- 2005-01-28 13:23:20 827,392 -c--a-w c:\windows\system32\dllcache\setup_wm.exe
+ 2006-11-03 09:02:20 1,678,848 -c--a-w c:\windows\system32\dllcache\setup_wm.exe
+ 2008-09-08 10:41:42 333,824 -c----w c:\windows\system32\dllcache\srv.sys
- 2005-01-28 13:23:20 196,608 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
+ 2007-06-29 11:02:06 318,464 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
- 2008-06-23 16:14:44 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2008-08-26 07:57:21 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-06-23 16:14:44 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-26 07:57:22 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll
- 2008-06-23 16:14:44 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-26 07:57:22 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-09-15 15:24:02 1,846,528 -c----w c:\windows\system32\dllcache\win32k.sys
- 2008-06-23 16:14:45 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-26 07:57:22 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
- 2005-01-28 11:32:44 396,528 -c--a-w c:\windows\system32\dllcache\wmadmod.dll
+ 2006-10-18 20:47:18 757,248 -c--a-w c:\windows\system32\dllcache\WMADMOD.dll
- 2005-01-28 06:53:18 716,288 -c--a-w c:\windows\system32\dllcache\wmadmoe.dll
+ 2006-10-18 20:47:18 1,117,696 -c--a-w c:\windows\system32\dllcache\WMADMOE.dll
- 2005-01-28 06:53:16 224,768 -c--a-w c:\windows\system32\dllcache\wmasf.dll
+ 2007-10-25 08:28:30 222,720 -c--a-w c:\windows\system32\dllcache\wmasf.dll
- 2005-01-28 06:53:20 28,160 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll
+ 2006-10-18 20:47:18 33,792 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll
- 2005-01-28 06:53:20 33,792 -c--a-w c:\windows\system32\dllcache\wmdmps.dll
+ 2006-10-18 20:47:18 37,376 -c--a-w c:\windows\system32\dllcache\wmdmps.dll
- 2005-01-28 13:23:32 228,352 -c--a-w c:\windows\system32\dllcache\wmerror.dll
+ 2006-11-03 08:55:54 275,968 -c--a-w c:\windows\system32\dllcache\wmerror.dll
- 2005-01-28 06:53:16 150,016 -c--a-w c:\windows\system32\dllcache\wmidx.dll
+ 2006-10-18 20:47:20 157,184 -c--a-w c:\windows\system32\dllcache\wmidx.dll
- 2005-01-28 06:53:16 1,027,072 -c--a-w c:\windows\system32\dllcache\wmnetmgr.dll
+ 2006-10-18 20:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll
- 2005-01-28 06:53:16 5,525,504 -c--a-w c:\windows\system32\dllcache\wmp.dll
+ 2007-06-11 22:51:12 10,834,944 -c--a-w c:\windows\system32\dllcache\wmp.dll
- 2005-01-28 06:53:20 135,168 -c--a-w c:\windows\system32\dllcache\wmpasf.dll
+ 2006-10-18 20:47:20 242,688 -c--a-w c:\windows\system32\dllcache\wmpasf.dll
- 2005-01-28 13:23:20 77,824 -c--a-w c:\windows\system32\dllcache\wmpband.dll
+ 2006-11-03 08:56:02 96,256 -c--a-w c:\windows\system32\dllcache\wmpband.dll
- 2005-01-28 06:53:20 282,624 -c--a-w c:\windows\system32\dllcache\wmpdxm.dll
+ 2006-10-18 20:47:20 314,880 -c--a-w c:\windows\system32\dllcache\wmpdxm.dll
- 2005-01-28 13:23:20 73,728 -c--a-w c:\windows\system32\dllcache\wmplayer.exe
+ 2006-11-03 08:56:14 64,000 -c--a-w c:\windows\system32\dllcache\wmplayer.exe
- 2005-01-28 13:23:22 3,407,872 -c--a-w c:\windows\system32\dllcache\wmploc.dll
+ 2006-11-03 09:02:58 8,282,112 -c--a-w c:\windows\system32\dllcache\wmploc.dll
- 2005-01-28 13:23:26 86,016 -c--a-w c:\windows\system32\dllcache\wmpshell.dll
+ 2006-11-03 08:56:20 99,840 -c--a-w c:\windows\system32\dllcache\wmpshell.dll
- 2005-01-28 11:32:56 774,904 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll
- 2005-01-28 06:53:18 1,119,744 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll
