Home » Viren, Trojaner & Malware Forum » Windows fährt von alleine runter » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1

Antworten

Windows fährt von alleine runter

12.07.2010, 21:31

dr.ago

Member

Beiträge: 60

#1 Hallo community,

ich habe folgendes problem:
beim Hochfahren und Laden von Vista ist der Laptop extrem langsam. gelegntlich kommt die Meldung "Windows wird in weniger als einer Minute heruntergefahren"
Ebenfalls bring er mir nach dem starten Fehlermeldungen über programme die nicht gestartet werden konnten.

Ich habe ein hijackthis-log, ein OTL-log und das erste kleine log von gmer gemacht, allerdings als ich mit gmer scanen wollte, kam ein bluescreen und der laptop stürzte ab. Dies tat er auch im abgesicherten Modus.

Wäre echt Dankbar wenn mir jemand helfen könnte und hier nun die Log-dateien

Gruss Drago

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:22:28, on 12.07.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\TRCMan\TRCMan.exe
C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\T-Mobile\Communication Center\AutoUpdateSrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\conime.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: TBSB08970 Class - {10ABDD5A-E10E-4AF2-95BA-FCB47C7C90A7} - C:\PROGRA~1\POWERS~1\POWERS~1.DLL
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Power Search Tool - {A08C6464-8102-465D-BB4B-3C1458E7F57F} - C:\Program Files\Power Search Tool\PowerSearchTool4_0.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TUSBSleepChargeSrv] %ProgramFiles%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [ThpSrv] C:\Windows\system32\thpsrv /logon
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TRCMan] C:\Program Files\TOSHIBA\TRCMan\TRCMan.exe
O4 - HKLM\..\Run: [TPCHWMsg] %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Nuance OmniPage 17-reminder] "C:\Program Files\Nuance\OmniPage17\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage 17\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OpAgent] "OpAgent.exe" /agent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Getdo] rundll32.exe "C:\Users\Drago\AppData\Roaming\Adobe\Update\flacor.dat""
O4 - HKCU\..\Run: [{D1EB6125-9558-01EE-B723-E5F7A964780A}] C:\Users\Drago\AppData\Roaming\Alur\xiyvi.exe
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
O4 - Global Startup: Automatic Update-Agent.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Mit FlashGet laden - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/707-44556-9400-3/4 (file missing)
O9 - Extra button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home (file missing)
O9 - Extra button: Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Program Files\Magic NetTrace\MTIE.exe
O9 - Extra 'Tools' menuitem: &Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Program Files\Magic NetTrace\MTIE.exe
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe (file missing)
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\acaptuser32.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: TOSHIBA Web Camera Service (camsvc) - TOSHIBA - C:\Program Files\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: GtDetectSc Service (gtdetectsc) - OptionNV - C:\Windows\system32\gtdetectsc.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Festplattenschutz (Thpsrv) - TOSHIBA Corporation - C:\Windows\system32\ThpSrv.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

--
End of file - 14074 bytes

OTL logfile created on: 12.07.2010 20:54:28 - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Users\Drago\Desktop\Virus neu
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 41,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 58,81 Gb Free Space | 31,57% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 184,84 Gb Total Space | 102,58 Gb Free Space | 55,50% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DRAGO-PC
Current User Name: Drago
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Drago\Desktop\Virus neu\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\BumpTop\TexHelper.exe ()
PRC - C:\Programme\BumpTop\BumpTop.exe ()
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
PRC - C:\Programme\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Toshiba\TECO\TecoService.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
PRC - C:\Programme\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
PRC - C:\Programme\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
PRC - C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Toshiba\HDMICtrlMan\HCMSoundChanger.exe (TOSHIBA Corporation.)
PRC - C:\Programme\Toshiba\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\TRCMan\TRCMan.exe (TOSHIBA Corporation)
PRC - C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Programme\T-Mobile\Communication Center\AutoUpdateSrv.exe ()
PRC - C:\Programme\Common Files\GtFlashSwitch\GtFlashSwitch.exe (OptionNV)
PRC - C:\Windows\System32\Gtdetectsc.exe (OptionNV)

[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - C:\Users\Drago\Desktop\Virus neu\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\System32\shfolder.dll (Microsoft Corporation)

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (camsvc) -- C:\Programme\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe (TOSHIBA)
SRV - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV - (TMachInfo) -- C:\Programme\Toshiba\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (TNaviSrv) -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TosCoSrv) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (GameConsoleService) -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (AdobeActiveFileMonitor7.0) -- C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (Thpsrv) -- C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (GtFlashSwitch) -- C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe (OptionNV)
SRV - (gtdetectsc) -- C:\Windows\System32\Gtdetectsc.exe (OptionNV)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (PCASp50) -- C:\Windows\System32\Drivers\PCASp50.sys File not found
DRV - (PCAMp50) -- C:\Windows\System32\Drivers\PCAMp50.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (JakNDisMP) -- C:\Windows\System32\DRIVERS\JakNDis.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\Drago\AppData\Local\Temp\catchme.sys File not found
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NWUSBPort) -- C:\Windows\System32\drivers\nwusbser.sys (Novatel Wireless Inc.)
DRV - (NWUSBModem) -- C:\Windows\System32\drivers\nwusbmdm.sys (Novatel Wireless Inc.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (Thpdrv) -- C:\Windows\system32\DRIVERS\thpdrv.sys (TOSHIBA Corporation)
DRV - (TVALZFL) -- C:\Windows\System32\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (PGEffect) -- C:\Windows\System32\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (mod7700) -- C:\Windows\System32\drivers\dvb7700all.sys (DiBcom)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (enecirhid) -- C:\Windows\System32\drivers\enecirhid.sys (ENE TECHNOLOGY INC.)
DRV - (enecirhidma) -- C:\Windows\System32\drivers\enecirhidma.sys (ENE TECHNOLOGY INC.)
DRV - (UMPass) -- C:\Windows\System32\drivers\umpass.sys (Microsoft Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ManyCam) -- C:\Windows\System32\drivers\ManyCam.sys (ManyCam LLC.)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (Thpevm) -- C:\Windows\system32\DRIVERS\Thpevm.SYS (TOSHIBA Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (NWADI) -- C:\Windows\System32\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.08
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.28 14:41:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.06.28 14:41:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010.06.14 23:43:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.06.21 23:22:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.06.16 20:31:54 | 000,000,000 | ---D | M]

[2010.06.21 23:22:47 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\mozilla\Extensions
[2010.06.21 23:22:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Drago\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.06.07 17:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Drago\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2010.07.12 11:53:06 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\mozilla\Firefox\Profiles\ct7w40o0.default\extensions
[2010.01.03 23:06:36 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Drago\AppData\Roaming\mozilla\Firefox\Profiles\ct7w40o0.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009.11.05 23:40:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Drago\AppData\Roaming\mozilla\Firefox\Profiles\ct7w40o0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.07 17:44:17 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\mozilla\Sunbird\Profiles\dpmjhbhk.default\extensions
[2010.06.07 17:44:17 | 000,000,000 | ---D | M] (Provider for Google Calendar) -- C:\Users\Drago\AppData\Roaming\mozilla\Sunbird\Profiles\dpmjhbhk.default\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}
[2010.07.12 13:54:21 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.03.14 17:24:20 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.14 17:24:20 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.14 17:24:21 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.14 17:24:21 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.14 17:24:21 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.01.28 17:38:30 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (TBSB08970 Class) - {10ABDD5A-E10E-4AF2-95BA-FCB47C7C90A7} - C:\Programme\Power Search Tool\PowerSearchTool4_0.dll ()
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll (www.flashget.com)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Power Search Tool) - {A08C6464-8102-465D-BB4B-3C1458E7F57F} - C:\Programme\Power Search Tool\PowerSearchTool4_0.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Power Search Tool) - {A08C6464-8102-465D-BB4B-3C1458E7F57F} - C:\Programme\Power Search Tool\PowerSearchTool4_0.dll ()
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Programme\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Programme\Toshiba\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Nuance OmniPage 17-reminder] C:\Program Files\Nuance\OmniPage17\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ThpSrv] C:\Windows\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPCHWMsg] C:\Programme\Toshiba\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TRCMan] C:\Programme\Toshiba\TRCMan\TRCMan.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Programme\Toshiba\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [{D1EB6125-9558-01EE-B723-E5F7A964780A}] C:\Users\Drago\AppData\Roaming\Alur\xiyvi.exe ()
O4 - HKCU..\Run: [OpAgent] File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Drago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk = C:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Programme\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Mit FlashGet laden - C:\Programme\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Programme\Magic NetTrace\MTIE.exe (TialSoft software)
O9 - Extra 'Tools' menuitem : &Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Programme\Magic NetTrace\MTIE.exe (TialSoft software)
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: btopenzone.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: t-mobile.net ([hotspot] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: compperf - (C:\Windows\system32\doskdiag.dll) - C:\Windows\System32\doskdiag.dll File not found
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010.07.12 20:53:20 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Virus neu
[2010.07.08 23:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Recisio
[2010.07.08 23:41:56 | 000,000,000 | ---D | C] -- C:\Programme\KaraFun
[2010.07.08 23:41:31 | 005,063,603 | ---- | C] (Recisio ) -- C:\Users\Drago\Desktop\karafun_118.exe
[2010.07.08 23:24:18 | 000,000,000 | ---D | C] -- C:\Programme\UltraStar
[2010.07.08 23:03:36 | 000,000,000 | ---D | C] -- C:\Programme\vanBasco's Karaoke Player
[2010.07.08 09:23:10 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\WGV Kfz-Versicherung
[2010.07.05 15:12:40 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\ExistPrimeCup
[2010.06.28 20:32:45 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Musik Danijel
[2010.06.28 12:56:49 | 000,000,000 | ---D | C] -- C:\Programme\sfArk
[2010.06.28 12:06:01 | 000,000,000 | ---D | C] -- C:\timidity
[2010.06.28 12:03:26 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\sound midi
[2010.06.26 16:02:26 | 000,000,000 | ---D | C] -- C:\Programme\NetTVPlayer
[2010.06.26 13:36:35 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\karaoke pjesme
[2010.06.24 22:54:22 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.24 22:54:22 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.24 22:54:22 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.24 21:34:00 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Neuer Ordner (2)
[2010.06.24 21:08:32 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Präsi
[2010.06.22 22:55:50 | 000,000,000 | ---D | C] -- C:\Programme\Alextv
[2010.06.21 21:13:21 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.06.21 21:13:19 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.06.21 21:09:41 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.06.18 22:07:59 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\MOBILE_MP4
[2010.06.18 20:56:41 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Neuer Ordner
[2010.06.14 23:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010.07.12 20:55:25 | 005,242,880 | -HS- | M] () -- C:\Users\Drago\NTUSER.DAT
[2010.07.12 20:39:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.12 19:10:54 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.12 19:10:54 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.12 13:34:10 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.12 13:10:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.12 13:10:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.12 13:07:12 | 000,524,288 | -HS- | M] () -- C:\Users\Drago\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.07.12 13:07:12 | 000,065,536 | -HS- | M] () -- C:\Users\Drago\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.07.12 13:07:11 | 006,291,456 | -H-- | M] () -- C:\Users\Drago\AppData\Local\IconCache.db
[2010.07.12 12:43:45 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.12 12:43:45 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.12 12:43:45 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.12 12:43:45 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.12 12:43:45 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.09 19:28:43 | 000,001,356 | ---- | M] () -- C:\Users\Drago\AppData\Local\d3d9caps.dat
[2010.07.08 23:41:58 | 000,001,621 | ---- | M] () -- C:\Users\Drago\Desktop\KaraFun Editor.lnk
[2010.07.08 23:41:58 | 000,000,743 | ---- | M] () -- C:\Users\Drago\Desktop\KaraFun.lnk
[2010.07.08 23:41:38 | 005,063,603 | ---- | M] (Recisio ) -- C:\Users\Drago\Desktop\karafun_118.exe
[2010.07.08 23:41:20 | 000,262,952 | ---- | M] () -- C:\Users\Drago\Documents\SoftonicDownloader36854.exe
[2010.07.08 23:36:11 | 000,000,561 | ---- | M] () -- C:\Windows\timidity.cfg
[2010.07.08 23:36:11 | 000,000,218 | ---- | M] () -- C:\Users\Drago\.recently-used.xbel
[2010.07.08 23:23:41 | 000,262,952 | ---- | M] () -- C:\Users\Drago\Documents\SoftonicDownloader57983.exe
[2010.07.08 23:03:37 | 000,000,875 | ---- | M] () -- C:\Users\Drago\Desktop\vanBasco's Karaoke Player.lnk
[2010.07.08 22:59:58 | 000,884,736 | ---- | M] () -- C:\Users\Drago\Desktop\vkaraoke.exe
[2010.07.08 22:54:51 | 000,058,880 | ---- | M] (Putzlowitsch) -- C:\Windows\System32\PLWMidiMap.cpl
[2010.07.08 22:53:31 | 000,027,322 | ---- | M] () -- C:\Users\Drago\Desktop\plw-vista-midi-mapper_0_93.zip
[2010.07.04 18:48:41 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.01 18:34:27 | 000,133,208 | ---- | M] () -- C:\Users\Drago\AppData\Roaming\GDIPFONTCACHEV1.DAT
[2010.06.30 09:51:22 | 000,641,536 | ---- | M] () -- C:\Users\Drago\Desktop\TN_RK_AbrFormular_ProCup-Leipzig.xls
[2010.06.28 22:32:39 | 000,026,624 | ---- | M] () -- C:\Users\Drago\Documents\Panini WM 2010 doppel.xls
[2010.06.28 21:55:43 | 000,027,136 | ---- | M] () -- C:\Users\Drago\Documents\Panini WM 2010.xls
[2010.06.28 12:06:07 | 000,000,069 | ---- | M] () -- C:\Windows\timidity.cfg.bak
[2010.06.28 10:58:15 | 000,133,208 | ---- | M] () -- C:\Users\Drago\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.28 10:56:25 | 000,426,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.26 16:02:46 | 000,000,845 | ---- | M] () -- C:\Users\Public\Desktop\Net TV Player.lnk
[2010.06.25 10:25:36 | 000,000,809 | ---- | M] () -- C:\Users\Drago\Desktop\CCleaner.lnk
[2010.06.25 09:46:30 | 000,001,062 | ---- | M] () -- C:\Users\Drago\Desktop\Revo Uninstaller.lnk
[2010.06.22 23:31:50 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.22 20:15:07 | 024,241,197 | ---- | M] () -- C:\Users\Drago\Desktop\NetTVPretrazivac2.4.exe
[2010.06.18 22:21:38 | 000,134,144 | ---- | M] () -- C:\Users\Drago\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.18 22:17:40 | 000,025,600 | ---- | M] () -- C:\Users\Drago\Documents\Lieber Ujak.doc
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010.07.08 23:41:58 | 000,001,621 | ---- | C] () -- C:\Users\Drago\Desktop\KaraFun Editor.lnk
[2010.07.08 23:41:58 | 000,000,743 | ---- | C] () -- C:\Users\Drago\Desktop\KaraFun.lnk
[2010.07.08 23:41:19 | 000,262,952 | ---- | C] () -- C:\Users\Drago\Documents\SoftonicDownloader36854.exe
[2010.07.08 23:36:11 | 000,000,218 | ---- | C] () -- C:\Users\Drago\.recently-used.xbel
[2010.07.08 23:23:39 | 000,262,952 | ---- | C] () -- C:\Users\Drago\Documents\SoftonicDownloader57983.exe
[2010.07.08 23:03:37 | 000,000,875 | ---- | C] () -- C:\Users\Drago\Desktop\vanBasco's Karaoke Player.lnk
[2010.07.08 22:59:57 | 000,884,736 | ---- | C] () -- C:\Users\Drago\Desktop\vkaraoke.exe
[2010.07.08 22:53:22 | 000,027,322 | ---- | C] () -- C:\Users\Drago\Desktop\plw-vista-midi-mapper_0_93.zip
[2010.07.01 17:38:50 | 000,641,536 | ---- | C] () -- C:\Users\Drago\Desktop\TN_RK_AbrFormular_ProCup-Leipzig.xls
[2010.06.28 22:32:39 | 000,026,624 | ---- | C] () -- C:\Users\Drago\Documents\Panini WM 2010 doppel.xls
[2010.06.28 21:54:05 | 000,027,136 | ---- | C] () -- C:\Users\Drago\Documents\Panini WM 2010.xls
[2010.06.28 12:55:49 | 000,081,920 | ---- | C] () -- C:\Windows\portaudio.dll
[2010.06.28 12:39:19 | 000,000,063 | ---- | C] () -- C:\Users\Drago\timidity.cfg.txt
[2010.06.28 12:06:07 | 000,000,561 | ---- | C] () -- C:\Windows\timidity.cfg
[2010.06.28 12:06:07 | 000,000,069 | ---- | C] () -- C:\Windows\timidity.cfg.bak
[2010.06.26 16:02:46 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Net TV Player.lnk
[2010.06.25 10:25:36 | 000,000,809 | ---- | C] () -- C:\Users\Drago\Desktop\CCleaner.lnk
[2010.06.22 22:56:11 | 000,001,504 | ---- | C] () -- C:\Users\Drago\Desktop\FMTuner.lnk
[2010.06.22 20:14:49 | 024,241,197 | ---- | C] () -- C:\Users\Drago\Desktop\NetTVPretrazivac2.4.exe
[2010.06.21 21:14:16 | 000,002,231 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.18 22:17:39 | 000,025,600 | ---- | C] () -- C:\Users\Drago\Documents\Lieber Ujak.doc
[2010.06.16 19:40:23 | 1200,187,908 | ---- | C] () -- C:\Users\Drago\Desktop\Cars.divx
[2010.06.09 23:39:17 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.06.09 23:39:17 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.06.09 23:39:16 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.06.09 23:39:16 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.06.09 23:39:15 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.06.09 23:39:15 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010.05.16 18:22:24 | 000,000,391 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010.02.10 00:31:44 | 000,003,584 | ---- | C] () -- C:\Windows\System32\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.07 16:20:30 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010.01.07 10:42:49 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2010.01.07 10:42:49 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2010.01.07 10:42:49 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2009.11.06 00:41:03 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.11.03 00:14:21 | 000,000,010 | ---- | C] () -- C:\Windows\wininit.ini
[2009.11.02 22:13:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.10.27 13:49:23 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2009.10.27 13:49:23 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2009.10.27 13:45:45 | 000,002,048 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009.10.27 13:33:17 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.10.25 21:48:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.14 22:09:32 | 001,936,528 | ---- | C] () -- C:\Windows\System32\ltmm15.dll
[2009.07.24 11:39:33 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.07.24 11:08:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.06.05 10:43:09 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2009.06.05 08:22:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.01.05 16:44:10 | 000,000,483 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008.09.02 02:32:38 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2007.06.21 22:55:54 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.06 07:49:42 | 000,839,680 | ---- | C] () -- C:\Windows\System32\timiditydrv.dll

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 24 bytes -> C:\Windows:423034D9F3AC9244
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:9B013599
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:FED912DB
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:6B523836
< End of report >

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-12 21:16:39
Windows 6.0.6002 Service Pack 2
Running: v58oiux8.exe; Driver: C:\Users\Drago\AppData\Local\Temp\fwlcapod.sys

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85CFA1F8

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Anhang: Extras.Txt

12.07.2010, 22:30

Swisstreasure

Moderator

Beiträge: 5694

#2 Hallo und herzlich Willkommen auf Protecus.de

Um ein infiziertes System zu bereinigen bedarf es neben Zeit auch die Beachtung folgender Punkte:

• Halte Dich an die Anweisungen des jeweiligen Helfers.
• Falls Du externen Speichermedien (USB Sticks, Festplatten) hast, dann schliesse die vor der Reinigung an.
• Während der Reinigung solltest Du weder Programme installieren noch deinstallieren, welche nicht ausdrücklich verlangt werden.
• Bitte arbeite jeden Schritt der Reihe nach ab.
• Falls bei einem Schritt Probleme auftauchen, poste was du bereits hast und melde Dich mit dem Problembeschreiben.

• Die Bereinigung ist erst beendet wenn der jeweilige Helfer das OK gibt.
• Wenn die Kiste wieder flott läuft heisst das nicht, dass das Sytem auch sauber ist.
• Bei geschäftlich genutzten Rechner sollte der zuständige IT Verantwortliche beigezogen werden.
• Ein Support unsererseits kann unter Umständen bei einem Firmenrechner abgelehnt werden.
• Bei illegaler Software besteht die Möglichkeit, dass der Support eingestellt wird.
• Jegliche Cracks oder Keygens werden weder gefördert noch akzeptiert.
• Bei stark infizierten Systemen vorallem wenn Backdoors oder Rootkits involviert sind kann es vorkommen, dass ein Helfer zum Neuaufsetzen rät.
• In letzter Instanz ist dann immer der User welcher entscheidet.