- 2005-01-28 11:32:44 413,944 -c--a-w c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-10-18 20:47:22 603,648 -c--a-w c:\windows\system32\dllcache\WMSPDMOD.dll
- 2005-01-28 06:53:18 940,544 -c--a-w c:\windows\system32\dllcache\wmspdmoe.dll
+ 2006-10-18 20:47:22 1,329,152 -c--a-w c:\windows\system32\dllcache\WMSPDMOE.dll
- 2005-01-28 11:32:58 2,370,296 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2006-10-18 20:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
- 2005-01-28 11:32:58 895,736 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll
- 2005-01-28 06:53:18 1,003,008 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll
- 2008-07-18 20:09:44 563,912 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 13:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll
- 2008-07-18 20:10:42 53,448 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2008-07-18 20:09:42 1,811,656 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2008-07-18 20:09:46 325,832 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 13:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll
- 2008-07-18 20:10:20 36,552 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 13:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
- 2008-07-18 20:09:44 205,000 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 13:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-11-21 21:45:16 81,920 ----a-w c:\windows\system32\dpl100.dll
+ 2008-11-21 21:45:12 294,912 ----a-w c:\windows\system32\dpu10.dll
+ 2008-11-21 21:45:12 294,912 ----a-w c:\windows\system32\dpu11.dll
+ 2008-11-21 21:45:12 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
+ 2008-11-21 21:45:12 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
+ 2008-11-21 21:45:12 344,064 ----a-w c:\windows\system32\dpus11.dll
+ 2008-11-21 21:45:12 57,344 ----a-w c:\windows\system32\dpv11.dll
- 2008-06-20 11:40:08 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\system32\drivers\afd.sys
- 2007-07-11 11:37:26 6,272 ----a-w c:\windows\system32\drivers\AWRTPD.sys
+ 2008-04-29 09:19:50 12,960 ----a-w c:\windows\system32\drivers\Awrtpd.sys
- 2007-08-07 10:58:08 8,320 ----a-w c:\windows\system32\drivers\AWRTRD.sys
+ 2008-04-29 09:19:54 15,648 ----a-w c:\windows\system32\drivers\Awrtrd.sys
- 2008-04-13 19:17:01 456,576 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2007-08-07 10:56:58 9,344 ----a-w c:\windows\system32\drivers\NSDriver.sys
+ 2008-04-29 09:20:00 15,648 ----a-w c:\windows\system32\drivers\NSDriver.sys
- 2008-04-13 19:15:11 334,848 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\system32\drivers\srv.sys
- 2007-11-08 17:03:26 21,248 ----a-w c:\windows\system32\drivers\ssmdrv.sys
+ 2007-11-08 18:03:26 21,248 ----a-w c:\windows\system32\drivers\ssmdrv.sys
+ 2008-09-06 22:34:40 102,664 ----a-w c:\windows\system32\drivers\tmcomm.sys
+ 2006-10-18 20:47:22 671,232 ------w c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
- 2008-07-10 07:35:22 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
+ 2008-10-01 11:01:28 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
- 2005-01-27 23:36:24 18,944 ----a-w c:\windows\system32\drivers\wpdusb.sys
+ 2006-10-18 19:00:00 38,528 ----a-w c:\windows\system32\drivers\wpdusb.sys
+ 2006-09-28 17:55:50 77,568 ------w c:\windows\system32\drivers\WudfPf.sys
+ 2006-09-28 18:00:34 82,944 ------w c:\windows\system32\drivers\WudfRd.sys
+ 2006-10-18 19:00:46 249,856 ------w c:\windows\system32\drmupgds.exe
- 2005-01-28 06:53:38 502,272 ----a-w c:\windows\system32\drmv2clt.dll
+ 2006-10-18 20:47:10 991,744 ----a-w c:\windows\system32\drmv2clt.dll
+ 2008-11-21 21:45:16 196,608 ----a-w c:\windows\system32\dtu100.dll
- 2008-06-23 16:14:40 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-26 07:57:15 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-06-23 16:14:40 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-26 07:57:15 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-06-23 16:14:40 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-08-26 07:57:15 133,120 ------w c:\windows\system32\extmgr.dll
- 2008-09-21 10:58:41 109,400 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-10-27 12:39:10 109,400 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-06-23 16:14:40 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-08-26 07:57:15 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-06-23 09:20:01 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-08-25 08:37:31 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2008-06-23 16:14:40 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-08-26 07:57:15 153,088 ------w c:\windows\system32\ieakeng.dll
- 2008-06-23 16:14:40 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-08-26 07:57:15 230,400 ------w c:\windows\system32\ieaksie.dll
- 2008-06-21 05:23:54 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-08-23 05:54:51 161,792 ------w c:\windows\system32\ieakui.dll
- 2008-06-23 16:14:40 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-08-26 07:57:15 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-06-23 16:14:40 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-08-26 07:57:15 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2008-06-23 16:14:41 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-03 16:58:14 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-06-23 16:14:41 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-08-26 07:57:18 44,544 ------w c:\windows\system32\iernonce.dll
- 2008-06-23 16:14:42 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-08-26 07:57:18 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-06-23 09:20:26 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-06-15 14:14:52 49,152 ----a-w c:\windows\system32\INETWH32.DLL
- 2008-06-09 23:21:01 135,168 ----a-w c:\windows\system32\java.exe
+ 2008-12-09 01:25:27 144,792 ----a-w c:\windows\system32\java.exe
- 2008-06-09 23:21:04 135,168 ----a-w c:\windows\system32\javaw.exe
+ 2008-12-09 01:25:27 144,792 ----a-w c:\windows\system32\javaw.exe
- 2008-06-10 00:32:34 139,264 ----a-w c:\windows\system32\javaws.exe
+ 2008-12-09 01:25:27 148,888 ----a-w c:\windows\system32\javaws.exe
- 2008-06-23 16:14:42 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-08-26 07:57:18 27,648 ------w c:\windows\system32\jsproxy.dll
- 2005-01-28 06:53:16 6,656 ----a-w c:\windows\system32\laprxy.dll
+ 2006-10-18 20:47:14 11,264 ----a-w c:\windows\system32\LAPRXY.dll
- 2008-09-16 00:12:54 1,044,480 ----a-w c:\windows\system32\libdivx.dll
+ 2008-11-21 21:46:10 1,044,480 ----a-w c:\windows\system32\libdivx.dll
- 2005-01-27 23:21:46 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2006-10-18 19:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
- 2007-12-14 09:32:52 12,632 ----a-w c:\windows\system32\lsdelete.exe
+ 2008-05-16 09:58:04 12,632 ----a-w c:\windows\system32\lsdelete.exe
- 2008-10-23 01:48:29 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-11-28 11:53:16 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2006-10-18 20:47:14 212,992 ------w c:\windows\system32\MFPLAT.dll
+ 2006-10-18 20:47:14 259,072 ------w c:\windows\system32\MP43DECD.dll