Vista und Win7 User:
Alle Programme und Tools, die wir anordnen, immer mit Rechtsklick und Als Administrator ausführen.

Schritt 1

Zitat

C:\Users\Drago\Desktop\Virus neu\OTL.exe

Bitte verschiebe die OTL.exe direkt auf den Desktop, nicht in einen Ordner.

Schritt 2

Programme deinstallieren

Da einige Programme und Anti-Spy-Programme uns u. U. bei der Bereinigung behindern (z. B. durch ständig laufende Hintergrundwächter), unnötig oder schädlich sind oder einfach nicht mehr gebraucht werden, bitte ich darum, die folgenden Programme über Systemsteuerung => Software komplett zu deinstallieren.

Code

"TBSB08970.TBSB08970Toolbar" = Power Search Tool

Berichte mir, falls sich ein Programm nicht deinstallieren lässt. Nach Beendigung der Bereinigung können wir schauen, welche davon Du wieder installieren kannst/sollest.

Schritt 3

Java aktualisieren

Deine Javaversion ist nicht aktuell. Da einige Schädlinge (z. B. Vundo) über Java-Exploits in das System eindringen, deinstalliere zunächst alle vorhandenen Java-Versionen über Systemsteuerung => Software => deinstallieren. Starte den Rechner neu.

Downloade nun die Offline-Version von Java Version 6 Update 20 von [url=http://www.java.com/de/download/manual.jsp]Oracle[/url] und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen.

Schritt 4

C:\Programme\Bonjour\mDNSResponder.exe

Bei Dir läuft Bonjour, welches von Apple ungefragt z. B. bei iTunes oder Safari-Browser mitinstalliert wird. Das Programm wird von vielen Usern gar nicht gebraucht. Ich habe bei Wikipedia ausführliche Informationen zu dem Programm Bonjour gefunden und beschreibe Dir im Anschluss, wie man das Programm wieder deinstallieren kann, falls das über den normalen Weg Systemsteuerung - Software nicht möglich ist. Solltest Du es nicht brauchen, bitte zunächst versuchen, es über Systemsteuerung => Software zu deinstallieren. Sollte das nicht möglich sein, fahre wie folgt fort:

• Start => ausführen => dort reinschreiben: services.msc => OK => es öffnet sich das "Dienste"-Fenster.
"Bonjour Dienst" in der Liste auswählen und "Beenden" ausführen.
• Kommandozeile öffnen: Start => ausführen => cmd reinschreiben
und ins Verzeichnis "<Systemvolume>\Programme\Bonjour" wechseln,
z. B. mit dem Kommando: cd "C:\Programme\Bonjour"
• Folgendes Kommando eingeben: mDNSResponder -remove
• Danach kannst Du den Ordner C:\Programme\Bonjour löschen.

Wenn das so nicht klappt, gehe auf diese Seite, lade Dir lspfix.zip runter und entpacke das Archiv auf Deinen Desktop. Wenn Du kein Zip-Programm hast, kannst Du auch LSPFix.exe und spfix.txt runterladen. Starte LSPFix.exe, schiebe mit dem >>-Button die mdnsnsp.dll nach rechts, da sie muss raus, hake "I know what i'm doing" an und klicke auf "Finish". Rechner neu starten. Der Ordner C:\Programme\Bonjour\ sollte sich nun löschen lassen.

Schritt 5

Datei-Überprüfung

Folgende Datei/en (siehe Codebox) bei VirusTotal online überprüfen lassen. Dafür musst Du jede Datei einzeln über den Button "Durchsuchen" und "Senden der Datei" nach VirusTotal hochladen und prüfen lassen. Wenn VirusTotal die Datei empfangen hat, wird sie diese mit mehreren Anti-Virus-Scannern prüfen und die Ergebnisse anzeigen. Sollte VirusTotal melden, dass die Datei bereits überpüft wurde, lasse sie trotzdem über den Button "Analysiere die Datei" erneut prüfen.

Wenn das Ergebnis vorliegt, den kleinen Button "Filter" links oberhalb der Ergebnisse drücken, dann das Ergebnis (egal wie es aussieht und dabei auch die Zeilen mit Namen und Größe der Datei, MD5 und SHA1 kopieren) hier posten. Solltest Du die Datei/en nicht finden oder hochladen können, dann teile uns das ebenfalls mit. Solltest Du die Datei/en nicht finden, überprüfe, ob folgende Einstellungen richtig gesetzt sind.

Zitat

C:\Users\Drago\Desktop\NetTVPretrazivac2.4.exe

Schritt 6

Fixen mit OTL

• Starte die OTL.exe.
• Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
• Kopiere folgendes Skript:

Code

:OTL
DRV - (PCASp50) -- C:\Windows\System32\Drivers\PCASp50.sys File not found
DRV - (PCAMp50) -- C:\Windows\System32\Drivers\PCAMp50.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (JakNDisMP) -- C:\Windows\System32\DRIVERS\JakNDis.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\Drago\AppData\Local\Temp\catchme.sys File not found
O2 - BHO: (TBSB08970 Class) - {10ABDD5A-E10E-4AF2-95BA-FCB47C7C90A7} - C:\Programme\Power Search Tool\PowerSearchTool4_0.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Power Search Tool) - {A08C6464-8102-465D-BB4B-3C1458E7F57F} - C:\Programme\Power Search Tool\PowerSearchTool4_0.dll ()
O3 - HKLM\..\Toolbar: (Power Search Tool) - {A08C6464-8102-465D-BB4B-3C1458E7F57F} - C:\Programme\Power Search Tool\PowerSearchTool4_0.dll ()
O4 - HKCU..\Run: [{D1EB6125-9558-01EE-B723-E5F7A964780A}] C:\Users\Drago\AppData\Roaming\Alur\xiyvi.exe ()
O4 - HKCU..\Run: [OpAgent] File not found
O4 - HKCU\..\Run: [Getdo] rundll32.exe "C:\Users\Drago\AppData\Roaming\Adobe\Update\flacor.dat""
@Alternate Data Stream - 24 bytes -> C:\Windows:423034D9F3AC9244
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:9B013599
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:FED912DB
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:6B523836
:Commands
[purity]
[emptytemp]

• und füge es hier ein:

• Schließe alle Programme.
• Klicke auf den Fix Button.
• Klick auf

.
• OTL verlangt einen Neustart. Bitte zulassen.
• Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in [url=http://www.hijackthis-forum.de/hijackthis-logfiles/17-wie-erstelle-ich-ein-logfile-update.html#post154284]Code-Tags[/url] in Deinen Thread.

Schritt 7

Bereinigung mit Malwarebytes' Anti-Malware (Vollständiger Suchlauf)

Lade Malwarebytes Anti-Malware (ca. 2 MB) von diesem Downloadspiegel herunter:

Malwarebytes

* Anwendbar auf Windows 2000, XP, Vista und Windows 7.
* Installiere das Programm in den vorgegebenen Pfad.
* Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten.
* Lasse es online updaten (Reiter Updates), sofern sich das Programm bereits auf dem Rechner befand.
* Aktiviere "Komplett Scan durchführen" => Scan.
* Wähle alle verfügbaren Laufwerke aus und starte den Scan.
* Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
* Bei Funden in C:\System Volume Information den Haken entfernen.
Ansonsten wird dieser Systemwiederherstellungspunkt nicht mehr funktionieren.
Er könnte jedoch trotz Malware noch gebraucht werden.
* Versichere Dich, dass ansonsten alle Funde markiert sind und drücke "Löschen".
* Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
* Nachträglich kannst du den Bericht unter "Scan-Berichte" finden.
* Berichte, wie der Rechner nun läuft.

Schritt 8

Erneuter Systemscan mit OTL

• Doppelklick auf die OTL.exe
• Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
• Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Minimal-Ausgabe
• Unter Extra-Registrierung wähle bitte Benutze SafeList.
• Mache Häckchen bei LOP- und Purity-Prüfung.
• Klicke nun auf Scan links oben.

• Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
• Poste die Logfiles in Code-Tags hier in den Thread.

13.07.2010, 08:59

dr.ago

Member

Themenstarter

Beiträge: 60

#3 Erst einmal Danke für die Antwort.

Habe nun alle Punkte durchgeführt.
Punkt 1 bis 4 gingen reibungslos bei Punkt 5 (Prüfung mit VirusTotal) kam folgender Hinweis

Code

Bigger than max permited size / Mayor del tamaño máximo permitido

allerdings kenne ich die Herkunft dieser datei und das ist Ok, selbst die Entwickler sind mir bekannt.

Log von Schritt 6

Code

All processes killed
========== OTL ==========
Service PCASp50 stopped successfully!
Service PCASp50 deleted successfully!
File  C:\Windows\System32\Drivers\PCASp50.sys File not found not found.
Service PCAMp50 stopped successfully!
Service PCAMp50 deleted successfully!
File  C:\Windows\System32\Drivers\PCAMp50.sys File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File  C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File  C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found not found.
Service JakNDisMP stopped successfully!
Service JakNDisMP deleted successfully!
File  C:\Windows\System32\DRIVERS\JakNDis.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File  C:\Windows\System32\DRIVERS\ipinip.sys File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File  C:\Users\Drago\AppData\Local\Temp\catchme.sys File not found not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10ABDD5A-E10E-4AF2-95BA-FCB47C7C90A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10ABDD5A-E10E-4AF2-95BA-FCB47C7C90A7}\ not found.
File C:\Programme\Power Search Tool\PowerSearchTool4_0.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A08C6464-8102-465D-BB4B-3C1458E7F57F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A08C6464-8102-465D-BB4B-3C1458E7F57F}\ not found.
File C:\Programme\Power Search Tool\PowerSearchTool4_0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A08C6464-8102-465D-BB4B-3C1458E7F57F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A08C6464-8102-465D-BB4B-3C1458E7F57F}\ not found.
File C:\Programme\Power Search Tool\PowerSearchTool4_0.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{D1EB6125-9558-01EE-B723-E5F7A964780A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1EB6125-9558-01EE-B723-E5F7A964780A}\ not found.
C:\Users\Drago\AppData\Roaming\Alur\xiyvi.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OpAgent deleted successfully.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File move failed. C:\Windows\System32\rundll32.exe scheduled to be moved on reboot.
ADS C:\Windows:423034D9F3AC9244 deleted successfully.
ADS C:\ProgramData\TEMP:9B013599 deleted successfully.
ADS C:\ProgramData\TEMP:FED912DB deleted successfully.
ADS C:\ProgramData\TEMP:6B523836 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Birungueta
->Temp folder emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Drago
->Temp folder emptied: 54671019 bytes
->Temporary Internet Files folder emptied: 257217371 bytes
->Java cache emptied: 78817808 bytes
->FireFox cache emptied: 54901571 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1981202 bytes
 
User: Katarina
->Temp folder emptied: 85808 bytes
->Temporary Internet Files folder emptied: 154452 bytes
->Java cache emptied: 25802292 bytes
->FireFox cache emptied: 86625591 bytes
->Flash cache emptied: 3176 bytes
 
User: Mcx1-DRAGO-PC
->Temp folder emptied: 952 bytes
->Temporary Internet Files folder emptied: 41167 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34191303 bytes
RecycleBin emptied: 276738679 bytes
 
Total Files Cleaned = 831,00 mb
 
Error: Unable to interpret <Quelle: http://board.protecus.de/t39987.htm#ixzz0tVMZFS3m> in the current context!
 
OTL by OldTimer - Version 3.2.9.0 log created on 07122010_231254

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\rundll32.exe scheduled to be moved on reboot.

Registry entries deleted on Reboot...

log von Schritt 7

Code

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4306

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

13.07.2010 08:35:03
mbam-log-2010-07-13 (08-35-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Durchsuchte Objekte: 407057
Laufzeit: 2 Stunde(n), 37 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{a08c6464-8102-465d-bb4b-3c1458e7f57f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a08c6464-8102-465d-bb4b-3c1458e7f57f} (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getdo (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Drago\AppData\Roaming\Adobe\Update\flacor.dat (Trojan.Agent) -> Quarantined and deleted successfully.

Log Schritt 8

Code

OTL Extras logfile created on: 13.07.2010 08:37:44 - Run 3
OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\Drago\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 57,42 Gb Free Space | 30,82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 184,84 Gb Total Space | 102,58 Gb Free Space | 55,50% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DRAGO-PC
Current User Name: Drago
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [alex] -- "C:\Program Files\Alextv\alextv.exe" "%1" (Alex Media, Inc)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\CeWe Color\Meine CEWE FOTOWELT\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [Meine CEWE FOTOWELT] -- "C:\Program Files\CeWe Color\Meine CEWE FOTOWELT\Meine CEWE FOTOWELT.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4032735365-608106937-2049815217-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03E89EB4-ACC7-427A-A4AD-B7BA2209CC4E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{055C5137-A0D9-42FA-A45B-B67E7F8A9A32}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{067171DE-06DE-4BA3-B297-E3DC42080A18}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{09D4A4E1-739C-4023-937F-579A0263D957}" = lport=139 | protocol=6 | dir=in | app=system | 
"{12988BE5-B2BA-4796-AD70-701C6842AF24}" = lport=138 | protocol=17 | dir=in | app=system | 
"{1812889B-5F26-438F-A480-9C1DC4221652}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{277E1851-B84F-4955-A23E-81694796327E}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{2C5D17DA-5DBC-4638-952B-A18A86F1520C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{33028629-305E-44CD-BAD6-25FAE6C7896A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{478FC8C2-EDE5-4124-B31C-73023B7A5855}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{49E40F71-0A2A-409D-8F4D-8214B8EB67E3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{4B8E1CB9-A347-4141-815E-28E0F48E286D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{54BC3EAF-DE8E-47FB-BF4C-7F9BE1DBE191}" = rport=139 | protocol=6 | dir=out | app=system | 
"{5A26917E-1C7F-4A66-AAB7-80DDBD90CCBC}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{5B9EF814-F071-4816-B1E1-46BBCF970412}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5F001314-9517-419D-8E8B-ED8E80E6C6CE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{5F277B6F-79B4-4F85-8684-7155FA1C86D1}" = rport=445 | protocol=6 | dir=out | app=system | 
"{5F5FD424-2AF7-4BE8-A474-014BB70828E2}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{619C314E-905A-430F-A27C-A919EB217662}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{713C10E5-0AF1-4C58-825B-A7000C40DB0C}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{76BCBD83-97F8-44F0-9514-2F231D7D45A9}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{7BC29FA1-C4F8-429F-B314-FDA0DCDBC1B1}" = lport=137 | protocol=17 | dir=in | app=system | 
"{8006AC32-CD11-4EF6-A4EA-33F13B1DC069}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{80AC0CF1-8C66-4E5E-A056-8D42534FEC05}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{8CA4B80C-5A5F-4CFD-B82A-6660EC5285A1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8FF30766-703D-4F6E-A99F-F6A45FF5E636}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{90C4594C-96E0-41FB-8436-9EB08E0A4280}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{A5E6BA7C-D6BA-4614-BC06-4A6B5B636900}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{BB3BB176-07F7-4282-B34C-FB9EE92DF293}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BE6A712E-0112-45AD-9A3A-FC02AEC3BE4A}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{C0ACE7CF-A01F-4D4D-A5E9-28A00E093407}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{C92407C6-0D03-47FF-8DC4-9D7699F64816}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D4B55364-314F-47EC-B8CD-35CF19F69C70}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{D7EE35B2-323D-4518-8164-2EF82BE40700}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{E024DD13-545C-4626-8898-EAB181600830}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{E83344C6-AC71-4EB2-AA1E-DF28C3F8CC74}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{EA4F0FF6-0383-47D6-9072-44629C5B31B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{EA826A87-526E-4549-9E70-979C6133C684}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F08D347D-C0D7-48F7-96B7-8BB02978881B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{FC4DE971-AD3A-4EF3-AA3C-58276A5B15C8}" = rport=138 | protocol=17 | dir=out | app=system | 
"{FF000478-AAB3-4DE5-8FF4-5E5AD766E5C8}" = rport=137 | protocol=17 | dir=out | app=system | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021CB87D-9183-4129-AB7D-D9A352E9818E}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | 
"{052AB5B6-C578-4D21-A194-D1EC6AEABFC7}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{06606746-5017-4B7A-8CEC-CAD576001D52}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{06F605AE-307B-4627-A793-CCAD3A43B13F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{0E5BAA0D-629D-4595-8B1B-309CA106825D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{12B65F8F-AD5C-413C-AA8B-5FBB0C7E21F0}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{1674B9F3-104F-4EAB-9727-039B7E5A570D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1940529E-3F1B-483F-9446-996941E858E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1C344180-C0B8-48BB-BA3F-0AE00A5C0D34}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{33CD512E-972C-4C30-B6A9-CC8E8175CBAB}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{3CBD6CBE-4199-4A0B-A489-51B060FEAAB1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3F6DD851-36BF-47C6-BADE-55D36963F421}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{4CB916ED-1819-45D0-8EFB-33656EB9CF24}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{571CC9B2-B896-4205-8C0D-E80DF296D971}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{57DE2FED-C584-47B3-8755-F9B5039997C8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{61BD60E1-ED29-4E33-A3CD-CDA5420EE25D}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{6765A731-7631-44F7-B2B2-8D0FFEF233F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{684EBB2C-10F5-4CC2-B1AA-92741363D3F8}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{6C56A75A-3E9B-4B52-B5B7-28DA0875F8A1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6DE5E33A-EB2E-48D3-AAD5-7964140344CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6DF2A5E9-7CC3-42F8-979A-CCA8A4739BB7}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{73355977-04DA-45E0-8052-331BC9F83980}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"{755F5F6F-C0B0-4124-AF91-2C6B5C9D8265}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{83F596B5-139D-44DF-8F60-098F1209D0DE}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | 
"{8EF3FB4C-63F3-4020-83C2-2F794F723D87}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{94678229-5BB6-42A7-A656-447FD0183897}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{9A3C2A82-09E1-446A-A121-4A698E77DA20}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9AD81074-E6D5-4362-888A-263E8F4DA830}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{9B0F9D53-7296-44B6-8599-5394D9C62FA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9B9764AC-106B-4E40-B40D-1205F433E360}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9D7712CD-4FA1-4055-8E95-6F0847C946F1}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"{A0DA9564-5EB7-4324-A39C-509341BE0922}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | 
"{A1759E21-AC9E-4E2D-823A-35EA38AA0A53}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{A6DEA0B6-E74D-438F-9426-6E6C61E1FB81}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A7B09C54-1BFB-4173-B1C4-07406E4426EA}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | 
"{AFB7EA84-2DCF-4A4D-8DBA-94A904AFCDE3}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{B6CFA2D7-3C50-4692-8AC3-8FF5FBA137C1}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{B8E3E42F-D38F-4311-AE81-CC0F3FF0A8C7}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{BD4BD023-8CF4-4BAD-B023-66C0BA0E4D86}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CD7A4664-6357-4B7D-8CAD-7F9AE5B88956}" = protocol=6 | dir=out | app=system | 
"{DEB057F7-59EC-457D-8597-7FCF82A5F144}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E2367E92-4F15-496C-8CE5-CE697B658E52}" = protocol=17 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe | 
"{F9B80E7C-B8A2-49D8-9BD8-77C0F927753C}" = protocol=6 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe | 
"TCP Query User{04FBDA94-EC3E-4BDC-AD10-6C9883C062C4}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe | 
"TCP Query User{18B61E96-FF91-45A3-A77E-5621D7DF8AAD}C:\program files\nettvplayer2.0\nettvplayer2.exe" = protocol=6 | dir=in | app=c:\program files\nettvplayer2.0\nettvplayer2.exe | 
"TCP Query User{2370EDE3-3E2B-4BA1-87F2-0C36EB1B6E8F}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe | 
"TCP Query User{2D3B92DD-8837-445F-862B-8233061062C8}C:\program files\logitech touch mouse server\itouch-server-win.exe" = protocol=6 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe | 
"TCP Query User{3AC685CC-1D07-4EBA-8049-E3835367637F}C:\program files\nettvplayer2.0\nettvplayer2.exe" = protocol=6 | dir=in | app=c:\program files\nettvplayer2.0\nettvplayer2.exe | 
"TCP Query User{4D50FB74-6C57-49CF-835D-9886B5512789}C:\program files\nettvplus player\nettvplayer.exe" = protocol=6 | dir=in | app=c:\program files\nettvplus player\nettvplayer.exe | 
"TCP Query User{4FAED1B1-413E-464C-95E2-3670486EEA87}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{574695E2-5C81-4270-9A4E-4E88B95C9940}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"TCP Query User{5B540635-897C-407C-993F-0A65AE853283}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{6FD2C160-CCC4-4949-914A-937E6E4AA1A8}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"TCP Query User{74EBA47E-B8F0-41C3-AC72-9212E7F0F0E0}C:\program files\nettvplayer2.3\nettvplayer.exe" = protocol=6 | dir=in | app=c:\program files\nettvplayer2.3\nettvplayer.exe | 
"TCP Query User{74FC108D-72A7-4ADA-A5E2-3149E939E56C}C:\program files\nettvprofessional\nettvprofessional.exe" = protocol=6 | dir=in | app=c:\program files\nettvprofessional\nettvprofessional.exe | 
"TCP Query User{7B695F63-9FC6-4166-88F6-7EE023CF3933}C:\program files\java\jre6\launch4j-tmp\stanza.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\stanza.exe | 
"TCP Query User{7CF3B2F1-7E2B-4B52-A79E-78CC57AB225B}C:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe | 
"TCP Query User{81FF4FE0-05AA-4C91-A67F-5E2E455DDE0D}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{9802FA07-18B1-4412-8B61-8DC950744FA1}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{9C217352-A874-4EC4-A138-1AEDBF32D428}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{A9E6BD7C-7075-4E7B-9BDF-2DFAF4E2BB7C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{AF02D250-C1A3-4DFA-BD22-40C554F3002D}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"TCP Query User{B542DB12-CBD8-4CF8-B477-FCF7205BF387}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"TCP Query User{BBDB77A0-F5D3-445D-B8CD-B3F688914D82}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{C53CD2F9-37BD-4786-9173-80D417867BFD}C:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe" = protocol=6 | dir=in | app=c:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe | 
"TCP Query User{C9775856-051B-4E20-85C4-4CC9D8836B7C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{D02F931A-F6A9-4A10-8876-E40E7BDE1596}C:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe" = protocol=6 | dir=in | app=c:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe | 
"TCP Query User{D94A8C66-9AA9-4C73-B025-8BDF5639F9AC}C:\program files\readon technology\readon tv movie radio player 5.8.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 5.8.0.0\internettv.exe | 
"TCP Query User{E18343ED-939E-4669-9937-3A65082CB5A6}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"TCP Query User{E44EE076-2691-4163-98C0-0A119B04C8F4}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{E8A30833-99F5-41E0-B550-6DD758509E08}C:\program files\nettvplus player\nettvplayer.exe" = protocol=6 | dir=in | app=c:\program files\nettvplus player\nettvplayer.exe | 
"TCP Query User{EB8D315A-884D-4A8E-B7E9-C50200AEF7B4}C:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe | 
"TCP Query User{ECB7C364-F38F-456D-A8B4-80479C88CB54}C:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe | 
"TCP Query User{EE025B23-0FF2-4288-A527-A71A4FD6D92A}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe | 
"TCP Query User{F011AC76-6CB8-4C0E-BCCC-037F34EA3A1A}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | 
"TCP Query User{F081D106-A84A-4941-911A-F25990A21F54}C:\windows\system32\presentationhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\presentationhost.exe | 
"TCP Query User{F712B617-731B-464B-B939-6375A05839DF}C:\users\drago\desktop\seda_tv.exe" = protocol=6 | dir=in | app=c:\users\drago\desktop\seda_tv.exe | 
"TCP Query User{FB207454-5F85-4C25-A7EF-C2FFB102BED3}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{0A41D6D7-CE29-46E4-BF1F-B550F2FD3483}C:\program files\nettvprofessional\nettvprofessional.exe" = protocol=17 | dir=in | app=c:\program files\nettvprofessional\nettvprofessional.exe | 
"UDP Query User{0F9A843A-8C6F-49E7-86FA-E4C015D80A42}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe | 
"UDP Query User{1784467E-4375-4301-8242-46BE7C042442}C:\program files\nettvplus player\nettvplayer.exe" = protocol=17 | dir=in | app=c:\program files\nettvplus player\nettvplayer.exe | 
"UDP Query User{18817525-D242-4EEF-9F28-842FC871DCC6}C:\program files\nettvplayer 2.0\nettvplayer2.exe" = protocol=17 | dir=in | app=c:\program files\nettvplayer 2.0\nettvplayer2.exe | 
"UDP Query User{195ED9EA-11A5-4196-A1DA-9E416BFA1599}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{29C4FA40-9313-41AF-85B1-9B54E2BCB8EE}C:\program files\logitech touch mouse server\itouch-server-win.exe" = protocol=17 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe | 
"UDP Query User{2CD882BA-243C-489C-9BFF-0E0E2B4950E7}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"UDP Query User{322DC170-2384-4AC1-8ACE-51A530551EE9}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe | 
"UDP Query User{33207998-6D33-4D96-AF91-A6BF1DA06615}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{3A589051-884E-4D4A-AB07-F6B693672939}C:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe | 
"UDP Query User{3E66C266-437D-4004-9F26-7815B5738DD5}C:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe | 
"UDP Query User{461F93AF-1790-4CC3-BE67-2462592A6F6C}C:\users\drago\desktop\seda_tv.exe" = protocol=17 | dir=in | app=c:\users\drago\desktop\seda_tv.exe | 
"UDP Query User{4A85EC0C-CBAB-42CD-9E02-8EB5715360C3}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"UDP Query User{4B35DDBC-4049-421C-826E-D85D7E093693}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{5186BBA3-D172-4F46-BF40-387F029935F6}C:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe" = protocol=17 | dir=in | app=c:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe | 
"UDP Query User{530745DB-5620-4BA4-B722-43B356E9E72A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{595D97E0-16DA-4363-B53B-FD52E44525E8}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe | 
"UDP Query User{66C43968-32A5-456A-A12F-78FB1167A8D8}C:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe" = protocol=17 | dir=in | app=c:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe | 
"UDP Query User{67A95FE6-6C38-413E-BBE7-9F40E53F5471}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"UDP Query User{6DE9EA47-AC35-41FF-8E5D-DB166B7A08B3}C:\program files\nettvplayer2.0\nettvplayer2.exe" = protocol=17 | dir=in | app=c:\program files\nettvplayer2.0\nettvplayer2.exe | 
"UDP Query User{8130C873-7A52-49FC-8659-6529FFA97446}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{836197AD-1878-4AC2-AA33-E6D54EB69013}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | 
"UDP Query User{91357C67-1753-49C8-9E0E-9F186A243E96}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"UDP Query User{943C336B-1B8A-4003-8338-E9A7A4AC8F48}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{A282316C-B565-4C3E-9D3B-B5AA79F5F42C}C:\program files\nettvplus player\nettvplayer.exe" = protocol=17 | dir=in | app=c:\program files\nettvplus player\nettvplayer.exe | 
"UDP Query User{AB7610FA-3347-4C6E-974E-5F384CC07B60}C:\program files\java\jre6\launch4j-tmp\stanza.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\stanza.exe | 
"UDP Query User{AD08CE9A-A3B5-4136-A500-A8980D94C2C1}C:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe | 
"UDP Query User{B7DA8ABA-E89D-4843-9D46-BBDF327A425C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{BA280D9A-BF37-4805-A29C-07B958276B3E}C:\program files\nettvplayer2.0\nettvplayer2.exe" = protocol=17 | dir=in | app=c:\program files\nettvplayer2.0\nettvplayer2.exe | 
"UDP Query User{BA7DE283-C878-4437-BF35-DCB6908FA421}C:\program files\nettvplayer2.3\nettvplayer.exe" = protocol=17 | dir=in | app=c:\program files\nettvplayer2.3\nettvplayer.exe | 
"UDP Query User{C5F49F09-63EE-4E8F-B64E-FC8297A9C172}C:\windows\system32\presentationhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\presentationhost.exe | 
"UDP Query User{CE206DA3-D0B8-4FDA-9CDD-01BF5B652608}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{F215BA48-A334-4C72-B350-4348B443BC1A}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{F48515B5-75A2-42DD-BABC-CEFF5A90AFFF}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{FA2816A8-1AE9-4E02-A630-E2FC7F58EDC3}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{FF619F4F-929F-46E0-8D4B-00824A4F37EA}C:\program files\readon technology\readon tv movie radio player 5.8.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 5.8.0.0\internettv.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06223EA1-8977-4A44-B2AB-30FD78B7DCC1}" = CCC Help Thai
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0B156D28-C8C5-44C3-A57E-7B3EF4AF7FB8}_is1" = Alextv 2.2.6
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0CF37D58-38A8-E03F-8DD8-B01B55C09615}" = CCC Help English
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20CCA435-1465-4567-885C-4A0AFCD0EB05}" = F2100_Help
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27349465-3521-8214-5311-286D806C86C3}" = CCC Help Dutch
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{32762866-8C6E-437E-1E79-4506FEB7323A}" = Catalyst Control Center Graphics Full Existing
"{34AFE453-F544-4269-89C9-CAB7F0744963}" = Nuance OmniPage 17
"{37FD2F04-EC91-41AE-B5AB-AFF904BF20EE}" = Mobile Broadband Drivers
"{3AB2F8DF-F905-44F9-8003-C81FEE95BC2B}" = Communication Center
"{3CAF2B2D-0DA3-7BD6-6701-E3D71992DB78}" = Catalyst Control Center Localization All
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{4324E4DD-C67C-A413-5C12-5DC694A99AF6}" = ATI Catalyst Install Manager
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{45633D5F-76CE-B1D7-325B-A3F329AA99DB}" = Catalyst Control Center InstallProxy
"{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}" = SPSS Statistics 17.0
"{4786E500-4FA0-C30F-D4E8-0E3D70D86227}" = CCC Help Swedish
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F147AEF-790D-DBE2-5830-94D90C02AC24}" = Catalyst Control Center Graphics Full New
"{50D69C54-6963-49A6-B762-A9FF8F56AF0F}" = Brockhaus multimedial 2009
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5985DD7D-67F4-DD15-8589-B3F43C4A111D}" = CCC Help Chinese Traditional
"{5D264375-3E92-7D10-F219-3536F5BAE7BA}" = CCC Help Japanese
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5F98C4EE-879F-232C-3F44-0BBFAB6A29D4}" = CCC Help Polish
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61F8A9EC-5CB4-0001-FF88-C469156BA14C}" = CCC Help German
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67830C2E-0345-7CE7-3829-8AB3D34E3AEB}" = CCC Help Turkish
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9B4C2D-E651-6DD7-EC1D-AF331F250AB8}" = ccc-core-static
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}" = SPSS 15.0 für Windows [Auswertung Version]
"{6DEEDB89-D449-B985-4E0E-91D45AF66DFF}" = CCC Help Spanish
"{70312451-0D00-4A84-B9B1-0D59B5180A4F}" = Opera 10.53
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{716E5774-DD70-4A16-82AD-6341D5D37E4C}" = Readon TV Movie Radio Player 6.2.0.0
"{71702641-2849-45A4-8E62-4B85974B24A0}_is1" = BumpTop
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7513A376-16F0-7E53-5CA1-7DA10A6216BC}" = CCC Help Danish
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7C30283C-8DC7-4FBB-805E-52BEA5F580E8}" = Toshiba TEMPRO
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{811EF3A7-0861-0B8F-5432-3052E8230DC0}" = Catalyst Control Center Graphics Light
"{8259E348-50E8-A3C8-52B8-699DFDD31BA8}" = CCC Help Finnish
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{85E4952C-8C85-A58D-B9D9-783D1FADB775}" = Skins
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}" = EndNote X1
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8921F4ED-A696-D629-45E6-45A43A0F4FF0}" = CCC Help Czech
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{989112B0-74DB-4A40-932F-580049CD0B97}" = Visual Basic for Applications (R) Core - German
"{98C70B57-4930-7088-22F4-93FC196938D0}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6137721-B2D0-1DAF-0B19-12AB0D065C45}" = Catalyst Control Center Core Implementation
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC1A4255-0EC8-585B-2D1A-8306C07F2B91}" = CCC Help Hungarian
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AEE65D6C-EDF4-B3E1-00CD-B17A6FC6BC6A}" = CCC Help Italian
"{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}" = CorelDRAW Graphics Suite X4 - Lang DE
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9F119C0-6886-A250-BF18-3ABEAA26F6A5}" = CCC Help Korean
"{BB3B4056-4539-485E-A996-3B52480AA4B7}" = GT HSDPA driver installer
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DB64C016-1705-36E9-1AEA-C2D4738BDE9A}" = CCC Help Norwegian
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{DE2E45A2-31B1-7D26-2701-B1244763DE10}" = CCC Help Portuguese
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E16087F4-3CE3-B644-A5F5-503F55F34CC0}" = CCC Help Russian
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E4FD13E2-1638-A5B8-E28A-54D39F13D747}" = Catalyst Control Center Graphics Previews Vista
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{E9598E78-C39A-4FAB-A8C9-2F5F915A3852}" = TOSHIBA TV Tuner
"{E9E5845E-C2E1-4D8D-A2E1-46E6F7F68C68}" = Befree4iPhone
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0E4A500-34B5-E8B7-FC2C-3726A0577AAD}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F34009E9-6EA5-F0D2-4D7D-A9CE421908B6}" = CCC Help Greek
"{F69114BE-EFDC-C756-1B38-ABD1E4873113}" = ccc-utility
"{F6F90406-4726-4559-B6F7-3A96529CDD45}" = F2100
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}" = HDMI Control Manager
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}" = TOSHIBA Remote Control Manager
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"2F91FC44350477C3D31ADE03728FF7F1B1B9E493" = ENE CIR Receiver Driver
"630F35D9C4C7F7F8BA4429CDB68D368E926D33B3" = Windows-Treiberpaket - TOSHIBA (mod7700) Media  (08/12/2008 2.3.3.24)
"AAA Logo 2008_is1" = AAA Logo 2008 2.10
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AllDup_is1" = AllDup 2.1.10
"Any Video Converter_is1" = Any Video Converter 3.0.3
"AnyDVD" = AnyDVD
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"[url="http://www.ccleaner.de"]CCleaner[/url]" = [url="http://www.ccleaner.de"]CCleaner[/url]
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CloneDVDmobile" = CloneDVDmobile
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"DiskAid_is1" = DiskAid 3.0
"FlashGet" = FlashGet 1.9.6.1073
"FreePDF_XP" = FreePDF (Remove only)
"FTP Commander" = FTP Commander
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HPOCR" = HP OCR Software 8.0
"iLyrics_is1" = iLyrics 1.1.1.2 BETA
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper
"JDownloader" = JDownloader
"KaraFun_is1" = KaraFun 1.18
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Full)
"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
"Logo Design Studio Pro 3.5.2" = Logo Design Studio Pro
"Magic NetTrace_is1" = Magic NetTrace 3.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"MediaMonkey_is1" = MediaMonkey 3.2
"Meine CEWE FOTOWELT" = Meine CEWE FOTOWELT
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"Mp3tag" = Mp3tag v2.44
"NetTVPlayer" = NetTVPlayer
"Novatel_V20025Installer" = Novatel driver package V2.00.25
"OptionPCCardInstaller" = Option Fusion Card driver, Ricola v 2.0.0.0
"OptionPluss_PCCardInstaller" = Option Fusion+ Card driver, Nozomi v 2.1.1.112
"Picasa2" = Picasa 2
"PokerStars.net" = PokerStars.net
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.1.95
"RealPlayer 12.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Revo Uninstaller" = Revo Uninstaller 1.89
"sfArk" = sfArk
"ShockwaveFlash" = Macromedia Flash Player 8
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 5" = TeamViewer 5
"tvbrowser" = TV-Browser 2.7.4
"TVUPlayer" = TVUPlayer 2.4.9.1
"UltraStar" = UltraStar 0.7.1
"Unlocker" = Unlocker 1.8.8
"URLSnooper 2_is1" = URL Snooper v2.20.02
"Veetle TV" = Veetle TV 0.9.17
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.0.2
"VMidi" = vanBasco's Karaoke Player
"Web Media for Vista_is1" = Web Media for Vista
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"Winamp" = Winamp
"Winamp Essentials Pack" = Winamp Essentials Pack
"Winamp Offizielle Deutsche Sprachdatei" = Winamp Offizielle Deutsche Sprachdatei v5.56
"WinPcapInst" = WinPcap 4.1 beta
"WinRAR archiver" = WinRAR
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NetTVProfessional" = NetTVProfessional
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 05.07.2010 09:51:19 | Computer Name = Drago-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2122
 
Error - 05.07.2010 09:51:19 | Computer Name = Drago-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2122
 
Error - 05.07.2010 21:00:00 | Computer Name = Drago-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 05.07.2010 21:00:00 | Computer Name = Drago-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 40123692
 
Error - 05.07.2010 21:00:00 | Computer Name = Drago-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 40123692
 
Error - 05.07.2010 21:00:03 | Computer Name = Drago-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 05.07.2010 21:00:03 | Computer Name = Drago-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 40126032
 
Error - 05.07.2010 21:00:03 | Computer Name = Drago-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 40126032
 
Error - 05.07.2010 21:37:41 | Computer Name = Drago-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 05.07.2010 21:37:42 | Computer Name = Drago-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
[ Media Center Events ]
Error - 11.06.2010 02:13:33 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (2244.1128)
 
Error - 11.06.2010 02:13:33 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (2244.1129)
 
Error - 02.07.2010 02:15:31 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (4928.1128)
 
Error - 02.07.2010 02:15:31 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (4928.1129)
 
Error - 02.07.2010 03:15:36 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (3880.1128)
 
Error - 02.07.2010 03:15:36 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (3880.1129)
 
Error - 02.07.2010 04:15:41 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (5200.1128)
 
Error - 02.07.2010 04:15:41 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (5200.1129)
 
Error - 02.07.2010 05:15:46 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (5868.1128)
 
Error - 02.07.2010 05:15:46 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (5868.1129)
 
[ System Events ]
Error - 28.01.2010 09:10:46 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X SD/MMC Host Controller" (PCI\VEN_197B&DEV_2382&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&00E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 09:10:46 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X SD Host Controller" (PCI\VEN_197B&DEV_2381&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&02E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 09:10:46 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X MS Host Controller" (PCI\VEN_197B&DEV_2383&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&03E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 09:10:46 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X xD Host Controller" (PCI\VEN_197B&DEV_2384&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&04E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 10:28:00 | Computer Name = Drago-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 28.01.2010 10:31:14 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X SD/MMC Host Controller" (PCI\VEN_197B&DEV_2382&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&00E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 10:31:14 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X SD Host Controller" (PCI\VEN_197B&DEV_2381&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&02E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 10:31:14 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X MS Host Controller" (PCI\VEN_197B&DEV_2383&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&03E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 10:31:14 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X xD Host Controller" (PCI\VEN_197B&DEV_2384&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&04E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 11:23:43 | Computer Name = Drago-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