- 2004-08-03 22:57:26 310,272 ----a-w c:\windows\system32\mp43dmod.dll
+ 2006-10-18 20:47:14 4,096 ----a-w c:\windows\system32\MP43DMOD.dll
+ 2006-10-18 20:47:14 317,440 ------w c:\windows\system32\MP4SDECD.dll
- 2004-08-03 22:57:26 384,512 ----a-w c:\windows\system32\mp4sdmod.dll
+ 2006-10-18 20:47:14 4,096 ----a-w c:\windows\system32\MP4SDMOD.dll
+ 2006-10-18 20:47:14 259,072 ------w c:\windows\system32\MPG4DECD.dll
- 2008-04-14 02:22:15 240,640 ----a-w c:\windows\system32\mpg4dmod.dll
+ 2006-10-18 20:47:14 4,096 ----a-w c:\windows\system32\MPG4DMOD.dll
- 2008-08-26 20:28:12 16,208,504 ----a-w c:\windows\system32\MRT.exe
+ 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe
+ 2006-10-02 14:28:42 312,128 ------w c:\windows\system32\msdelta.dll
- 2008-06-23 16:14:42 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-08-26 07:57:19 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-06-23 16:14:42 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-08-26 07:57:19 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-06-24 08:14:44 3,592,192 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-27 08:57:22 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-06-23 16:14:44 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-26 07:57:21 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2005-01-28 06:53:22 142,336 ----a-w c:\windows\system32\msnetobj.dll
+ 2006-10-18 20:47:16 179,712 ----a-w c:\windows\system32\msnetobj.dll
- 2005-01-28 06:53:20 25,088 ----a-w c:\windows\system32\MsPMSNSv.dll
+ 2006-10-18 20:47:16 27,136 ----a-w c:\windows\system32\mspmsnsv.dll
- 2005-01-28 06:53:20 173,568 ----a-w c:\windows\system32\MsPMSP.dll
+ 2006-10-18 20:47:16 175,616 ----a-w c:\windows\system32\mspmsp.dll
- 2008-06-23 16:14:44 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-08-26 07:57:21 193,024 ------w c:\windows\system32\msrating.dll
- 2005-01-28 11:32:44 364,784 ----a-w c:\windows\system32\MSSCP.dll
+ 2006-12-04 15:21:50 414,720 ----a-w c:\windows\system32\msscp.dll
- 2008-06-23 16:14:44 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-08-26 07:57:21 671,232 ------w c:\windows\system32\mstime.dll
- 2005-01-28 13:23:20 316,416 ----a-w c:\windows\system32\MSWMDM.dll
+ 2006-10-18 20:47:16 321,536 ----a-w c:\windows\system32\mswmdm.dll
- 2008-04-14 02:22:18 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:15:03 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 13:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2008-04-14 02:22:18 1,306,624 ------w c:\windows\system32\msxml6.dll
+ 2008-09-10 01:13:38 1,307,648 ------w c:\windows\system32\msxml6.dll
- 2008-07-18 20:07:34 270,880 ----a-w c:\windows\system32\mucltui.dll
+ 2008-10-16 13:06:48 268,648 ----a-w c:\windows\system32\mucltui.dll
- 2008-07-18 20:07:32 210,976 ----a-w c:\windows\system32\muweb.dll
+ 2008-10-16 13:06:48 208,744 ----a-w c:\windows\system32\muweb.dll
+ 2006-10-23 15:32:52 254,464 ----a-w c:\windows\system32\NCTAudioFile3.dll
+ 2006-10-23 15:33:30 46,592 ----a-w c:\windows\system32\NCTAudioFormatSettings3.dll
- 2008-04-14 02:22:19 337,408 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:35:02 337,408 ----a-w c:\windows\system32\netapi32.dll
+ 2008-06-15 14:14:52 28,672 ----a-w c:\windows\system32\nnr.dll
- 2008-04-14 02:00:00 2,068,224 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:19:48 2,068,352 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2008-04-14 02:00:24 2,191,360 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:19:48 2,191,488 ----a-w c:\windows\system32\ntoskrnl.exe
- 2008-06-23 16:14:44 102,912 ------w c:\windows\system32\occache.dll
+ 2008-08-26 07:57:21 102,912 ------w c:\windows\system32\occache.dll
- 2008-10-14 18:28:33 77,104 ----a-w c:\windows\system32\perfc007.dat
+ 2009-01-08 17:38:36 77,104 ----a-w c:\windows\system32\perfc007.dat
- 2008-10-14 18:28:33 63,664 ----a-w c:\windows\system32\perfc009.dat
+ 2009-01-08 17:38:36 63,664 ----a-w c:\windows\system32\perfc009.dat
- 2008-10-14 18:28:33 421,948 ----a-w c:\windows\system32\perfh007.dat
+ 2009-01-08 17:38:36 421,948 ----a-w c:\windows\system32\perfh007.dat
- 2008-10-14 18:28:33 406,464 ----a-w c:\windows\system32\perfh009.dat
+ 2009-01-08 17:38:36 406,464 ----a-w c:\windows\system32\perfh009.dat
- 2008-06-23 16:14:44 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-26 07:57:21 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2006-10-18 20:47:18 284,160 ------w c:\windows\system32\PortableDeviceApi.dll
+ 2006-10-18 20:47:18 101,888 ------w c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-18 20:47:18 166,912 ------w c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-18 20:47:18 132,096 ------w c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-18 20:47:18 199,168 ------w c:\windows\system32\PortableDeviceWMDRM.dll
+ 2008-11-21 21:47:48 551,672 ------w c:\windows\system32\px.dll
+ 2008-11-21 21:47:48 129,784 ------w c:\windows\system32\pxafs.dll
+ 2008-11-21 21:47:48 66,296 ------w c:\windows\system32\pxcpya64.exe
+ 2008-11-21 21:47:48 120,056 ------w c:\windows\system32\pxcpyi64.exe
+ 2008-11-21 21:47:48 518,904 ------w c:\windows\system32\pxdrv.dll
+ 2008-11-21 21:47:48 72,440 ------w c:\windows\system32\pxhpinst.exe
+ 2008-11-21 21:47:48 64,760 ------w c:\windows\system32\pxinsa64.exe
+ 2008-11-21 21:47:48 118,520 ------w c:\windows\system32\pxinsi64.exe
+ 2008-11-21 21:47:50 187,128 ------w c:\windows\system32\pxmas.dll
+ 2008-11-21 21:47:48 1,628,920 ------w c:\windows\system32\pxsfs.dll
+ 2008-11-21 21:47:48 379,640 ------w c:\windows\system32\pxwave.dll
- 2005-01-28 06:53:22 221,184 ----a-w c:\windows\system32\qasf.dll
+ 2006-10-18 20:47:18 211,456 ----a-w c:\windows\system32\qasf.dll
+ 2008-11-21 21:47:52 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
+ 2008-06-15 14:14:48 1,056,768 ----a-w c:\windows\system32\ROBOEX32.DLL
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2007-11-30 12:39:14 18,808 ------w c:\windows\system32\spmsg.dll
+ 2008-07-08 13:00:44 18,808 ------w c:\windows\system32\spmsg.dll
- 2008-09-16 00:12:54 200,704 ----a-w c:\windows\system32\ssldivx.dll
+ 2008-11-21 21:46:10 200,704 ----a-w c:\windows\system32\ssldivx.dll
- 2008-06-23 16:14:44 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-08-26 07:57:21 105,984 ----a-w c:\windows\system32\url.dll
- 2008-06-23 16:14:44 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-26 07:57:22 1,159,680 ----a-w c:\windows\system32\urlmon.dll
- 2005-01-27 23:36:04 47,104 ----a-w c:\windows\system32\uwdf.exe
+ 2006-10-18 20:58:00 8,704 ----a-w c:\windows\system32\uwdf.exe
+ 2008-11-21 21:47:46 88,824 ------w c:\windows\system32\vxblock.dll
- 2005-01-27 23:35:58 15,872 ----a-w c:\windows\system32\wdfapi.dll
+ 2006-10-18 20:47:18 4,096 ----a-w c:\windows\system32\wdfapi.dll
- 2005-01-27 23:36:00 38,912 ----a-w c:\windows\system32\wdfmgr.exe
+ 2006-10-18 20:58:00 8,704 ----a-w c:\windows\system32\wdfmgr.exe
- 2008-06-23 16:14:44 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-08-26 07:57:22 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-04-14 01:53:16 1,845,760 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 15:24:02 1,846,528 ----a-w c:\windows\system32\win32k.sys