Code

OTL logfile created on: 13.07.2010 08:37:44 - Run 3
OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\Drago\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 57,42 Gb Free Space | 30,82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 184,84 Gb Total Space | 102,58 Gb Free Space | 55,50% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DRAGO-PC
Current User Name: Drago
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010.07.12 20:52:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Drago\Desktop\OTL.exe
PRC - [2010.06.28 14:41:36 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.06.15 16:33:40 | 010,358,072 | ---- | M] (Apple Inc.) -- C:\Programme\iTunes\iTunes.exe
PRC - [2010.06.10 21:18:20 | 000,019,760 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
PRC - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.06.03 13:45:42 | 000,012,592 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Apple Application Support\distnoted.exe
PRC - [2010.05.04 08:00:35 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2010.01.12 16:57:44 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009.10.29 23:25:54 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.10.23 23:59:56 | 000,228,352 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe
PRC - [2009.09.05 18:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.04.24 11:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TECO\TecoService.exe
PRC - [2009.04.23 20:01:24 | 001,011,712 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009.04.21 22:07:32 | 000,303,104 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.04.21 22:07:04 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.04.16 18:42:58 | 000,020,544 | ---- | M] (TOSHIBA) -- C:\Programme\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe
PRC - [2009.04.15 17:04:02 | 000,570,736 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TPHM\TPCHWMsg.exe
PRC - [2009.04.15 17:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TPHM\TPCHSrv.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.04.07 17:15:58 | 000,811,008 | ---- | M] (TOSHIBA Corporation.) -- C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2009.04.01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009.03.31 10:33:52 | 000,503,808 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\SmoothView\SmoothView.exe
PRC - [2009.03.30 18:03:56 | 007,289,376 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009.03.30 16:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2009.03.27 21:40:46 | 000,252,288 | ---- | M] (TOSHIBA) -- C:\Programme\Toshiba\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
PRC - [2009.03.23 14:30:36 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\TemproSvc.exe
PRC - [2009.03.23 11:50:40 | 000,729,088 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\FlashCards\TCrdMain.exe
PRC - [2009.03.17 14:36:12 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2009.03.17 11:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009.03.06 18:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2009.03.06 18:29:04 | 000,468,320 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Power Saver\TPwrMain.exe
PRC - [2009.03.02 14:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.01.26 13:58:42 | 000,700,416 | ---- | M] (TOSHIBA Corporation.) -- C:\Programme\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
PRC - [2009.01.13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\Utilities\KeNotify.exe
PRC - [2008.11.26 19:26:48 | 000,701,752 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TRCMan\TRCMan.exe
PRC - [2008.09.16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008.09.15 14:06:00 | 000,552,248 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\ThpSrv.exe
PRC - [2008.06.11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.03.29 10:16:44 | 000,499,712 | ---- | M] () -- C:\Programme\T-Mobile\Communication Center\AutoUpdateSrv.exe
PRC - [2007.02.09 14:48:26 | 000,176,128 | ---- | M] (OptionNV) -- C:\Programme\Common Files\GtFlashSwitch\GtFlashSwitch.exe
PRC - [2007.01.09 17:11:20 | 000,118,784 | ---- | M] (OptionNV) -- C:\Windows\System32\Gtdetectsc.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010.07.12 20:52:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Drago\Desktop\OTL.exe
MOD - [2009.04.11 08:21:38 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006.11.02 11:46:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2010.06.10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.01.12 16:57:44 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.10.26 01:43:34 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.04.24 11:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009.04.21 22:07:04 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.04.16 18:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009.04.15 17:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009.04.01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.03.30 16:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009.03.23 14:30:36 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009.03.17 14:36:12 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.03.17 11:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009.03.06 18:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009.02.11 13:05:16 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008.09.16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008.09.15 14:06:00 | 000,552,248 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\ThpSrv.exe -- (Thpsrv)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.06.21 22:55:52 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007.02.09 14:48:26 | 000,176,128 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe -- (GtFlashSwitch)
SRV - [2007.01.09 17:11:20 | 000,118,784 | ---- | M] (OptionNV) [Auto | Running] -- C:\Windows\System32\Gtdetectsc.exe -- (gtdetectsc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | System | Stopped] -- C:\Users\Drago\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS -- (SASKUTIL)
DRV - File not found [Kernel | System | Stopped] -- C:\Users\Drago\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009.12.08 04:03:03 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.10.27 13:33:17 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.11 11:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.24 14:29:28 | 000,163,840 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.04.21 23:30:14 | 004,491,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.04.09 14:38:30 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2009.04.09 14:38:30 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2009.04.08 16:36:36 | 000,114,528 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009.03.30 17:13:42 | 002,350,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.03.30 11:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.03.25 17:23:30 | 000,030,272 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\thpdrv.sys -- (Thpdrv)
DRV - [2009.03.20 23:29:18 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2009.03.20 16:37:42 | 000,208,688 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009.03.18 11:44:54 | 000,022,272 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009.02.17 19:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009.02.13 13:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.02.11 17:11:50 | 000,329,752 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009.01.27 19:12:14 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008.12.30 12:18:50 | 000,057,856 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008.12.18 14:23:49 | 000,103,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008.11.17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.11.11 18:29:42 | 000,154,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.08.13 11:30:06 | 000,443,136 | ---- | M] (DiBcom) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700)
DRV - [2008.05.07 11:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2008.04.29 01:56:00 | 000,011,264 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecirhid.sys -- (enecirhid)
DRV - [2008.04.25 09:16:00 | 000,005,632 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecirhidma.sys -- (enecirhidma)
DRV - [2008.01.21 04:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008.01.14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007.12.14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.09.04 10:30:24 | 000,013,336 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Thpevm.SYS -- (Thpevm)
DRV - [2007.06.21 22:55:52 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2007.02.16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006.11.07 10:32:32 | 000,158,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2004.05.17 15:04:16 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.08
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.28 14:41:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.12 23:08:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010.06.14 23:43:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.06.21 23:22:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.06.16 20:31:54 | 000,000,000 | ---D | M]
 
[2010.06.21 23:22:47 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\mozilla\Extensions
[2010.06.21 23:22:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Drago\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.06.07 17:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Drago\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2010.07.12 23:24:15 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\mozilla\Firefox\Profiles\ct7w40o0.default\extensions
[2010.01.03 23:06:36 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Drago\AppData\Roaming\mozilla\Firefox\Profiles\ct7w40o0.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009.11.05 23:40:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Drago\AppData\Roaming\mozilla\Firefox\Profiles\ct7w40o0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.07 17:44:17 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\mozilla\Sunbird\Profiles\dpmjhbhk.default\extensions
[2010.06.07 17:44:17 | 000,000,000 | ---D | M] (Provider for Google Calendar) -- C:\Users\Drago\AppData\Roaming\mozilla\Sunbird\Profiles\dpmjhbhk.default\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}
[2010.07.12 23:24:14 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.07.12 23:08:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.07.12 23:07:53 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.14 17:24:20 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.14 17:24:20 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.14 17:24:21 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.14 17:24:21 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.14 17:24:21 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.01.28 17:38:30 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll (www.flashget.com)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Programme\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Programme\Toshiba\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance OmniPage 17-reminder] C:\Program Files\Nuance\OmniPage17\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ThpSrv] C:\Windows\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPCHWMsg] C:\Programme\Toshiba\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TRCMan] C:\Programme\Toshiba\TRCMan\TRCMan.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Programme\Toshiba\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [{D1EB6125-9558-01EE-B723-E5F7A964780A}] C:\Users\Drago\AppData\Roaming\Alur\xiyvi.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Drago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk = C:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Programme\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Mit FlashGet laden - C:\Programme\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} -  File not found
O9 - Extra Button: Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Programme\Magic NetTrace\MTIE.exe (TialSoft software)
O9 - Extra 'Tools' menuitem : &Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Programme\Magic NetTrace\MTIE.exe (TialSoft software)
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: btopenzone.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: t-mobile.net ([hotspot] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\System32\acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: compperf - (C:\Windows\system32\doskdiag.dll) - C:\Windows\System32\doskdiag.dll File not found
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010.07.12 23:29:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.12 23:29:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.12 23:29:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.12 23:29:01 | 006,153,352 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Drago\Desktop\mbam-setup-1.46.exe
[2010.07.12 23:12:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.07.12 23:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.07.12 23:09:04 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.07.12 23:08:08 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.07.12 23:08:08 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.07.12 23:08:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.07.12 23:08:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.07.12 22:18:40 | 000,000,000 | ---D | C] -- C:\Users\Drago\AppData\Roaming\SUPERAntiSpyware.com
[2010.07.12 22:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.07.12 20:53:20 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Virus neu
[2010.07.12 20:52:20 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Drago\Desktop\OTL.exe
[2010.07.08 23:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Recisio
[2010.07.08 23:41:56 | 000,000,000 | ---D | C] -- C:\Programme\KaraFun
[2010.07.08 23:41:31 | 005,063,603 | ---- | C] (Recisio                                                     ) -- C:\Users\Drago\Desktop\karafun_118.exe
[2010.07.08 23:24:18 | 000,000,000 | ---D | C] -- C:\Programme\UltraStar
[2010.07.08 23:03:36 | 000,000,000 | ---D | C] -- C:\Programme\vanBasco's Karaoke Player
[2010.07.08 09:23:10 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\WGV Kfz-Versicherung
[2010.07.05 15:12:40 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\ExistPrimeCup
[2010.06.28 12:56:49 | 000,000,000 | ---D | C] -- C:\Programme\sfArk
[2010.06.28 12:06:01 | 000,000,000 | ---D | C] -- C:\timidity
[2010.06.28 12:03:26 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\sound midi
[2010.06.26 16:02:26 | 000,000,000 | ---D | C] -- C:\Programme\NetTVPlayer
[2010.06.26 13:36:35 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\karaoke pjesme
[2010.06.24 22:54:22 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.24 22:54:22 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.24 22:54:22 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.24 21:08:32 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Präsi
[2010.06.22 22:55:50 | 000,000,000 | ---D | C] -- C:\Programme\Alextv
[2010.06.21 21:13:21 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.06.21 21:13:19 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.06.21 21:09:41 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.06.18 22:07:59 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\MOBILE_MP4
[2010.06.18 20:56:41 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Neuer Ordner
[2010.06.14 23:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010.07.13 08:39:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.13 08:37:38 | 005,242,880 | -HS- | M] () -- C:\Users\Drago\NTUSER.DAT
[2010.07.13 07:17:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.13 07:17:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.13 00:28:49 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.07.12 23:39:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.12 23:29:54 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.12 23:29:04 | 006,153,352 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Drago\Desktop\mbam-setup-1.46.exe
[2010.07.12 23:17:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.12 23:17:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.12 23:16:31 | 000,524,288 | -HS- | M] () -- C:\Users\Drago\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.07.12 23:16:31 | 000,065,536 | -HS- | M] () -- C:\Users\Drago\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.07.12 23:07:53 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.07.12 23:07:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.07.12 23:07:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.07.12 23:07:52 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.07.12 22:44:29 | 004,170,669 | -H-- | M] () -- C:\Users\Drago\AppData\Local\IconCache.db
[2010.07.12 21:17:58 | 292,309,254 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.07.12 20:52:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Drago\Desktop\OTL.exe
[2010.07.12 12:43:45 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.12 12:43:45 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.12 12:43:45 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.12 12:43:45 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.12 12:43:45 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.09 19:28:43 | 000,001,356 | ---- | M] () -- C:\Users\Drago\AppData\Local\d3d9caps.dat
[2010.07.08 23:41:58 | 000,001,621 | ---- | M] () -- C:\Users\Drago\Desktop\KaraFun Editor.lnk
[2010.07.08 23:41:58 | 000,000,743 | ---- | M] () -- C:\Users\Drago\Desktop\KaraFun.lnk
[2010.07.08 23:41:38 | 005,063,603 | ---- | M] (Recisio                                                     ) -- C:\Users\Drago\Desktop\karafun_118.exe
[2010.07.08 23:41:20 | 000,262,952 | ---- | M] () -- C:\Users\Drago\Documents\SoftonicDownloader36854.exe
[2010.07.08 23:36:11 | 000,000,561 | ---- | M] () -- C:\Windows\timidity.cfg
[2010.07.08 23:36:11 | 000,000,218 | ---- | M] () -- C:\Users\Drago\.recently-used.xbel
[2010.07.08 23:23:41 | 000,262,952 | ---- | M] () -- C:\Users\Drago\Documents\SoftonicDownloader57983.exe
[2010.07.08 23:03:37 | 000,000,875 | ---- | M] () -- C:\Users\Drago\Desktop\vanBasco's Karaoke Player.lnk
[2010.07.08 22:59:58 | 000,884,736 | ---- | M] () -- C:\Users\Drago\Desktop\vkaraoke.exe
[2010.07.08 22:54:51 | 000,058,880 | ---- | M] (Putzlowitsch) -- C:\Windows\System32\PLWMidiMap.cpl
[2010.07.08 22:53:31 | 000,027,322 | ---- | M] () -- C:\Users\Drago\Desktop\plw-vista-midi-mapper_0_93.zip
[2010.07.04 18:48:41 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.01 18:34:27 | 000,133,208 | ---- | M] () -- C:\Users\Drago\AppData\Roaming\GDIPFONTCACHEV1.DAT
[2010.06.30 09:51:22 | 000,641,536 | ---- | M] () -- C:\Users\Drago\Desktop\TN_RK_AbrFormular_ProCup-Leipzig.xls
[2010.06.28 22:32:39 | 000,026,624 | ---- | M] () -- C:\Users\Drago\Documents\Panini WM 2010 doppel.xls
[2010.06.28 21:55:43 | 000,027,136 | ---- | M] () -- C:\Users\Drago\Documents\Panini WM 2010.xls
[2010.06.28 12:06:07 | 000,000,069 | ---- | M] () -- C:\Windows\timidity.cfg.bak
[2010.06.28 10:58:15 | 000,133,208 | ---- | M] () -- C:\Users\Drago\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.28 10:56:25 | 000,426,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.26 16:02:46 | 000,000,845 | ---- | M] () -- C:\Users\Public\Desktop\Net TV Player.lnk
[2010.06.25 10:25:36 | 000,000,809 | ---- | M] () -- C:\Users\Drago\Desktop\[url="http://www.ccleaner.de"]CCleaner[/url].lnk
[2010.06.25 09:46:30 | 000,001,062 | ---- | M] () -- C:\Users\Drago\Desktop\Revo Uninstaller.lnk
[2010.06.22 20:15:07 | 024,241,197 | ---- | M] () -- C:\Users\Drago\Desktop\NetTVPretrazivac2.4.exe
[2010.06.18 22:21:38 | 000,134,144 | ---- | M] () -- C:\Users\Drago\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.18 22:17:40 | 000,025,600 | ---- | M] () -- C:\Users\Drago\Documents\Lieber Ujak.doc
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010.07.12 23:29:54 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.12 21:12:49 | 292,309,254 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.07.08 23:41:58 | 000,001,621 | ---- | C] () -- C:\Users\Drago\Desktop\KaraFun Editor.lnk
[2010.07.08 23:41:58 | 000,000,743 | ---- | C] () -- C:\Users\Drago\Desktop\KaraFun.lnk
[2010.07.08 23:41:19 | 000,262,952 | ---- | C] () -- C:\Users\Drago\Documents\SoftonicDownloader36854.exe
[2010.07.08 23:36:11 | 000,000,218 | ---- | C] () -- C:\Users\Drago\.recently-used.xbel
[2010.07.08 23:23:39 | 000,262,952 | ---- | C] () -- C:\Users\Drago\Documents\SoftonicDownloader57983.exe
[2010.07.08 23:03:37 | 000,000,875 | ---- | C] () -- C:\Users\Drago\Desktop\vanBasco's Karaoke Player.lnk
[2010.07.08 22:59:57 | 000,884,736 | ---- | C] () -- C:\Users\Drago\Desktop\vkaraoke.exe
[2010.07.08 22:53:22 | 000,027,322 | ---- | C] () -- C:\Users\Drago\Desktop\plw-vista-midi-mapper_0_93.zip
[2010.07.01 17:38:50 | 000,641,536 | ---- | C] () -- C:\Users\Drago\Desktop\TN_RK_AbrFormular_ProCup-Leipzig.xls
[2010.06.28 22:32:39 | 000,026,624 | ---- | C] () -- C:\Users\Drago\Documents\Panini WM 2010 doppel.xls
[2010.06.28 21:54:05 | 000,027,136 | ---- | C] () -- C:\Users\Drago\Documents\Panini WM 2010.xls
[2010.06.28 12:55:49 | 000,081,920 | ---- | C] () -- C:\Windows\portaudio.dll
[2010.06.28 12:39:19 | 000,000,063 | ---- | C] () -- C:\Users\Drago\timidity.cfg.txt
[2010.06.28 12:06:07 | 000,000,561 | ---- | C] () -- C:\Windows\timidity.cfg
[2010.06.28 12:06:07 | 000,000,069 | ---- | C] () -- C:\Windows\timidity.cfg.bak
[2010.06.26 16:02:46 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Net TV Player.lnk
[2010.06.25 10:25:36 | 000,000,809 | ---- | C] () -- C:\Users\Drago\Desktop\[url="http://www.ccleaner.de"]CCleaner[/url].lnk
[2010.06.22 22:56:11 | 000,001,504 | ---- | C] () -- C:\Users\Drago\Desktop\FMTuner.lnk
[2010.06.22 20:14:49 | 024,241,197 | ---- | C] () -- C:\Users\Drago\Desktop\NetTVPretrazivac2.4.exe
[2010.06.21 21:14:16 | 000,002,231 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.18 22:17:39 | 000,025,600 | ---- | C] () -- C:\Users\Drago\Documents\Lieber Ujak.doc
[2010.06.16 19:40:23 | 1200,187,908 | ---- | C] () -- C:\Users\Drago\Desktop\Cars.divx
[2010.06.09 23:39:17 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.06.09 23:39:17 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.06.09 23:39:16 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.06.09 23:39:16 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.06.09 23:39:15 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.06.09 23:39:15 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010.05.16 18:22:24 | 000,000,391 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010.02.10 00:31:44 | 000,003,584 | ---- | C] () -- C:\Windows\System32\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.07 16:20:30 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010.01.07 10:42:49 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2010.01.07 10:42:49 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2010.01.07 10:42:49 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2009.11.06 00:41:03 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.11.03 00:14:21 | 000,000,010 | ---- | C] () -- C:\Windows\wininit.ini
[2009.11.02 22:13:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.10.27 13:49:23 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2009.10.27 13:49:23 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2009.10.27 13:45:45 | 000,002,048 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009.10.27 13:33:17 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.10.25 21:48:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.14 22:09:32 | 001,936,528 | ---- | C] () -- C:\Windows\System32\ltmm15.dll
[2009.07.24 11:39:33 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.07.24 11:08:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.06.05 10:43:09 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2009.06.05 08:22:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.01.05 16:44:10 | 000,000,483 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008.09.02 02:32:38 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2007.06.21 22:55:54 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.06 07:49:42 | 000,839,680 | ---- | C] () -- C:\Windows\System32\timiditydrv.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010.05.05 20:35:37 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\adma
[2009.11.16 15:05:18 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Alice Systems
[2010.04.13 19:56:55 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\AllDup
[2010.07.12 23:12:56 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Alur
[2010.03.11 21:57:21 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\AnvSoft
[2010.06.06 22:12:55 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Bump Technologies, Inc
[2009.11.16 14:31:49 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Bytemobile
[2009.10.27 13:42:51 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\DAEMON Tools Lite
[2009.10.27 13:32:58 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\DAEMON Tools Pro
[2010.01.03 21:11:28 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\DC++
[2010.01.30 18:13:56 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\DiskAid
[2010.07.12 11:41:34 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\EndNote
[2010.02.16 19:39:52 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\FlashGet
[2010.02.17 00:16:52 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\foobar2000
[2010.07.12 13:10:05 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\gtk-2.0
[2010.02.20 16:39:32 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Itezba
[2009.10.26 03:20:01 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Jasc
[2010.07.09 19:12:16 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Kigeo
[2010.03.28 23:27:45 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\ManyCam
[2010.01.28 00:15:58 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\MOVAVI
[2010.07.12 13:10:06 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Mp3tag
[2010.02.16 12:55:12 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Music Editor Free
[2010.05.16 16:46:28 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Nuance
[2009.10.25 14:42:13 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\ooVoo Details
[2010.05.31 12:05:31 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Opera
[2010.03.22 23:12:06 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\PPLive
[2010.05.17 09:34:59 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\ScanSoft
[2009.11.06 01:20:32 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\SlySoft
[2010.03.23 00:29:52 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Steinberg
[2010.04.18 20:00:44 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Summitsoft
[2010.02.15 01:04:44 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Sytexis Software
[2010.02.02 20:51:34 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\TeamViewer
[2010.01.10 00:39:49 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Thinstall
[2010.06.21 23:22:32 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Thunderbird
[2009.11.03 01:33:28 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\TOSHIBA
[2009.11.16 14:33:21 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Vodafone
[2010.07.12 23:09:56 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Wyem
[2010.05.16 16:53:31 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Zeon
[2010.07.12 23:16:32 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
< End of report >

13.07.2010, 20:38

Swisstreasure

Moderator

Beiträge: 5694

#4 Und wie läuft das System?

13.07.2010, 21:11

dr.ago

Member

Themenstarter

Beiträge: 60

#5 Die Meldung kommt immer noch in unregelmäßigen abständen. Zumal er mir jetzt irgendwelche Programme von selbst schließt wie z.B. AntiVir und dann nur ne Meldung bringt dass das Programm beendet wird.
Also wie du siehst nicht wirklich geholfen.