- 2008-06-23 16:14:45 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-26 07:57:22 826,368 ----a-w c:\windows\system32\wininet.dll
- 2005-01-28 11:32:44 396,528 ----a-w c:\windows\system32\wmadmod.dll
+ 2006-10-18 20:47:18 757,248 ----a-w c:\windows\system32\WMADMOD.dll
- 2005-01-28 06:53:18 716,288 ----a-w c:\windows\system32\wmadmoe.dll
+ 2006-10-18 20:47:18 1,117,696 ----a-w c:\windows\system32\WMADMOE.dll
- 2005-01-28 06:53:16 224,768 ----a-w c:\windows\system32\wmasf.dll
+ 2007-10-25 08:28:30 222,720 ----a-w c:\windows\system32\wmasf.dll
- 2005-01-28 06:53:20 28,160 ----a-w c:\windows\system32\WMDMLOG.dll
+ 2006-10-18 20:47:18 33,792 ----a-w c:\windows\system32\wmdmlog.dll
- 2005-01-28 06:53:20 33,792 ----a-w c:\windows\system32\WMDMPS.dll
+ 2006-10-18 20:47:18 37,376 ----a-w c:\windows\system32\wmdmps.dll
- 2005-01-28 06:53:50 335,872 ----a-w c:\windows\system32\WMDRMdev.dll
+ 2006-10-18 20:47:18 429,056 ----a-w c:\windows\system32\wmdrmdev.dll
- 2005-01-28 06:53:54 290,816 ----a-w c:\windows\system32\WMDRMNet.dll
+ 2006-10-18 20:47:20 348,672 ----a-w c:\windows\system32\wmdrmnet.dll
+ 2006-10-18 20:47:20 535,040 ------w c:\windows\system32\wmdrmsdk.dll
- 2005-01-28 13:23:32 228,352 ----a-w c:\windows\system32\wmerror.dll
+ 2006-11-03 08:55:54 275,968 ----a-w c:\windows\system32\wmerror.dll
- 2005-01-28 06:53:16 150,016 ----a-w c:\windows\system32\wmidx.dll
+ 2006-10-18 20:47:20 157,184 ----a-w c:\windows\system32\wmidx.dll
- 2005-01-28 06:53:16 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2006-10-18 20:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
- 2005-01-28 06:53:16 5,525,504 ----a-w c:\windows\system32\wmp.dll
+ 2007-06-11 22:51:12 10,834,944 ----a-w c:\windows\system32\wmp.dll
- 2005-01-28 06:53:20 135,168 ----a-w c:\windows\system32\wmpasf.dll
+ 2006-10-18 20:47:20 242,688 ----a-w c:\windows\system32\wmpasf.dll
- 2005-01-28 06:53:20 282,624 ----a-w c:\windows\system32\wmpdxm.dll
+ 2006-10-18 20:47:20 314,880 ----a-w c:\windows\system32\wmpdxm.dll
+ 2008-06-24 17:12:58 295,936 ------w c:\windows\system32\wmpeffects.dll
- 2005-01-28 06:53:18 1,594,880 ----a-w c:\windows\system32\wmpencen.dll
+ 2006-10-18 20:47:20 1,661,440 ----a-w c:\windows\system32\wmpencen.dll
- 2005-01-28 13:23:22 3,407,872 ----a-w c:\windows\system32\wmploc.dll
+ 2006-11-03 09:02:58 8,282,112 ----a-w c:\windows\system32\wmploc.dll
+ 2006-10-18 20:47:20 613,376 ------w c:\windows\system32\wmpmde.dll
+ 2006-10-18 20:47:20 130,048 ------w c:\windows\system32\wmpps.dll
- 2005-01-28 13:23:26 86,016 ----a-w c:\windows\system32\wmpshell.dll
+ 2006-11-03 08:56:20 99,840 ----a-w c:\windows\system32\wmpshell.dll
- 2005-01-28 06:53:18 175,104 ----a-w c:\windows\system32\wmpsrcwp.dll
+ 2006-10-18 20:47:20 204,288 ----a-w c:\windows\system32\wmpsrcwp.dll
- 2005-01-28 11:32:56 774,904 ----a-w c:\windows\system32\wmsdmod.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\wmsdmod.dll
- 2005-01-28 06:53:18 1,119,744 ----a-w c:\windows\system32\wmsdmoe2.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\wmsdmoe2.dll
- 2005-01-28 11:32:44 413,944 ----a-w c:\windows\system32\wmspdmod.dll
+ 2006-10-18 20:47:22 603,648 ----a-w c:\windows\system32\WMSPDMOD.dll
- 2005-01-28 06:53:18 940,544 ----a-w c:\windows\system32\wmspdmoe.dll
+ 2006-10-18 20:47:22 1,329,152 ----a-w c:\windows\system32\WMSPDMOE.dll
- 2005-01-28 11:32:56 1,218,808 ----a-w c:\windows\system32\wmvadvd.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\WMVADVD.dll