13.07.2010, 21:13

Swisstreasure

Moderator

Beiträge: 5694

#6 Lade ComboFix von einem der unten aufgeführten Links herunter. Du musst diese umbenennen, bevor Du es auf den Desktop speicherst. Speichere ComboFix auf deinen Desktop.
• BleepingComputer
• ForoSpyware**NB: Es ist wichtig, das ComboFix.exe auf dem Desktop gespeichert wird**

• Doppel-klicke auf ComboFix.exe und folge den Aufforderungen.
• Wenn ComboFix fertig ist, wird es ein Log für dich erstellen.
• Bitte füge das C:\ComboFix.txt Log in deiner Antwort im Forum bei, so dass wir uns diese analysieren können.

13.07.2010, 22:09

dr.ago

Member

Themenstarter

Beiträge: 60

#7 So, hier ist das Combofix-log anbei...

Danke schon mal

ComboFix 10-07-12.06 - Drago 13.07.2010 21:52:50.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3036.2168 [GMT 2:00]
ausgeführt von:: c:\users\Drago\Desktop\Combo-Fix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Drago\AppData\Roaming\Alur\xiyvi.exe
c:\users\Drago\AppData\Roaming\Itezba
c:\users\Drago\AppData\Roaming\Itezba\ylgio.exe
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\system32\Icons
c:\windows\system32\Icons\microphone.ico
c:\windows\system32\Icons\NetTv.ico
c:\windows\system32\Icons\speaker.ico
c:\windows\system32\Icons\Thumbs.db
c:\windows\system32\Icons\turntable.ico
c:\windows\system32\Icons\vinyl.ico
c:\windows\system32\Icons\vinyl_kiss.ico
c:\windows\system32\Icons\vinyl_metallica.ico
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll
E:\install.exe

.
((((((((((((((((((((((( Dateien erstellt von 2010-06-13 bis 2010-07-13 ))))))))))))))))))))))))))))))
.

2010-07-13 20:03 . 2010-07-13 20:03 -------- d-----w- c:\users\Drago\AppData\Local\temp
2010-07-13 20:03 . 2010-07-13 20:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-07-13 20:03 . 2010-07-13 20:03 -------- d-----w- c:\users\Mcx1-DRAGO-PC\AppData\Local\temp
2010-07-13 20:03 . 2010-07-13 20:03 -------- d-----w- c:\users\Katarina\AppData\Local\temp
2010-07-13 20:03 . 2010-07-13 20:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-13 20:03 . 2010-07-13 20:03 -------- d-----w- c:\users\Birungueta\AppData\Local\temp
2010-07-12 21:29 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-12 21:29 . 2010-07-12 21:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-12 21:29 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-12 21:12 . 2010-07-12 21:12 -------- d-----w- C:\_OTL
2010-07-12 21:09 . 2010-07-12 21:09 -------- d-----w- c:\program files\Common Files\Java
2010-07-12 21:08 . 2010-07-12 21:07 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-12 20:18 . 2010-07-12 20:18 -------- d-----w- c:\users\Drago\AppData\Roaming\SUPERAntiSpyware.com
2010-07-12 20:18 . 2010-07-12 20:18 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-07-08 21:41 . 2010-07-08 21:41 -------- d-----w- c:\program files\KaraFun
2010-07-08 21:41 . 2010-07-08 21:41 -------- d-----w- c:\programdata\Recisio
2010-07-08 21:24 . 2010-07-08 21:25 -------- d-----w- c:\program files\UltraStar
2010-07-08 21:03 . 2010-07-08 21:05 -------- d-----w- c:\program files\vanBasco's Karaoke Player
2010-06-28 10:56 . 2010-06-28 10:56 -------- d-----w- c:\program files\sfArk
2010-06-28 10:55 . 2008-12-05 05:41 81920 ----a-w- c:\windows\portaudio.dll
2010-06-28 10:06 . 2010-07-12 11:10 -------- d-----w- C:\timidity
2010-06-26 14:02 . 2010-06-28 14:31 -------- d-----w- c:\program files\NetTVPlayer
2010-06-24 20:54 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 20:54 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 20:54 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 20:54 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 20:54 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-22 20:55 . 2010-06-22 20:56 -------- d-----w- c:\program files\Alextv
2010-06-21 21:31 . 2009-12-09 15:31 20992 ----a-w- c:\users\Drago\AppData\Roaming\Thunderbird\Profiles\45ev4t9x.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
2010-06-21 19:13 . 2010-06-21 19:13 -------- d-----w- c:\program files\iPod
2010-06-21 19:13 . 2010-06-21 19:14 -------- d-----w- c:\program files\iTunes
2010-06-21 19:09 . 2010-06-21 19:09 -------- d-----w- c:\program files\Bonjour
2010-06-21 19:08 . 2010-06-21 19:08 72504 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-14 21:45 . 2010-06-14 21:46 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-13 19:45 . 2009-10-25 12:36 -------- d-----w- c:\users\Drago\AppData\Roaming\Skype
2010-07-13 17:46 . 2009-10-25 12:37 -------- d-----w- c:\users\Drago\AppData\Roaming\skypePM
2010-07-13 14:28 . 2009-11-04 23:59 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-07-13 14:16 . 2010-02-28 18:32 -------- d-----w- c:\users\Drago\AppData\Roaming\EndNote
2010-07-13 11:41 . 2010-04-20 17:10 -------- d-----w- c:\program files\MSECache
2010-07-13 08:44 . 2009-11-02 19:35 147935 ----a-w- c:\windows\hpoins12.dat
2010-07-12 21:12 . 2009-10-30 23:08 -------- d-----w- c:\users\Drago\AppData\Roaming\Alur
2010-07-12 21:09 . 2009-11-18 20:18 -------- d-----w- c:\users\Drago\AppData\Roaming\Wyem
2010-07-12 11:10 . 2009-10-25 23:44 -------- d-----w- c:\users\Drago\AppData\Roaming\Mp3tag
2010-07-12 11:10 . 2009-12-03 10:13 -------- d-----w- c:\users\Drago\AppData\Roaming\gtk-2.0
2010-07-12 10:43 . 2008-01-21 07:15 618442 ----a-w- c:\windows\system32\perfh007.dat
2010-07-12 10:43 . 2008-01-21 07:15 122842 ----a-w- c:\windows\system32\perfc007.dat
2010-07-09 17:28 . 2010-04-09 16:24 1356 ----a-w- c:\users\Drago\AppData\Local\d3d9caps.dat
2010-07-09 17:12 . 2009-11-26 22:44 -------- d-----w- c:\users\Drago\AppData\Roaming\Kigeo
2010-06-28 14:27 . 2009-10-25 14:34 -------- d-----w- c:\users\Drago\AppData\Roaming\vlc
2010-06-28 14:25 . 2010-06-12 13:48 -------- d-----w- c:\program files\NetTVProfessional
2010-06-28 08:58 . 2009-10-24 21:55 133208 ----a-w- c:\users\Drago\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-25 11:51 . 2009-11-11 00:20 -------- d-----w- c:\program files\FTP Commander
2010-06-25 08:25 . 2010-01-27 22:40 -------- d-----w- c:\program files\CCleaner
2010-06-21 21:22 . 2009-11-04 23:59 -------- d-----w- c:\users\Drago\AppData\Roaming\Thunderbird
2010-06-21 19:13 . 2009-12-03 11:07 -------- d-----w- c:\program files\Common Files\Apple
2010-06-18 18:58 . 2009-11-09 17:54 -------- d-----w- c:\program files\JDownloader
2010-06-16 18:31 . 2009-12-03 11:11 -------- d-----w- c:\program files\QuickTime
2010-06-12 13:28 . 2010-02-15 21:11 -------- d-----w- c:\program files\NetTVPlus Player
2010-06-09 21:39 . 2009-11-18 00:01 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-06-07 17:21 . 2010-06-07 15:31 -------- d-----w- c:\program files\Mozilla Sunbird
2010-06-06 20:12 . 2010-06-06 20:12 -------- d-----w- c:\users\Drago\AppData\Roaming\Bump Technologies, Inc
2010-06-06 20:12 . 2010-06-06 20:12 -------- d-----w- c:\program files\BumpTop
2010-06-05 07:11 . 2010-01-14 16:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-02 08:00 . 2010-06-09 21:39 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-06-02 02:55 . 2010-06-12 13:49 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-06-12 13:49 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-06-12 13:49 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-31 21:12 . 2010-05-31 21:12 -------- d-----w- c:\program files\mcesoft
2010-05-31 10:05 . 2010-05-31 10:04 -------- d-----w- c:\program files\Opera
2010-05-28 16:51 . 2009-12-03 10:51 -------- d-----w- c:\program files\Rosetta Stone
2010-05-28 16:34 . 2010-05-16 16:20 -------- d-----w- c:\program files\Nuance
2010-05-28 16:23 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games
2010-05-28 16:22 . 2009-06-05 08:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-26 17:06 . 2010-06-10 01:03 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-10 01:03 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 09:41 . 2010-06-12 13:49 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-06-12 13:49 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-06-12 13:49 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-06-12 13:49 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-06-12 13:49 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-05-24 15:27 . 2009-06-05 09:01 -------- d-----w- c:\program files\Google
2010-05-21 12:14 . 2009-11-18 11:15 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-17 07:34 . 2010-05-16 14:52 -------- d-----w- c:\users\Drago\AppData\Roaming\ScanSoft
2010-05-16 19:59 . 2009-11-18 17:28 2568 --sha-w- c:\programdata\KGyGaAvL.sys
2010-05-16 19:59 . 2009-11-18 17:28 2568 --sha-w- c:\programdata\KGyGaAvL.sys
2010-05-16 16:26 . 2010-05-16 16:26 -------- d-----w- c:\users\Drago\AppData\Roaming\Macrovision
2010-05-16 16:23 . 2010-05-16 16:23 -------- d-----w- c:\programdata\zeon
2010-05-16 16:23 . 2010-05-16 16:23 -------- d-----w- c:\programdata\Macrovision
2010-05-16 16:22 . 2010-05-16 16:21 -------- d-----w- c:\programdata\ScanSoft
2010-05-16 14:53 . 2010-05-16 14:53 -------- d-----w- c:\users\Drago\AppData\Roaming\Zeon
2010-05-16 14:46 . 2010-05-16 14:46 -------- d-----w- c:\users\Drago\AppData\Roaming\Nuance
2010-05-04 05:59 . 2010-06-10 01:03 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-10 01:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-10 01:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-10 01:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-10 01:03 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-23 14:13 . 2010-05-26 00:50 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-20 19:12 . 2010-04-20 19:12 5514304 ----a-w- c:\users\Drago\AppData\Roaming\TVU Networks\AutoUpgrade\TVUPlayer2.5.2.2.exe
2010-04-19 18:47 . 2010-04-19 18:47 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-04-19 18:47 . 2010-04-19 18:47 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-04-18 21:23 . 2010-04-18 21:23 1432504 ----a-w- c:\programdata\hps\12093\setup_Media_Markt.exe
2010-04-16 13:25 . 2010-04-16 13:25 117228 ---ha-w- c:\windows\system32\mlfcache.dat
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-28_20.22.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-24 20:54 . 2009-11-08 08:55 99176 c:\windows\winsxs\x86_wpf-presentationhostproxy_31bf3856ad364e35_6.1.6001.18242_none_f290a8a118b9134c\PresentationHostProxy.dll
+ 2010-06-24 18:25 . 2010-03-30 11:59 99176 c:\windows\winsxs\x86_wpf-presentationhostproxy_31bf3856ad364e35_6.0.6002.22377_none_2cb6816f90457914\PresentationHostProxy.dll
+ 2010-06-24 18:25 . 2010-04-05 12:19 99176 c:\windows\winsxs\x86_wpf-presentationhostproxy_31bf3856ad364e35_6.0.6002.18236_none_2c57240a7708502f\PresentationHostProxy.dll
+ 2010-06-10 01:03 . 2010-04-12 12:22 17256 c:\windows\winsxs\x86_wcf-m_svc_mon_sup_dll_31bf3856ad364e35_6.0.6002.22380_none_a7f79e1e62233116\ServiceMonikerSupport.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 17256 c:\windows\winsxs\x86_wcf-m_svc_mon_sup_dll_31bf3856ad364e35_6.0.6002.18239_none_a7ad138948d4e9a6\ServiceMonikerSupport.dll
+ 2010-06-24 20:54 . 2009-11-08 08:55 11600 c:\windows\winsxs\x86_netfx-mscorees_dll_31bf3856ad364e35_6.1.6001.18242_none_e15f1c362a176592\mscorees.dll
+ 2010-06-24 20:54 . 2009-11-08 08:55 49472 c:\windows\winsxs\x86_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.1.6001.18242_none_5c993a771a2304b1\netfxperf.dll
+ 2010-06-10 01:03 . 2010-03-25 11:54 30544 c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6002.22372_none_adfdfb72a63b9516\aspnet_wp.exe
+ 2010-06-10 01:03 . 2010-03-25 11:53 30544 c:\windows\winsxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.0.6002.18232_none_c4c7a10a8c97cfb4\aspnet_wp.exe
+ 2010-05-12 19:29 . 2010-05-12 19:29 51008 c:\windows\winsxs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_80b7c8a91e9dd16a\vcomp90.dll
+ 2010-05-12 19:29 . 2010-05-12 19:29 59728 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90RUS.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 42832 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90KOR.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 43344 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90JPN.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 61264 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ITA.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 62800 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90FRA.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 61760 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ESP.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 61776 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ESN.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 53568 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90ENU.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 63296 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90DEU.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 36688 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90CHT.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 35648 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9\MFC90CHS.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 46592 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90KOR.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 47104 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90JPN.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 59392 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90ITA.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 60416 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90FRA.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 59392 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90ESP.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 59392 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90ESN.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 54272 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90ENU.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 60928 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90DEU.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 41984 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90CHT.DLL
+ 2010-04-18 21:33 . 2010-04-18 21:33 41472 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98\MFC90CHS.DLL
+ 2010-05-12 19:29 . 2010-05-12 19:29 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfcm90u.dll
+ 2010-05-12 19:29 . 2010-05-12 19:29 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfcm90.dll
+ 2010-04-18 21:33 . 2010-04-18 21:33 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86\mfcm90u.dll
+ 2010-04-18 21:33 . 2010-04-18 21:33 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86\mfcm90.dll
+ 2010-03-02 13:58 . 2010-03-02 13:58 65536 c:\windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e507087\vcomp.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 37888 c:\windows\winsxs\x86_microsoft.flightsimulator.simconnect_67c7c14424d61b5b_10.0.60905.0_none_dd92b94d8a196297\SimConnect.dll
+ 2010-02-10 17:38 . 2009-12-28 12:05 31744 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.22295_none_9445b91c9f4a779f\msvidc32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:04 13312 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.22295_none_9445b91c9f4a779f\msrle32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:04 82944 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.22295_none_9445b91c9f4a779f\mciavi32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:02 91136 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.22295_none_9445b91c9f4a779f\avifil32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:02 65024 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.22295_none_9445b91c9f4a779f\avicap32.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 31744 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.18158_none_93ea5cdf8609b416\msvidc32.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 13312 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.18158_none_93ea5cdf8609b416\msrle32.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 82944 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.18158_none_93ea5cdf8609b416\mciavi32.dll
+ 2010-02-10 17:38 . 2009-12-04 18:27 91136 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.18158_none_93ea5cdf8609b416\avifil32.dll
+ 2006-11-02 09:03 . 2006-11-02 09:46 65024 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.18158_none_93ea5cdf8609b416\avicap32.dll
+ 2010-02-10 17:38 . 2009-12-28 13:40 31744 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.22590_none_925a45c2a228a3c8\msvidc32.dll
+ 2010-02-10 17:38 . 2009-12-28 13:40 13312 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.22590_none_925a45c2a228a3c8\msrle32.dll
+ 2010-02-10 17:38 . 2009-12-28 13:40 82944 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.22590_none_925a45c2a228a3c8\mciavi32.dll
+ 2010-02-10 17:38 . 2009-12-28 13:38 91136 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.22590_none_925a45c2a228a3c8\avifil32.dll
+ 2010-02-10 17:38 . 2009-12-28 13:38 65024 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.22590_none_925a45c2a228a3c8\avicap32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:32 31744 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18389_none_91e4799788facef5\msvidc32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:32 13312 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18389_none_91e4799788facef5\msrle32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:31 82944 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18389_none_91e4799788facef5\mciavi32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:28 91136 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18389_none_91e4799788facef5\avifil32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:28 65024 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18389_none_91e4799788facef5\avicap32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:29 31232 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.21188_none_9086af94a4f2f7b9\msvidc32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:29 13312 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.21188_none_9086af94a4f2f7b9\msrle32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:29 82944 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.21188_none_9086af94a4f2f7b9\mciavi32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:26 88576 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.21188_none_9086af94a4f2f7b9\avifil32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:26 65024 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.21188_none_9086af94a4f2f7b9\avicap32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:34 31232 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.16986_none_8ffb3a138bd6f1ff\msvidc32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:34 13312 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.16986_none_8ffb3a138bd6f1ff\msrle32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:33 82944 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.16986_none_8ffb3a138bd6f1ff\mciavi32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:30 88576 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.16986_none_8ffb3a138bd6f1ff\avifil32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:30 65024 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.16986_none_8ffb3a138bd6f1ff\avicap32.dll
+ 2010-04-14 05:18 . 2010-02-18 11:51 22016 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\netiougc.exe
+ 2010-04-14 05:18 . 2010-02-18 14:00 49152 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\netiomig.dll
+ 2010-02-10 17:38 . 2009-12-08 17:44 22016 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\netiougc.exe
+ 2010-02-10 17:38 . 2009-12-08 20:01 49152 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\netiomig.dll
+ 2010-04-14 05:18 . 2010-02-18 12:04 22016 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\netiougc.exe
+ 2010-04-14 05:18 . 2010-02-18 14:21 49152 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\netiomig.dll
+ 2010-02-10 17:38 . 2009-12-08 17:57 22016 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\netiougc.exe
+ 2010-02-10 17:38 . 2009-12-08 20:18 49152 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\netiomig.dll
+ 2010-02-10 17:38 . 2009-12-11 12:01 98816 c:\windows\winsxs\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6002.22286_none_05f5c6db26a677d3\srvnet.sys
+ 2010-02-10 17:38 . 2009-12-11 11:43 98816 c:\windows\winsxs\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6002.18164_none_057fc9540d7a6d79\srvnet.sys
+ 2010-02-10 17:38 . 2009-12-11 12:13 98816 c:\windows\winsxs\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6001.22581_none_040a53812984a3fc\srvnet.sys
+ 2010-02-10 17:38 . 2009-12-11 12:07 98304 c:\windows\winsxs\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6001.18381_none_0380b4d01067070b\srvnet.sys
+ 2010-02-10 17:38 . 2009-12-11 12:01 84992 c:\windows\winsxs\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6000.21179_none_0236bd532c4ef7ed\srvnet.sys
+ 2010-02-10 17:38 . 2009-12-11 12:15 84992 c:\windows\winsxs\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6000.16977_none_01ab47d21332f233\srvnet.sys
+ 2010-04-14 05:18 . 2010-02-23 11:16 79360 c:\windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.22346_none_8d25cfd8a024cf75\mrxsmb20.sys
+ 2010-04-14 05:18 . 2010-02-23 11:10 79360 c:\windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.18213_none_8cb9a1f386f18fd3\mrxsmb20.sys
+ 2010-04-14 05:18 . 2010-02-23 11:30 79360 c:\windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.22641_none_8b3a5c7ea302fb9e\mrxsmb20.sys
+ 2010-04-14 05:18 . 2010-02-23 11:32 78848 c:\windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18431_none_8abb8db989dd42bc\mrxsmb20.sys
+ 2010-04-14 05:18 . 2010-02-23 11:30 58368 c:\windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.21230_none_895dc3b6a5d56b80\mrxsmb20.sys
+ 2010-02-10 17:38 . 2009-12-04 16:14 58368 c:\windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.21173_none_893582fea5f32a22\mrxsmb20.sys
+ 2010-04-14 05:18 . 2010-02-23 13:14 58368 c:\windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.17025_none_88e3f6638cab3151\mrxsmb20.sys
+ 2010-02-10 17:38 . 2007-10-26 01:40 58368 c:\windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.16586_none_88a4376b8cdaca70\mrxsmb20.sys
+ 2010-03-11 02:00 . 2010-02-20 23:12 24064 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.22343_none_dce43630c143fd87\wbhstipm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:12 22528 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.22343_none_dce43630c143fd87\wbhst_pm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:12 48128 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.22343_none_dce43630c143fd87\w3wphost.dll
+ 2010-03-11 02:00 . 2010-02-20 23:12 15872 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.22343_none_dce43630c143fd87\w3tp.dll
+ 2009-12-10 02:03 . 2009-11-09 12:32 24064 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.18210_none_dc78084ba810bde5\wbhstipm.dll
+ 2009-12-10 02:03 . 2009-11-09 12:32 22528 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.18210_none_dc78084ba810bde5\wbhst_pm.dll
+ 2009-12-10 02:03 . 2009-11-09 12:32 47616 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.18210_none_dc78084ba810bde5\w3wphost.dll
+ 2009-12-10 02:03 . 2009-11-09 12:32 15872 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.18210_none_dc78084ba810bde5\w3tp.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 24064 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.22638_none_db0d95a6c4110b25\wbhstipm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 22528 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.22638_none_db0d95a6c4110b25\wbhst_pm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 46592 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.22638_none_db0d95a6c4110b25\w3wphost.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 15872 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.22638_none_db0d95a6c4110b25\w3tp.dll
+ 2009-12-10 02:03 . 2009-11-09 13:23 24064 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.18428_none_da8ec6e1aaeb5243\wbhstipm.dll
+ 2009-12-10 02:03 . 2009-11-09 13:23 22528 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.18428_none_da8ec6e1aaeb5243\wbhst_pm.dll
+ 2009-12-10 02:03 . 2009-11-09 13:23 46592 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.18428_none_da8ec6e1aaeb5243\w3wphost.dll
+ 2009-12-10 02:03 . 2009-11-09 13:23 15872 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.18428_none_da8ec6e1aaeb5243\w3tp.dll
+ 2010-03-11 02:00 . 2010-02-20 23:36 25088 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.21227_none_d930fcdec6e37b07\wbhstipm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:36 22016 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.21227_none_d930fcdec6e37b07\wbhst_pm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:36 39424 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.21227_none_d930fcdec6e37b07\w3wphost.dll
+ 2010-03-11 02:00 . 2010-02-20 23:36 15360 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.21227_none_d930fcdec6e37b07\w3tp.dll
+ 2010-03-11 02:00 . 2010-02-20 23:55 25088 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.17022_none_d8a25cbbadca5f63\wbhstipm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:55 22016 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.17022_none_d8a25cbbadca5f63\wbhst_pm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:55 39424 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.17022_none_d8a25cbbadca5f63\w3wphost.dll
+ 2010-03-11 02:00 . 2010-02-20 23:55 15360 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.17022_none_d8a25cbbadca5f63\w3tp.dll
+ 2010-06-10 01:03 . 2010-04-05 17:14 67072 c:\windows\winsxs\x86_microsoft-windows-o..mation-asyncfilters_31bf3856ad364e35_6.0.6002.22377_none_78f4d4e8cf978645\asycfilt.dll
+ 2010-06-10 01:03 . 2010-04-05 17:01 67072 c:\windows\winsxs\x86_microsoft-windows-o..mation-asyncfilters_31bf3856ad364e35_6.0.6002.18236_none_78957783b65a5d60\asycfilt.dll
+ 2010-06-10 01:03 . 2010-04-05 16:28 67072 c:\windows\winsxs\x86_microsoft-windows-o..mation-asyncfilters_31bf3856ad364e35_6.0.6001.22665_none_77173258d26ae282\asycfilt.dll
+ 2010-06-10 01:03 . 2010-04-05 16:07 67072 c:\windows\winsxs\x86_microsoft-windows-o..mation-asyncfilters_31bf3856ad364e35_6.0.6001.18454_none_76976349b9461049\asycfilt.dll
+ 2010-03-11 02:00 . 2010-02-20 23:10 24064 c:\windows\winsxs\x86_microsoft-windows-nshhttp_31bf3856ad364e35_6.0.6002.22343_none_75f500438adc1033\nshhttp.dll
+ 2010-03-11 02:00 . 2010-02-20 23:06 24064 c:\windows\winsxs\x86_microsoft-windows-nshhttp_31bf3856ad364e35_6.0.6002.18210_none_7588d25e71a8d091\nshhttp.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 24064 c:\windows\winsxs\x86_microsoft-windows-nshhttp_31bf3856ad364e35_6.0.6001.22638_none_741e5fb98da91dd1\nshhttp.dll
+ 2010-03-11 02:00 . 2010-02-20 23:39 24064 c:\windows\winsxs\x86_microsoft-windows-nshhttp_31bf3856ad364e35_6.0.6001.18428_none_739f90f4748364ef\nshhttp.dll
+ 2010-03-11 02:00 . 2010-02-20 23:35 24064 c:\windows\winsxs\x86_microsoft-windows-nshhttp_31bf3856ad364e35_6.0.6000.21227_none_7241c6f1907b8db3\nshhttp.dll
+ 2010-03-11 02:00 . 2010-02-20 23:54 24064 c:\windows\winsxs\x86_microsoft-windows-nshhttp_31bf3856ad364e35_6.0.6000.17022_none_71b326ce7762720f\nshhttp.dll
+ 2010-04-14 05:18 . 2010-02-18 17:36 98192 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22636_none_cd93a82a43bb5573\FWPKCLNT.SYS
+ 2010-02-10 17:38 . 2009-12-08 20:36 98392 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22577_none_cd6966de43dae167\FWPKCLNT.SYS
+ 2010-04-14 05:18 . 2010-02-18 11:50 85504 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21226_none_cbb80fac468cdeac\FWPKCLNT.SYS
+ 2010-02-10 17:38 . 2009-12-08 17:44 85504 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21175_none_cb80fde046b653e3\FWPKCLNT.SYS
+ 2010-03-11 01:29 . 2009-10-14 14:12 23552 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6002.22245_none_f4abc44d237d7ed9\WMM2EXT.dll
+ 2009-10-25 19:47 . 2009-04-11 06:28 23040 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6002.18121_none_f433c6320a5341d1\WMM2EXT.dll
+ 2010-03-11 01:29 . 2009-10-14 15:08 23552 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.22541_none_f2c1513d265ac459\WMM2EXT.dll
+ 2006-11-02 12:36 . 2006-11-02 12:36 23040 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.18341_none_f237b28c0d3d2768\WMM2EXT.dll
+ 2010-03-11 01:29 . 2009-10-14 14:51 23040 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6000.21139_none_f0edbb0f2925184a\WMM2EXT.dll
+ 2010-03-11 01:29 . 2009-10-14 15:06 23040 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6000.16937_none_f062458e10091290\WMM2EXT.dll
+ 2010-05-12 04:06 . 2010-01-29 13:49 84480 c:\windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6002.22325_none_7c10a4356edc41af\INETRES.dll
+ 2006-11-02 07:28 . 2006-11-02 08:48 84480 c:\windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6002.18197_none_7b3d56a455f59b03\INETRES.dll
+ 2010-05-12 04:06 . 2010-01-29 13:56 84480 c:\windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6001.22621_none_7a26312571b9872f\INETRES.dll
+ 2006-11-02 07:28 . 2006-11-02 08:48 84480 c:\windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6001.18416_none_79ac63d2588f4d00\INETRES.dll