- 2005-01-28 06:53:20 1,512,448 ----a-w c:\windows\system32\WMVADVE.DLL
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\WMVADVE.DLL
- 2005-01-28 11:32:58 2,370,296 ----a-w c:\windows\system32\wmvcore.dll
+ 2006-10-18 20:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2006-10-18 20:47:22 1,543,680 ------w c:\windows\system32\WMVDECOD.dll
- 2005-01-28 11:32:58 895,736 ----a-w c:\windows\system32\wmvdmod.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\wmvdmod.dll
- 2005-01-28 06:53:18 1,003,008 ----a-w c:\windows\system32\wmvdmoe2.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\wmvdmoe2.dll
+ 2006-10-18 20:47:22 1,574,912 ------w c:\windows\system32\WMVENCOD.dll
+ 2006-10-18 20:47:22 1,382,912 ------w c:\windows\system32\WMVSDECD.dll
+ 2006-10-18 20:47:22 767,488 ------w c:\windows\system32\WMVSENCD.dll
+ 2006-10-18 20:47:22 656,896 ------w c:\windows\system32\WMVXENCD.dll
- 2005-01-27 23:36:28 38,912 ----a-w c:\windows\system32\wpd_ci.dll
+ 2006-10-18 20:47:22 629,760 ----a-w c:\windows\system32\wpd_ci.dll
- 2005-01-27 23:36:20 61,952 ----a-w c:\windows\system32\wpdconns.dll
+ 2006-10-18 20:47:22 35,840 ----a-w c:\windows\system32\wpdconns.dll
- 2005-01-27 23:36:24 114,176 ----a-w c:\windows\system32\wpdmtp.dll
+ 2006-10-18 20:47:22 154,624 ----a-w c:\windows\system32\wpdmtp.dll
- 2005-01-27 23:36:22 66,560 ----a-w c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 20:47:22 63,488 ----a-w c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 20:47:22 2,603,008 ------w c:\windows\system32\WpdShext.dll
+ 2006-10-18 19:00:14 17,408 ------w c:\windows\system32\wpdshextautoplay.exe
+ 2006-11-02 10:51:52 43,008 ------w c:\windows\system32\wpdshextres.dll
+ 2006-10-18 20:47:22 133,632 ------w c:\windows\system32\WPDShServiceObj.dll
- 2005-01-27 23:36:28 331,264 ----a-w c:\windows\system32\wpdsp.dll
+ 2006-10-18 20:47:22 356,352 ----a-w c:\windows\system32\wpdsp.dll
- 2008-07-18 20:09:44 563,912 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2008-07-18 20:10:42 53,448 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2008-07-18 20:09:42 1,811,656 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2008-07-18 20:09:46 325,832 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
+ 2006-09-28 19:13:26 95,344 ------w c:\windows\system32\WUDFCoinstaller.dll
+ 2006-09-28 17:56:38 146,432 ------w c:\windows\system32\WudfHost.exe
+ 2006-09-28 17:56:16 165,376 ------w c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 17:56:14 55,808 ------w c:\windows\system32\WudfSvc.dll
+ 2006-09-28 17:56:38 316,416 ------w c:\windows\system32\WUDFx.dll
- 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2008-07-18 20:09:44 205,000 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2009-01-11 00:02:44 16,384 ----atw c:\windows\temp\Perflib_Perfdata_63c.dat
- 2000-08-31 06:00:00 49,152 ----a-w c:\windows\VFIND.exe
+ 2000-08-31 07:00:00 49,152 ----a-w c:\windows\VFIND.exe
+ 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
- 2000-08-31 06:00:00 68,096 ----a-w c:\windows\zip.exe
+ 2000-08-31 07:00:00 68,096 ----a-w c:\windows\zip.exe
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\programme\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"MSMSGS"="c:\programme\Messenger\msmsgs.exe" [2008-04-14 1695232]
"AlcoholAutomount"="c:\programme\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-11-23 203720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\programme\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"SunJavaUpdateSched"="c:\programme\Java\jre6\bin\jusched.exe" [2008-12-09 136600]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-02-24 2372760]