+ 2010-04-14 05:18 . 2010-02-18 11:43 31232 c:\windows\winsxs\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.22341_none_88630ed21bd06a58\tcpipreg.sys
+ 2010-02-10 17:38 . 2009-12-08 17:32 31232 c:\windows\winsxs\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.22283_none_8839cdd01bef0fa3\tcpipreg.sys
+ 2010-02-10 17:38 . 2009-12-08 17:26 30720 c:\windows\winsxs\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.18160_none_87c2cfff02c3ebf2\tcpipreg.sys
+ 2010-03-11 02:00 . 2010-02-20 23:12 10752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\wamregps.dll
+ 2010-03-11 02:00 . 2010-02-20 23:11 38912 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\rscaext.dll
+ 2010-03-11 02:00 . 2010-02-20 23:11 26624 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\rsca.dll
+ 2010-03-11 02:00 . 2010-02-20 23:08 59392 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iissyspr.dll
+ 2010-03-11 02:00 . 2010-02-20 21:21 31232 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iisrstas.exe
+ 2010-03-11 02:00 . 2010-02-20 21:21 14848 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iisreset.exe
+ 2010-03-11 02:00 . 2010-02-20 23:08 89088 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iisreg.dll
+ 2010-03-11 02:00 . 2010-02-20 23:07 27136 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\ahadmin.dll
+ 2010-03-11 02:00 . 2010-02-20 23:06 51712 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\admwprox.dll
+ 2009-12-10 02:03 . 2009-11-09 12:32 10752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\wamregps.dll
+ 2009-12-10 02:03 . 2009-11-09 12:32 38912 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\rscaext.dll
+ 2009-12-10 02:03 . 2009-11-09 12:32 26624 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\rsca.dll
+ 2009-12-10 02:03 . 2009-11-09 12:30 59392 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iissyspr.dll
+ 2009-12-10 02:03 . 2009-11-09 10:48 31232 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iisrstas.exe
+ 2009-12-10 02:03 . 2009-11-09 10:48 14848 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iisreset.exe
+ 2009-12-10 02:03 . 2009-11-09 12:30 89088 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iisreg.dll
+ 2009-12-10 02:03 . 2009-11-09 12:28 27136 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\ahadmin.dll
+ 2009-12-10 02:03 . 2009-11-09 12:28 51712 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\admwprox.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 10752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\wamregps.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 38912 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\rscaext.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 26624 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\rsca.dll
+ 2010-03-11 02:00 . 2010-02-20 23:29 59392 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iissyspr.dll
+ 2010-03-11 02:00 . 2010-02-20 21:35 31232 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iisrstas.exe
+ 2010-03-11 02:00 . 2010-02-20 21:35 14848 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iisreset.exe
+ 2010-03-11 02:00 . 2010-02-20 23:29 89088 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iisreg.dll
+ 2010-03-11 02:00 . 2010-02-20 23:26 27136 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\ahadmin.dll
+ 2010-03-11 02:00 . 2010-02-20 23:26 51712 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\admwprox.dll
+ 2009-12-10 02:03 . 2009-11-09 13:23 10752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\wamregps.dll
+ 2009-12-10 02:03 . 2009-11-09 13:23 38912 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\rscaext.dll
+ 2009-12-10 02:03 . 2009-11-09 13:23 26624 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\rsca.dll
+ 2009-12-10 02:03 . 2009-11-09 13:20 59392 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iissyspr.dll
+ 2009-12-10 02:03 . 2009-11-09 11:21 31232 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iisrstas.exe
+ 2009-12-10 02:03 . 2009-11-09 11:21 14848 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iisreset.exe
+ 2009-12-10 02:03 . 2009-11-09 13:20 89088 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iisreg.dll
+ 2009-12-10 02:03 . 2009-11-09 13:18 27136 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\ahadmin.dll
+ 2009-12-10 02:03 . 2009-11-09 13:18 51712 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\admwprox.dll
+ 2010-03-11 02:00 . 2010-02-20 23:36 10752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\wamregps.dll
+ 2010-03-11 02:00 . 2010-02-20 23:35 26624 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\rsca.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 31232 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iissyspr.dll
+ 2010-03-11 02:00 . 2010-02-20 21:31 30720 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iisrstas.exe
+ 2010-03-11 02:00 . 2010-02-20 21:31 14848 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iisreset.exe
+ 2010-03-11 02:00 . 2010-02-20 23:31 89088 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iisreg.dll
+ 2010-03-11 02:00 . 2010-02-20 23:30 51200 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\admwprox.dll
+ 2010-03-11 02:00 . 2010-02-20 23:55 10752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\wamregps.dll
+ 2010-03-11 02:00 . 2010-02-20 23:55 26624 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\rsca.dll
+ 2010-03-11 02:00 . 2010-02-20 23:52 31232 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iissyspr.dll
+ 2010-03-11 02:00 . 2010-02-20 21:46 30720 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iisrstas.exe
+ 2010-03-11 02:00 . 2010-02-20 21:46 14848 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iisreset.exe
+ 2010-03-11 02:00 . 2010-02-20 23:52 89088 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iisreg.dll
+ 2010-03-11 02:00 . 2010-02-20 23:50 51200 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\admwprox.dll
+ 2010-03-11 02:00 . 2010-02-20 23:12 23552 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6002.22343_none_d1f1e1863fa65f97\w3dt.dll
+ 2010-03-11 02:00 . 2010-02-20 23:08 12800 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6002.22343_none_d1f1e1863fa65f97\hwebcore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:07 23552 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6002.18210_none_d185b3a126731ff5\w3dt.dll
+ 2009-12-10 02:03 . 2009-11-09 12:30 12800 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6002.18210_none_d185b3a126731ff5\hwebcore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 23552 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6001.22638_none_d01b40fc42736d35\w3dt.dll
+ 2010-03-11 02:00 . 2010-02-20 23:29 12800 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6001.22638_none_d01b40fc42736d35\hwebcore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:40 23552 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6001.18428_none_cf9c7237294db453\w3dt.dll
+ 2009-12-10 02:03 . 2009-11-09 13:20 12800 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6001.18428_none_cf9c7237294db453\hwebcore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:36 23552 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6000.21227_none_ce3ea8344545dd17\w3dt.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 12288 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6000.21227_none_ce3ea8344545dd17\hwebcore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:55 23552 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6000.17022_none_cdb008112c2cc173\w3dt.dll
+ 2010-03-11 02:00 . 2010-02-20 23:51 12288 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6000.17022_none_cdb008112c2cc173\hwebcore.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23019_none_a941806b8d645750\iesetup.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23019_none_a941806b8d645750\iernonce.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22995_none_a8e727c18da89e3a\iesetup.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22995_none_a8e727c18da89e3a\iernonce.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18928_none_a8ac3d2e744f8405\iesetup.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18928_none_a8ac3d2e744f8405\iernonce.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18904_none_a8bddbde7442e6c7\iesetup.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18904_none_a8bddbde7442e6c7\iernonce.dll
+ 2010-06-10 01:03 . 2010-05-04 04:58 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.23019_none_dfbeba5109ad11a7\msfeedssync.exe
+ 2010-06-10 01:03 . 2010-05-04 06:30 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.23019_none_dfbeba5109ad11a7\msfeedsbs.dll
+ 2010-03-31 06:31 . 2010-02-23 13:25 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22995_none_df6461a709f15891\msfeedssync.exe
+ 2010-03-31 06:31 . 2010-02-23 15:01 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22995_none_df6461a709f15891\msfeedsbs.dll
+ 2010-06-10 01:03 . 2010-05-04 04:30 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18928_none_df297713f0983e5c\msfeedssync.exe
+ 2010-06-10 01:03 . 2010-05-04 05:56 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18928_none_df297713f0983e5c\msfeedsbs.dll
+ 2010-03-31 06:31 . 2010-02-23 04:54 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18904_none_df3b15c3f08ba11e\msfeedssync.exe
+ 2010-03-31 06:31 . 2010-02-23 06:34 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18904_none_df3b15c3f08ba11e\msfeedsbs.dll
+ 2010-06-10 01:03 . 2010-05-04 06:31 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\WininetPlugin.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\jsproxy.dll
+ 2010-03-31 06:31 . 2010-02-23 15:06 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\WininetPlugin.dll
+ 2010-03-31 06:31 . 2010-02-23 15:01 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\jsproxy.dll
+ 2010-06-10 01:03 . 2010-05-04 05:59 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\WininetPlugin.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\jsproxy.dll
+ 2010-03-31 06:31 . 2010-02-23 06:39 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\WininetPlugin.dll
+ 2010-03-31 06:31 . 2010-02-23 06:34 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\jsproxy.dll
+ 2010-05-26 00:50 . 2010-04-23 14:23 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22391_none_17571fa5201e0c64\tzupd.exe
+ 2010-02-23 22:06 . 2010-01-23 09:20 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22320_none_17a1cecf1fe62f76\tzupd.exe
+ 2010-02-23 22:06 . 2010-01-23 09:26 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18248_none_170a947c06d19246\tzupd.exe
+ 2010-02-23 22:06 . 2010-01-23 09:26 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18192_none_16ce813e06ff88ca\tzupd.exe
+ 2010-05-26 00:50 . 2010-04-23 14:02 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22677_none_158c4f5122e21768\tzupd.exe
+ 2010-02-23 22:06 . 2010-01-23 09:43 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22612_none_15c82d6722b5f10f\tzupd.exe
+ 2010-02-23 22:06 . 2010-01-23 09:44 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18464_none_150a7fae09bf1281\tzupd.exe
+ 2010-02-23 22:06 . 2010-01-23 09:44 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18410_none_153c8e22099a2170\tzupd.exe
+ 2010-02-23 22:06 . 2010-01-23 09:39 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.21209_none_13f396ef25812ba9\tzupd.exe
+ 2010-02-23 22:06 . 2010-01-23 09:58 19456 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.17007_none_1367f7aa0c655c0a\tzupd.exe
+ 2010-04-14 05:18 . 2010-02-18 11:42 25088 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6002.22341_none_1428eb9d92bddb72\tunnel.sys
+ 2010-04-14 05:18 . 2010-02-18 11:42 15360 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6002.22341_none_1428eb9d92bddb72\TUNMP.SYS
+ 2010-04-14 05:18 . 2010-02-18 11:28 25088 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6002.18209_none_13d290d27978969c\tunnel.sys
+ 2008-01-21 02:24 . 2008-01-21 02:24 15360 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6002.18209_none_13d290d27978969c\TUNMP.SYS
+ 2010-04-14 05:18 . 2010-02-18 12:00 25088 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6001.22636_none_12524b13958ae910\tunnel.sys
+ 2010-04-14 05:18 . 2010-02-18 12:00 15360 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6001.22636_none_12524b13958ae910\TUNMP.SYS
+ 2010-04-14 05:18 . 2010-02-18 11:52 25088 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6001.18427_none_11d47c987c644985\tunnel.sys
+ 2008-01-21 02:24 . 2008-01-21 02:24 15360 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6001.18427_none_11d47c987c644985\TUNMP.SYS
+ 2010-04-14 05:18 . 2010-02-18 11:50 25088 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6000.21226_none_1076b295985c7249\tunnel.sys
+ 2010-04-14 05:18 . 2010-02-18 11:50 15360 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6000.21226_none_1076b295985c7249\TUNMP.SYS
+ 2010-04-14 05:18 . 2010-02-18 12:04 25088 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6000.17021_none_0fe812727f4356a5\tunnel.sys
+ 2010-04-14 05:18 . 2010-02-18 12:04 15360 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6000.17021_none_0fe812727f4356a5\TUNMP.SYS
+ 2010-03-11 02:00 . 2010-02-20 23:07 43520 c:\windows\winsxs\x86_microsoft-windows-i..henticationbinaries_31bf3856ad364e35_6.0.6002.22343_none_22e5433d125cc342\authsspi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:04 43520 c:\windows\winsxs\x86_microsoft-windows-i..henticationbinaries_31bf3856ad364e35_6.0.6002.18210_none_22791557f92983a0\authsspi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:27 43520 c:\windows\winsxs\x86_microsoft-windows-i..henticationbinaries_31bf3856ad364e35_6.0.6001.22638_none_210ea2b31529d0e0\authsspi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:35 43520 c:\windows\winsxs\x86_microsoft-windows-i..henticationbinaries_31bf3856ad364e35_6.0.6001.18428_none_208fd3edfc0417fe\authsspi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:30 36352 c:\windows\winsxs\x86_microsoft-windows-i..henticationbinaries_31bf3856ad364e35_6.0.6000.21227_none_1f3209eb17fc40c2\authsspi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:50 36352 c:\windows\winsxs\x86_microsoft-windows-i..henticationbinaries_31bf3856ad364e35_6.0.6000.17022_none_1ea369c7fee3251e\authsspi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:08 30720 c:\windows\winsxs\x86_microsoft-windows-http-api_31bf3856ad364e35_6.0.6002.22343_none_f7f4165eb3ad7c4d\httpapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:05 30720 c:\windows\winsxs\x86_microsoft-windows-http-api_31bf3856ad364e35_6.0.6002.18210_none_f787e8799a7a3cab\httpapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:29 31232 c:\windows\winsxs\x86_microsoft-windows-http-api_31bf3856ad364e35_6.0.6001.22638_none_f61d75d4b67a89eb\httpapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:37 31232 c:\windows\winsxs\x86_microsoft-windows-http-api_31bf3856ad364e35_6.0.6001.18428_none_f59ea70f9d54d109\httpapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 31232 c:\windows\winsxs\x86_microsoft-windows-http-api_31bf3856ad364e35_6.0.6000.21227_none_f440dd0cb94cf9cd\httpapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:51 31232 c:\windows\winsxs\x86_microsoft-windows-http-api_31bf3856ad364e35_6.0.6000.17022_none_f3b23ce9a033de29\httpapi.dll
+ 2010-06-10 01:03 . 2010-05-26 17:10 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll
+ 2010-06-10 01:03 . 2010-05-26 17:09 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\fontsub.dll
+ 2010-06-10 01:03 . 2010-05-26 17:08 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\dciman32.dll
+ 2010-06-10 01:03 . 2010-05-26 17:08 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\atmlib.dll
+ 2009-10-24 22:18 . 2009-06-15 14:52 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll
+ 2010-01-13 18:46 . 2009-10-19 13:35 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\fontsub.dll
+ 2009-10-24 22:18 . 2009-06-15 14:51 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\dciman32.dll
+ 2010-06-10 01:03 . 2010-05-26 17:06 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\atmlib.dll
+ 2010-06-10 01:03 . 2010-05-26 16:20 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll
+ 2010-06-10 01:03 . 2010-05-26 16:19 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\fontsub.dll
+ 2010-06-10 01:03 . 2010-05-26 16:18 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\dciman32.dll
+ 2010-06-10 01:03 . 2010-05-26 16:17 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\atmlib.dll
+ 2008-01-21 02:24 . 2008-01-21 02:24 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll
+ 2010-01-13 18:46 . 2009-10-19 14:24 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\fontsub.dll
+ 2009-10-24 22:18 . 2009-06-15 15:20 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\dciman32.dll
+ 2010-06-10 01:03 . 2010-05-26 16:16 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\atmlib.dll
+ 2010-02-10 17:38 . 2009-12-28 12:07 12288 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.22295_none_6798d5c3c48290e9\tsbyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 12:05 22528 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.22295_none_6798d5c3c48290e9\msyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 12:04 50176 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.22295_none_6798d5c3c48290e9\iyuv_32.dll
+ 2010-02-10 17:38 . 2009-12-04 18:30 12288 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.18158_none_673d7986ab41cd60\tsbyuv.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 22528 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.18158_none_673d7986ab41cd60\msyuv.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 50176 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.18158_none_673d7986ab41cd60\iyuv_32.dll
+ 2010-02-10 17:38 . 2009-12-28 13:41 11776 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6001.22590_none_65ad6269c760bd12\tsbyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 13:40 22528 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6001.22590_none_65ad6269c760bd12\msyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 13:40 50176 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6001.22590_none_65ad6269c760bd12\iyuv_32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:35 11776 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6001.18389_none_6537963eae32e83f\tsbyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 12:32 22528 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6001.18389_none_6537963eae32e83f\msyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 12:31 50176 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6001.18389_none_6537963eae32e83f\iyuv_32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:31 11776 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6000.21188_none_63d9cc3bca2b1103\tsbyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 12:30 22528 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6000.21188_none_63d9cc3bca2b1103\msyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 12:28 50176 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6000.21188_none_63d9cc3bca2b1103\iyuv_32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:36 11776 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6000.16986_none_634e56bab10f0b49\tsbyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 12:34 22528 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6000.16986_none_634e56bab10f0b49\msyuv.dll
+ 2010-02-10 17:38 . 2009-12-28 12:32 50176 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6000.16986_none_634e56bab10f0b49\iyuv_32.dll
+ 2010-04-14 01:11 . 2010-01-13 17:48 98304 c:\windows\winsxs\x86_microsoft-windows-cabview_31bf3856ad364e35_6.0.6002.22311_none_3a689ec7f7c9ca5e\cabview.dll
+ 2010-04-14 01:11 . 2010-01-13 17:34 98304 c:\windows\winsxs\x86_microsoft-windows-cabview_31bf3856ad364e35_6.0.6002.18184_none_39965180dee23d09\cabview.dll
+ 2010-04-14 01:11 . 2010-01-13 18:51 98304 c:\windows\winsxs\x86_microsoft-windows-cabview_31bf3856ad364e35_6.0.6001.22605_none_3890fdf3fa97bea5\cabview.dll
+ 2010-04-14 01:11 . 2010-01-15 00:04 98304 c:\windows\winsxs\x86_microsoft-windows-cabview_31bf3856ad364e35_6.0.6001.18404_none_38065ef8e17b085d\cabview.dll
+ 2010-04-14 01:11 . 2010-01-13 18:12 97792 c:\windows\winsxs\x86_microsoft-windows-cabview_31bf3856ad364e35_6.0.6000.21203_none_36a894f5fd733121\cabview.dll
+ 2010-04-14 01:11 . 2010-01-13 18:23 97792 c:\windows\winsxs\x86_microsoft-windows-cabview_31bf3856ad364e35_6.0.6000.17002_none_361df5fae4567ad9\cabview.dll
+ 2010-06-10 01:03 . 2010-04-12 12:23 32768 c:\windows\winsxs\msil_system.servicemodel.washosting_b77a5c561934e089_6.0.6002.22380_none_a725653cfb4fe6ae\System.ServiceModel.WasHosting.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 32768 c:\windows\winsxs\msil_system.servicemodel.washosting_b77a5c561934e089_6.0.6002.18239_none_bded3d82e1adee9e\System.ServiceModel.WasHosting.dll
+ 2009-10-25 19:47 . 2009-03-30 04:42 28672 c:\windows\winsxs\msil_system.security.resources_b03f5f7f11d50a3a_6.0.6002.22354_de-de_3c1caeca6649b746\System.Security.Resources.dll
+ 2009-10-25 19:47 . 2009-03-30 04:42 28672 c:\windows\winsxs\msil_system.security.resources_b03f5f7f11d50a3a_6.0.6002.18222_de-de_52e7823c4ca4d7f9\System.Security.Resources.dll
+ 2009-10-25 19:47 . 2009-02-18 18:39 98304 c:\windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.22380_de-de_7724407efec6bc17\System.RunTime.Serialization.Resources.dll
+ 2009-10-25 19:47 . 2009-02-18 18:39 98304 c:\windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.0.6002.18239_de-de_8dec18c4e524c407\System.RunTime.Serialization.Resources.dll
+ 2009-10-25 19:47 . 2009-02-18 18:39 65536 c:\windows\winsxs\msil_system.identitymodel.resources_b77a5c561934e089_6.0.6002.22380_de-de_c0110c1527de941c\System.IdentityModel.Resources.dll
+ 2009-10-25 19:47 . 2009-02-18 18:39 65536 c:\windows\winsxs\msil_system.identitymodel.resources_b77a5c561934e089_6.0.6002.18239_de-de_d6d8e45b0e3c9c0c\System.IdentityModel.Resources.dll
+ 2010-05-12 19:31 . 2007-04-04 16:53 81768 c:\windows\System32\xinput1_3.dll
+ 2010-05-12 19:31 . 2006-07-28 07:30 62744 c:\windows\System32\xinput1_2.dll
+ 2010-03-02 14:29 . 2006-03-31 11:39 62672 c:\windows\System32\xinput1_1.dll
+ 2010-05-12 19:31 . 2010-02-04 08:01 74072 c:\windows\System32\XAPOFX1_4.dll
+ 2010-05-12 19:31 . 2009-09-04 15:44 69464 c:\windows\System32\XAPOFX1_3.dll
+ 2010-05-12 19:31 . 2008-10-27 08:04 70992 c:\windows\System32\XAPOFX1_2.dll
+ 2010-05-12 19:31 . 2008-07-31 08:41 68616 c:\windows\System32\XAPOFX1_1.dll
+ 2010-05-12 19:31 . 2008-05-30 12:17 65032 c:\windows\System32\XAPOFX1_0.dll
+ 2010-05-12 19:31 . 2010-02-04 08:01 22360 c:\windows\System32\X3DAudio1_7.dll
+ 2010-05-12 19:31 . 2009-03-16 12:18 22360 c:\windows\System32\X3DAudio1_6.dll
+ 2010-05-12 19:31 . 2008-10-27 08:04 23376 c:\windows\System32\X3DAudio1_5.dll
+ 2010-05-12 19:31 . 2008-05-30 12:17 25608 c:\windows\System32\X3DAudio1_4.dll
+ 2010-05-12 19:31 . 2008-03-05 14:00 25608 c:\windows\System32\X3DAudio1_3.dll
+ 2010-05-12 19:31 . 2007-10-22 01:37 17928 c:\windows\System32\X3DAudio1_2.dll
+ 2010-05-12 19:31 . 2007-03-05 10:42 15128 c:\windows\System32\x3daudio1_1.dll
+ 2010-03-02 14:29 . 2006-02-03 07:41 14032 c:\windows\System32\x3daudio1_0.dll
+ 2008-01-21 01:58 . 2010-07-13 19:49 71044 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-10-24 21:30 . 2010-07-13 19:49 10698 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4032735365-608106937-2049815217-1000_UserData.bin
- 2009-10-25 19:48 . 2009-04-11 06:28 12288 c:\windows\System32\tsbyuv.dll
+ 2010-02-10 17:38 . 2009-12-04 18:30 12288 c:\windows\System32\tsbyuv.dll
+ 2007-06-21 20:55 . 2007-06-21 20:55 53299 c:\windows\System32\pthreadVC.dll
+ 2007-06-21 20:55 . 2007-06-21 20:55 88704 c:\windows\System32\Packet.dll
- 2009-12-10 02:03 . 2009-11-09 12:31 24064 c:\windows\System32\nshhttp.dll
+ 2010-03-11 02:00 . 2010-02-20 23:06 24064 c:\windows\System32\nshhttp.dll
+ 2010-06-24 20:54 . 2009-11-08 08:55 11600 c:\windows\System32\MUI\0409\mscorees.dll
+ 2010-04-13 16:47 . 2009-10-12 21:02 44736 c:\windows\System32\mtSubclass.dll
- 2006-11-02 08:55 . 2006-11-02 09:46 22528 c:\windows\System32\msyuv.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 22528 c:\windows\System32\msyuv.dll
+ 2002-02-04 00:43 . 2002-02-04 00:43 82432 c:\windows\System32\msxml4r.dll
- 2006-12-12 02:39 . 2006-12-12 02:39 82432 c:\windows\System32\msxml4r.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 31744 c:\windows\System32\msvidc32.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 13312 c:\windows\System32\msrle32.dll
- 2010-01-22 17:24 . 2010-01-02 04:56 13312 c:\windows\System32\msfeedssync.exe
+ 2010-06-10 01:03 . 2010-05-04 04:30 13312 c:\windows\System32\msfeedssync.exe
- 2010-01-22 17:24 . 2010-01-02 06:33 55296 c:\windows\System32\msfeedsbs.dll
+ 2010-06-10 01:03 . 2010-05-04 05:56 55296 c:\windows\System32\msfeedsbs.dll
+ 2010-06-10 01:03 . 2010-05-04 05:59 64512 c:\windows\System32\migration\WininetPlugin.dll
- 2010-01-22 17:24 . 2010-01-02 06:38 64512 c:\windows\System32\migration\WininetPlugin.dll
- 2006-11-02 09:03 . 2006-11-02 09:46 82944 c:\windows\System32\mciavi32.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 82944 c:\windows\System32\mciavi32.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 25600 c:\windows\System32\jsproxy.dll
- 2010-01-22 17:24 . 2010-01-02 06:32 25600 c:\windows\System32\jsproxy.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 50176 c:\windows\System32\iyuv_32.dll
- 2010-01-22 17:24 . 2010-01-02 06:32 55808 c:\windows\System32\iernonce.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 55808 c:\windows\System32\iernonce.dll
+ 2010-03-11 02:00 . 2010-02-20 23:05 30720 c:\windows\System32\httpapi.dll
- 2009-12-10 02:03 . 2009-11-09 12:30 30720 c:\windows\System32\httpapi.dll
+ 2010-04-19 18:47 . 2010-04-19 18:47 41984 c:\windows\System32\DriverStore\FileRepository\usbaapl.inf_c8043cf0\usbaapl.sys
+ 2010-04-19 18:29 . 2010-04-19 18:29 18432 c:\windows\System32\DriverStore\FileRepository\netaapl.inf_3bc4f952\netaapl.sys
+ 2008-01-14 10:06 . 2008-01-14 10:06 21632 c:\windows\System32\DriverStore\FileRepository\manycam.inf_cb8ddd29\ManyCam.sys
+ 2010-04-14 05:18 . 2010-02-18 11:28 25088 c:\windows\System32\drivers\tunnel.sys
+ 2010-02-10 17:38 . 2009-12-08 17:26 30720 c:\windows\System32\drivers\tcpipreg.sys
- 2009-10-24 22:20 . 2009-08-14 13:48 30720 c:\windows\System32\drivers\tcpipreg.sys
+ 2010-03-22 22:29 . 2002-11-25 04:46 16896 c:\windows\System32\drivers\synasUSB.sys
- 2009-10-25 19:48 . 2009-04-11 04:15 98816 c:\windows\System32\drivers\srvnet.sys
+ 2010-02-10 17:38 . 2009-12-11 11:43 98816 c:\windows\System32\drivers\srvnet.sys
+ 2007-06-21 20:55 . 2007-06-21 20:55 42512 c:\windows\System32\drivers\npf.sys
+ 2010-04-14 05:18 . 2010-02-23 11:10 79360 c:\windows\System32\drivers\mrxsmb20.sys
- 2009-10-25 19:48 . 2009-04-11 04:14 79360 c:\windows\System32\drivers\mrxsmb20.sys
+ 2008-01-14 10:06 . 2008-01-14 10:06 21632 c:\windows\System32\drivers\ManyCam.sys
- 2009-10-24 21:26 . 2010-01-28 18:11 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-24 21:26 . 2010-07-13 14:06 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-24 21:26 . 2010-07-13 14:06 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-07-06 04:43 . 2010-07-06 04:43 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012010070620100707\index.dat
- 2009-10-24 21:26 . 2010-01-28 18:11 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-24 21:26 . 2010-07-13 14:06 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-04-13 16:47 . 1998-07-05 21:00 33792 c:\windows\System32\CMDLGDE.DLL
+ 2010-04-14 01:11 . 2010-01-13 17:34 98304 c:\windows\System32\cabview.dll