"AppleSyncNotifier"="c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Ikarus-GuardX"="c:\programme\Ikarus\virus utilities\bin\guardxkickoff.exe" [2008-08-21 1387000]
"a-squared"="c:\programme\a-squared Anti-Malware\a2guard.exe" [2008-12-14 2782352]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\GuardX]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTGUARD]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\QIP\\qip.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\PROGRA~1\\GEMEIN~1\\MICROW~1\\Agent\\MWAGENT.EXE"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programme\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=

R3 TSMPacket;DSL-Manager Service;c:\windows\system32\drivers\tsmpkt.sys [2008-04-03 13824]
R4 GuardX;GuardX;c:\programme\Ikarus\virus utilities\bin\guardxservice.exe [2008-08-21 1108472]
R4 NTGUARD;NTGUARD;c:\programme\Ikarus\virus utilities\bin\ntguard.sys [2008-08-21 95360]
S3 AhnFlt2k;AhnFlt2k;c:\windows\system32\drivers\AhnFlt2k.sys [2008-04-19 45056]
S3 AhnRec2k;AhnRec2k;c:\windows\system32\drivers\AhnRec2k.sys [2008-04-19 13696]
S3 AhnRghNt;AhnRghNt;c:\windows\system32\drivers\AhnRghNt.sys [2008-04-19 28288]
S3 CdmDrvNt;CdmDrvNt;c:\windows\system32\drivers\CdmDrvNT.sys [2008-04-19 12605]
S3 dsltestSp5;dsltestSp5 NDIS Protocol Driver;c:\windows\system32\drivers\DslTestSp5.sys [2008-04-03 26816]
S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2008-04-19 25773]
S3 sdAuxService;PC Tools Auxiliary Service;c:\programme\Spyware Doctor\pctsAuxs.exe [2009-01-03 356920]
S3 TDslMgrService;DSL-Manager;c:\programme\T-Online\DSL-Manager\DslMgrSvc.exe [2008-04-03 294912]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}]
c:\programme\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners

2009-01-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Connection Wizard,ShellNext = hxxp://www.t-online.de/service/redir/tosw6_sc_webtour.htm
TCP: {225F6D22-1000-44AB-9B47-15C3667066B5} = 217.237.151.142 217.237.150.188
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-11 01:03:02
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(1088)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\programme\Sygate\SPF\Smc.exe
c:\programme\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\ati2evxx.exe
c:\programme\a-squared Anti-Malware\a2service.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\programme\iPod\bin\iPodService.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2009-01-11 1:06:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2009-01-11 00:06:43
ComboFix2.txt 2008-10-24 11:56:17
ComboFix3.txt 2008-10-22 17:47:11
ComboFix4.txt 2008-07-05 17:17:04

Vor Suchlauf: 22 Verzeichnis(se), 61.443.731.456 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 61,597,728,768 Bytes frei

930 --- E O F --- 2008-12-09 14:45:18
Dieser Beitrag wurde am 11.01.2009 um 01:28 Uhr von wolverine26 editiert.
Seitenanfang Seitenende
11.01.2009, 09:16
raman
Moderator

Beiträge: 7805
#2 Das sieht an sich recht gut aus.

Gebe bitte unter start/Ausfuehren
combofix /u
ein und druecke Enter.

Nutze bitte noch Mbam http://board.protecus.de/t23187.htm, sollte es keine Infektionen melden, kannst du es wieder deinstallieren...

Ein Kontrollscan mit der Avira Bootcd kannst du auch machen
http://board.protecus.de/t23979.htm#298775

Sowie mit F-secures Onlinescanner: http://support.f-secure.de/ger/home/ols.shtml
__________
MfG Ralf
SEO-Spam Hunter
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1