+ 2010-02-10 17:38 . 2009-12-04 18:27 91136 c:\windows\System32\avifil32.dll
- 2009-10-24 22:17 . 2009-06-10 11:38 91136 c:\windows\System32\avifil32.dll
+ 2010-06-10 01:03 . 2010-04-05 17:01 67072 c:\windows\System32\asycfilt.dll
+ 2010-02-23 22:06 . 2010-01-23 09:26 19456 c:\windows\servicing\GC32\tzupd.exe
- 2009-10-25 13:32 . 2010-01-27 21:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-25 13:32 . 2010-07-13 11:25 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-05 20:49 . 2010-03-14 20:34 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-05 20:49 . 2010-03-14 20:34 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2010-03-05 20:49 . 2010-03-14 20:34 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
- 2009-10-25 13:32 . 2010-01-27 21:19 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-25 13:32 . 2010-07-13 11:25 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-25 13:32 . 2010-07-13 11:25 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-10-25 13:32 . 2010-01-27 21:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-10-25 16:40 . 2010-01-27 18:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-25 16:40 . 2010-07-13 19:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-05-07 08:57 . 2010-06-10 21:52 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2010-05-07 08:57 . 2010-06-10 21:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2010-05-07 08:57 . 2010-06-10 21:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
+ 2009-10-25 16:40 . 2010-07-13 19:47 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-10-25 16:40 . 2010-01-27 18:09 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-25 16:40 . 2010-07-13 19:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-10-25 16:40 . 2010-01-27 18:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-10 01:03 . 2010-04-12 12:21 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2009-10-25 19:47 . 2009-02-18 18:38 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 17256 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2010-06-10 01:03 . 2010-03-25 11:53 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-03-02 14:29 . 2005-03-18 15:23 12800 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2010-03-02 14:29 . 2005-03-18 15:23 53248 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-06-15 21:34 . 2010-06-15 21:34 21504 c:\windows\Installer\f9a2a1.msi
+ 2010-04-20 17:10 . 2010-04-20 17:10 48128 c:\windows\Installer\16b1ab.msi
+ 2010-05-24 15:27 . 2010-05-24 15:27 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-05-24 15:27 . 2010-05-24 15:27 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-24 15:27 . 2010-05-24 15:27 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-05-24 15:27 . 2010-05-24 15:27 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-05-24 15:27 . 2010-05-24 15:27 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-24 15:27 . 2010-05-24 15:27 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-24 15:27 . 2010-05-24 15:27 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ARPPRODUCTICON.exe
+ 2010-07-13 11:42 . 2010-07-13 11:42 34632 c:\windows\Installer\{90120000-0020-0407-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-06-04 01:01 . 2010-06-04 01:01 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-02-28 18:31 . 2010-02-28 18:31 18944 c:\windows\Installer\{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}\Icon87F7773C4.exe
+ 2010-02-28 18:31 . 2010-02-28 18:31 15360 c:\windows\Installer\{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}\Icon87F7773C2.exe
+ 2010-03-02 14:29 . 2010-03-02 14:29 32768 c:\windows\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\icon.exe
+ 2010-02-15 19:29 . 2010-02-15 19:29 10134 c:\windows\Installer\{50D69C54-6963-49A6-B762-A9FF8F56AF0F}\ARPPRODUCTICON.exe
+ 2010-05-16 16:21 . 2010-05-16 16:21 65536 c:\windows\Installer\{34AFE453-F544-4269-89C9-CAB7F0744963}\NewShortcut1.D5A09942_925E_44C9_979D_D78D19ABF629.exe
+ 2010-02-10 17:28 . 2010-02-10 17:28 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-04-13 01:28 . 2010-04-13 01:28 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
- 2006-11-02 10:25 . 2010-01-27 20:39 86016 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2010-06-21 19:10 86016 c:\windows\inf\infpub.dat
+ 2009-01-05 14:44 . 2009-01-05 14:44 53248 c:\windows\bdoscandel.exe
+ 2010-06-24 22:01 . 2010-06-24 22:01 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\81ab082be2597d562533493d955b20fa\UIAutomationProvider.ni.dll
+ 2010-06-24 22:01 . 2010-06-24 22:01 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8f17237b1a97a723837bede4c5b10085\System.Windows.Presentation.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\487ab44a991fc29f1ff5ed77da0aeb2c\System.Windows.Presentation.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\6b60acb027ae9b015ffc61dcba421bd3\System.Web.DynamicData.Design.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\e3da89cc15807bd5c9747b4ba394cd41\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-06-11 06:17 . 2010-06-11 06:17 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f56c075fa1f45464ede198e36e79d617\PresentationFontCache.ni.exe
+ 2010-06-24 22:01 . 2010-06-24 22:01 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\c57f58acdfc796bc888fcb6603715537\PresentationFontCache.ni.exe
+ 2010-06-11 06:15 . 2010-06-11 06:15 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\76a79903753244ecd4bedb4b607da4b8\PresentationCFFRasterizer.ni.dll
+ 2010-06-24 22:01 . 2010-06-24 22:01 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\44ecfa244cf6aa4212e23ba22349a240\PresentationCFFRasterizer.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 49152 c:\windows\assembly\NativeImages_v2.0.50727_32\PCDiag\962a89b00736caa1157182054273779c\PCDiag.ni.exe
+ 2010-06-24 22:01 . 2010-06-24 22:01 49664 c:\windows\assembly\NativeImages_v2.0.50727_32\PCDiag\51359be6870bb1f438820e017057cef1\PCDiag.ni.exe
+ 2010-06-11 06:18 . 2010-06-11 06:18 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\3aa49e133664e428e319de2e6a008335\Microsoft.Vsa.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\ace436542717b18db239e016288d56f3\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\loadmxf\b0f43da51145592e457341b61d380787\LoadMxf.ni.exe
+ 2010-06-11 06:15 . 2010-06-11 06:15 51200 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiTVMSMusic\73dfb4ab329eabd3ac66dd45c709e649\ehiTVMSMusic.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 50176 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiTVDTVMusic\6e15b2126cd1d261a4fb52c618b512eb\ehiTVDTVMusic.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiActivScp\4407904ad486695cecf2815e16d6f92a\ehiActivScp.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 38912 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\78906b10836aa6fcfe42ac7777c27fec\ehExtCOM.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 23552 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.PCDIAGLib\1ea2e26ced30156f22c674e484fcc135\AxInterop.PCDIAGLib.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 22016 c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.BASICINFO#\f61546b7eac4c0734158fade4518da18\AxInterop.BASICINFOLib.ni.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-10-25 19:47 . 2009-02-18 18:38 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-03-11 02:00 . 2010-02-20 23:12 9216 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\w3ctrlps.dll
+ 2010-03-11 02:00 . 2010-02-20 23:08 8192 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iisrstap.dll
+ 2009-12-10 02:03 . 2009-11-09 12:32 9216 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\w3ctrlps.dll
+ 2009-12-10 02:03 . 2009-11-09 12:30 8192 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iisrstap.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 9216 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\w3ctrlps.dll
+ 2010-03-11 02:00 . 2010-02-20 23:29 8192 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iisrstap.dll
+ 2009-12-10 02:03 . 2009-11-09 13:23 9216 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\w3ctrlps.dll
+ 2009-12-10 02:03 . 2009-11-09 13:20 8192 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iisrstap.dll
+ 2010-03-11 02:00 . 2010-02-20 23:35 9216 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\w3ctrlps.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 8192 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iisrstap.dll
+ 2010-03-11 02:00 . 2010-02-20 23:55 9216 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\w3ctrlps.dll
+ 2010-03-11 02:00 . 2010-02-20 23:52 8192 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iisrstap.dll
+ 2010-05-26 00:50 . 2010-04-23 14:23 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22391_none_17571fa5201e0c64\tzres.dll
+ 2010-02-23 22:06 . 2010-01-23 09:20 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.22320_none_17a1cecf1fe62f76\tzres.dll
+ 2010-05-26 00:50 . 2010-04-23 14:13 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18248_none_170a947c06d19246\tzres.dll
+ 2010-02-23 22:06 . 2010-01-23 09:26 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18192_none_16ce813e06ff88ca\tzres.dll
+ 2010-05-26 00:50 . 2010-04-23 14:02 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22677_none_158c4f5122e21768\tzres.dll
+ 2010-02-23 22:06 . 2010-01-23 09:43 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22612_none_15c82d6722b5f10f\tzres.dll
+ 2010-05-26 00:50 . 2010-04-23 13:55 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18464_none_150a7fae09bf1281\tzres.dll
+ 2010-02-23 22:06 . 2010-01-23 09:44 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18410_none_153c8e22099a2170\tzres.dll
+ 2010-02-23 22:06 . 2010-01-23 07:54 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.21209_none_13f396ef25812ba9\tzres.dll
+ 2010-02-23 22:06 . 2010-01-23 08:05 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.17007_none_1367f7aa0c655c0a\tzres.dll
+ 2009-10-25 19:47 . 2009-02-18 18:39 5120 c:\windows\winsxs\msil_smdiagnostics.resources_b77a5c561934e089_6.0.6002.22380_de-de_31416b367e143db4\SMDiagnostics.resources.dll
+ 2009-10-25 19:47 . 2009-02-18 18:39 5120 c:\windows\winsxs\msil_smdiagnostics.resources_b77a5c561934e089_6.0.6002.18239_de-de_4809437c647245a4\SMDiagnostics.resources.dll
+ 2009-11-01 08:06 . 2010-07-09 05:10 4108 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-12-21 00:20 . 2010-01-29 05:52 1994 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4032735365-608106937-2049815217-1001_UserData.bin
+ 2009-10-27 11:45 . 2009-10-27 11:45 2048 c:\windows\System32\sysprs7.dll
- 2010-01-28 20:09 . 2010-01-28 20:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-07-13 19:47 . 2010-07-13 19:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-07-13 19:47 . 2010-07-13 19:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-01-28 20:09 . 2010-01-28 20:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-03-08 20:44 . 2010-03-08 20:44 5430 c:\windows\Installer\{716E5774-DD70-4A16-82AD-6341D5D37E4C}\_6FEFF9B68218417F98F549.exe
+ 2010-03-08 20:44 . 2010-03-08 20:44 5430 c:\windows\Installer\{716E5774-DD70-4A16-82AD-6341D5D37E4C}\_52EF337567B94D2E6199FC.exe
+ 2010-03-08 20:44 . 2010-03-08 20:44 5430 c:\windows\Installer\{716E5774-DD70-4A16-82AD-6341D5D37E4C}\_00C4FFB7908FD5011ACF53.exe
+ 2010-06-24 20:54 . 2009-11-08 08:55 295264 c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.1.6001.18242_none_37f9c545bf07d41a\PresentationHost.exe
+ 2010-06-24 18:25 . 2010-03-30 11:59 295264 c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6002.22377_none_721f9e14369439e2\PresentationHost.exe
+ 2010-06-24 18:25 . 2010-04-05 12:19 295264 c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6002.18236_none_71c040af1d5710fd\PresentationHost.exe
+ 2010-06-24 18:25 . 2010-03-30 11:59 130408 c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6002.22377_none_7236d7fc36759770\PresentationHostDLL.dll
+ 2010-06-24 18:25 . 2010-04-05 12:19 129896 c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6002.18236_none_71d77a971d386e8b\PresentationHostDLL.dll
+ 2010-06-10 01:03 . 2010-04-12 12:22 970752 c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.22380_none_f056fa033aa60783\System.Runtime.Serialization.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 970752 c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6002.18239_none_071ed24921040f73\System.Runtime.Serialization.dll
+ 2010-06-10 01:03 . 2010-04-12 12:22 442368 c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6002.22380_none_0ebeb2ba5a6f811c\System.IdentityModel.dll
+ 2010-06-10 01:03 . 2010-04-12 12:20 438272 c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6002.18239_none_25868b0040cd890c\System.IdentityModel.dll
+ 2010-06-10 01:03 . 2010-03-25 11:54 436048 c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6002.22372_none_1fb465ed51de1b9c\webengine.dll
+ 2010-06-10 01:03 . 2010-03-25 11:53 435024 c:\windows\winsxs\x86_netfx-web_engine_dll_b03f5f7f11d50a3a_6.0.6002.18232_none_367e0b85383a563a\webengine.dll
+ 2010-06-24 20:54 . 2009-11-08 08:55 297808 c:\windows\winsxs\x86_netfx-mscoree_dll_31bf3856ad364e35_6.1.6001.18242_none_7d658e19f5139de5\mscoree.dll
+ 2010-05-12 19:29 . 2010-05-12 19:29 653120 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
+ 2010-05-12 19:29 . 2010-05-12 19:29 569664 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll
+ 2010-05-12 19:29 . 2010-05-12 19:29 225280 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcm90.dll
+ 2010-04-18 21:33 . 2010-04-18 21:33 161784 c:\windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_bdf22a22ab9e15d5\ATL90.dll
+ 2010-04-14 01:11 . 2009-12-23 12:12 172032 c:\windows\winsxs\x86_microsoft-windows-wintrust-dll_31bf3856ad364e35_6.0.6002.22293_none_f1c001a2b09b160b\wintrust.dll
+ 2010-04-14 01:11 . 2009-12-23 11:33 172032 c:\windows\winsxs\x86_microsoft-windows-wintrust-dll_31bf3856ad364e35_6.0.6002.18169_none_f15cd657975fba78\wintrust.dll
+ 2010-04-14 01:11 . 2009-12-23 12:29 171520 c:\windows\winsxs\x86_microsoft-windows-wintrust-dll_31bf3856ad364e35_6.0.6001.22588_none_efe96118b36823a9\wintrust.dll
+ 2010-04-14 01:11 . 2009-12-23 12:43 171520 c:\windows\winsxs\x86_microsoft-windows-wintrust-dll_31bf3856ad364e35_6.0.6001.18387_none_ef5ec21d9a4b6d61\wintrust.dll
+ 2010-04-14 01:11 . 2009-12-23 12:14 171520 c:\windows\winsxs\x86_microsoft-windows-wintrust-dll_31bf3856ad364e35_6.0.6000.21186_none_ee00f81ab6439625\wintrust.dll
+ 2010-04-14 01:11 . 2009-12-23 12:45 171520 c:\windows\winsxs\x86_microsoft-windows-wintrust-dll_31bf3856ad364e35_6.0.6000.16984_none_ed7582999d27906b\wintrust.dll
+ 2010-02-10 17:38 . 2009-12-28 12:05 123904 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.22295_none_9445b91c9f4a779f\msvfw32.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 123904 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6002.18158_none_93ea5cdf8609b416\msvfw32.dll
+ 2010-02-10 17:38 . 2009-12-28 13:40 123904 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.22590_none_925a45c2a228a3c8\msvfw32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:32 123904 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6001.18389_none_91e4799788facef5\msvfw32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:29 123904 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.21188_none_9086af94a4f2f7b9\msvfw32.dll
+ 2010-02-10 17:38 . 2009-12-28 12:34 123904 c:\windows\winsxs\x86_microsoft-windows-video-for-windows_31bf3856ad364e35_6.0.6000.16986_none_8ffb3a138bd6f1ff\msvfw32.dll
+ 2010-04-14 05:18 . 2010-02-18 14:01 167424 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpipcfg.dll
+ 2010-04-14 05:18 . 2010-02-18 11:51 818688 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
+ 2010-02-10 17:38 . 2009-12-08 20:03 167424 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpipcfg.dll
+ 2010-02-10 17:38 . 2009-12-08 17:45 816640 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
+ 2010-04-14 05:18 . 2010-02-18 14:22 167424 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpipcfg.dll
+ 2010-04-14 05:18 . 2010-02-18 12:05 815104 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
+ 2010-02-10 17:38 . 2009-12-08 20:19 167424 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpipcfg.dll
+ 2010-02-10 17:38 . 2009-12-08 17:58 813568 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
+ 2010-04-14 05:18 . 2010-02-18 14:22 910216 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
+ 2010-02-10 17:38 . 2009-12-08 20:15 907832 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
+ 2010-04-14 05:18 . 2010-02-18 14:07 904576 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
+ 2010-02-10 17:38 . 2009-12-08 20:01 904776 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
+ 2010-04-14 05:18 . 2010-02-18 17:36 902024 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
+ 2010-02-10 17:38 . 2009-12-08 20:37 900696 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
+ 2010-04-14 05:18 . 2010-02-18 14:49 898952 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
+ 2010-02-10 17:38 . 2009-12-08 20:52 897624 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
+ 2010-02-10 17:38 . 2009-12-11 12:02 302080 c:\windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.0.6002.22286_none_dc1702020cf2f8f1\srv.sys
+ 2010-02-10 17:38 . 2009-12-11 11:43 302080 c:\windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.0.6002.18164_none_dba1047af3c6ee97\srv.sys
+ 2010-02-10 17:38 . 2009-12-11 12:13 302080 c:\windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.0.6001.22581_none_da2b8ea80fd1251a\srv.sys
+ 2010-02-10 17:38 . 2009-12-11 12:07 301568 c:\windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.0.6001.18381_none_d9a1eff6f6b38829\srv.sys
+ 2010-02-10 17:38 . 2009-12-11 12:01 307200 c:\windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.0.6000.21179_none_d857f87a129b790b\srv.sys
+ 2010-02-10 17:38 . 2009-12-11 12:15 306688 c:\windows\winsxs\x86_microsoft-windows-smbserver-v1_31bf3856ad364e35_6.0.6000.16977_none_d7cc82f8f97f7351\srv.sys
+ 2010-04-14 05:18 . 2010-02-23 11:16 106496 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.22346_none_81dc4772677c5da2\mrxsmb.sys
+ 2010-02-10 17:38 . 2009-12-04 16:08 105984 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.22281_none_81ac046a67a1518c\mrxsmb.sys
+ 2010-04-14 05:18 . 2010-02-23 11:10 106496 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18213_none_8170198d4e491e00\mrxsmb.sys
+ 2010-02-10 17:38 . 2009-12-04 15:56 105984 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18158_none_8149d9694e650f50\mrxsmb.sys
+ 2010-04-14 05:18 . 2010-02-23 11:30 106496 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.22641_none_7ff0d4186a5a89cb\mrxsmb.sys
+ 2010-02-10 17:38 . 2009-12-04 16:16 105984 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.22575_none_7fd463966a6f45d3\mrxsmb.sys
+ 2010-04-14 05:18 . 2010-02-23 11:32 105984 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18431_none_7f7205535134d0e9\mrxsmb.sys
+ 2010-02-10 17:38 . 2009-12-04 16:12 105472 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18375_none_7f4ac4e55151a8e2\mrxsmb.sys
+ 2010-04-14 05:18 . 2010-02-23 11:30 102912 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.21230_none_7e143b506d2cf9ad\mrxsmb.sys
+ 2010-02-10 17:38 . 2009-12-04 16:14 102400 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.21173_none_7debfa986d4ab84f\mrxsmb.sys
+ 2010-04-14 05:18 . 2010-02-23 13:14 102400 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.17025_none_7d9a6dfd5402bf7e\mrxsmb.sys
+ 2010-02-10 17:38 . 2009-12-04 16:27 101888 c:\windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.16971_none_7d608517542eb295\mrxsmb.sys
+ 2010-04-14 05:18 . 2010-02-23 11:16 212992 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.22346_none_8aef65c661cd9c04\mrxsmb10.sys
+ 2010-02-10 17:38 . 2009-12-04 16:08 212992 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.22281_none_8abf22be61f28fee\mrxsmb10.sys
+ 2010-04-14 05:18 . 2010-02-23 11:10 212992 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18213_none_8a8337e1489a5c62\mrxsmb10.sys
+ 2010-02-10 17:38 . 2009-12-04 15:56 212992 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18158_none_8a5cf7bd48b64db2\mrxsmb10.sys
+ 2010-04-14 05:18 . 2010-02-23 11:30 212992 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22641_none_8903f26c64abc82d\mrxsmb10.sys
+ 2010-02-10 17:38 . 2009-12-04 16:16 212992 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22575_none_88e781ea64c08435\mrxsmb10.sys
+ 2010-04-14 05:18 . 2010-02-23 11:32 212992 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18431_none_888523a74b860f4b\mrxsmb10.sys
+ 2010-02-10 17:38 . 2009-12-04 16:12 212992 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18375_none_885de3394ba2e744\mrxsmb10.sys
+ 2010-04-14 05:18 . 2010-02-23 11:30 211968 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.21230_none_872759a4677e380f\mrxsmb10.sys
+ 2010-02-10 17:38 . 2009-12-04 16:14 211968 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.21173_none_86ff18ec679bf6b1\mrxsmb10.sys
+ 2010-04-14 05:18 . 2010-02-23 13:14 211968 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.17025_none_86ad8c514e53fde0\mrxsmb10.sys
+ 2010-02-10 17:38 . 2009-12-04 16:27 211968 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.16971_none_8673a36b4e7ff0f7\mrxsmb10.sys
+ 2010-04-14 05:18 . 2010-03-05 22:19 420352 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_8.0.6001.23000_none_2bcc9be85cd2112b\vbscript.dll
+ 2010-04-14 05:18 . 2010-03-05 14:01 420352 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_8.0.6001.18909_none_2b4c2b7b43ac1f55\vbscript.dll
+ 2010-02-23 22:06 . 2009-12-04 16:15 726528 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.22960_none_6611c986263fd953\jscript.dll
+ 2010-02-23 22:06 . 2009-12-04 07:19 726528 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.18869_none_65912f550d1a1d98\jscript.dll
+ 2010-03-11 02:00 . 2010-02-20 23:08 374272 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.22343_none_dce43630c143fd87\iisw3adm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:05 373760 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.18210_none_dc78084ba810bde5\iisw3adm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:29 371712 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.22638_none_db0d95a6c4110b25\iisw3adm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:37 371712 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6001.18428_none_da8ec6e1aaeb5243\iisw3adm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 322560 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.21227_none_d930fcdec6e37b07\iisw3adm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:52 322560 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6000.17022_none_d8a25cbbadca5f63\iisw3adm.dll
+ 2010-04-14 05:18 . 2010-02-18 13:59 438272 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22636_none_cd93a82a43bb5573\IKEEXT.DLL
+ 2010-04-14 05:18 . 2010-02-18 13:59 595456 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22636_none_cd93a82a43bb5573\FWPUCLNT.DLL
+ 2010-04-14 05:18 . 2010-02-18 13:57 328704 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22636_none_cd93a82a43bb5573\BFE.DLL
+ 2010-02-10 17:38 . 2009-12-08 19:57 438272 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22577_none_cd6966de43dae167\IKEEXT.DLL
+ 2010-02-10 17:38 . 2009-12-08 19:57 595456 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22577_none_cd6966de43dae167\FWPUCLNT.DLL
+ 2010-02-10 17:38 . 2009-12-08 19:55 328704 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22577_none_cd6966de43dae167\BFE.DLL
+ 2010-04-14 05:18 . 2010-02-18 13:56 416768 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21226_none_cbb80fac468cdeac\IKEEXT.DLL
+ 2010-04-14 05:18 . 2010-02-18 13:56 543232 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21226_none_cbb80fac468cdeac\FWPUCLNT.DLL
+ 2010-04-14 05:18 . 2010-02-18 13:55 317440 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21226_none_cbb80fac468cdeac\BFE.DLL
+ 2010-02-10 17:38 . 2009-12-08 19:58 416768 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21175_none_cb80fde046b653e3\IKEEXT.DLL
+ 2010-02-10 17:38 . 2009-12-08 19:58 543232 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21175_none_cb80fde046b653e3\FWPUCLNT.DLL
+ 2010-02-10 17:38 . 2009-12-08 19:56 317440 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21175_none_cb80fde046b653e3\BFE.DLL
+ 2010-04-14 05:18 . 2010-02-18 17:36 220040 c:\windows\winsxs\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22636_none_570aa516ce7e04c9\netio.sys
+ 2010-02-10 17:38 . 2009-12-08 20:36 220248 c:\windows\winsxs\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22577_none_56e063cace9d90bd\netio.sys
+ 2010-04-14 05:18 . 2010-02-18 14:34 213896 c:\windows\winsxs\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.21226_none_552f0c98d14f8e02\netio.sys
+ 2010-02-10 17:38 . 2009-12-08 22:29 214104 c:\windows\winsxs\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.21175_none_54f7faccd1790339\netio.sys
+ 2010-03-11 01:29 . 2009-10-14 14:12 195072 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6002.22245_none_f4abc44d237d7ed9\WMM2AE.dll
+ 2010-03-11 01:29 . 2009-10-14 12:23 150016 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6002.22245_none_f4abc44d237d7ed9\MOVIEMK.exe
+ 2009-10-25 19:48 . 2009-04-11 06:28 195072 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6002.18121_none_f433c6320a5341d1\WMM2AE.dll
+ 2009-10-25 19:47 . 2009-04-11 06:27 150016 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6002.18121_none_f433c6320a5341d1\MOVIEMK.exe
+ 2010-03-11 01:29 . 2009-10-14 15:08 195072 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.22541_none_f2c1513d265ac459\WMM2AE.dll
+ 2010-03-11 01:29 . 2009-10-14 13:16 150016 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.22541_none_f2c1513d265ac459\MOVIEMK.exe
+ 2008-01-21 02:25 . 2008-01-21 02:25 195072 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.18341_none_f237b28c0d3d2768\WMM2AE.dll
+ 2010-03-11 01:29 . 2009-10-14 12:43 150016 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.18341_none_f237b28c0d3d2768\MOVIEMK.exe
+ 2010-03-11 01:29 . 2009-10-14 14:51 195072 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6000.21139_none_f0edbb0f2925184a\WMM2AE.dll
+ 2010-03-11 01:29 . 2009-10-14 12:44 150016 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6000.21139_none_f0edbb0f2925184a\MOVIEMK.exe
+ 2010-03-11 01:29 . 2009-10-14 15:06 195072 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6000.16937_none_f062458e10091290\WMM2AE.dll
+ 2010-03-11 01:29 . 2009-10-14 12:54 150016 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6000.16937_none_f062458e10091290\MOVIEMK.exe
+ 2010-05-12 04:06 . 2010-01-29 16:07 738816 c:\windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6002.22325_none_7c10a4356edc41af\inetcomm.dll
+ 2010-05-12 04:06 . 2010-01-29 15:40 738816 c:\windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6002.18197_none_7b3d56a455f59b03\inetcomm.dll
+ 2010-05-12 04:06 . 2010-01-29 16:08 738304 c:\windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6001.22621_none_7a26312571b9872f\inetcomm.dll
+ 2010-05-12 04:06 . 2010-01-29 16:21 738304 c:\windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6001.18416_none_79ac63d2588f4d00\inetcomm.dll
+ 2010-03-11 02:00 . 2010-02-20 23:10 333312 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\nativerd.dll
+ 2010-03-11 02:00 . 2010-02-20 23:08 202752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iisutil.dll
+ 2010-03-11 02:00 . 2010-02-20 21:22 228864 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iissetup.exe
+ 2010-03-11 02:00 . 2010-02-20 23:08 153600 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iisRtl.dll
+ 2010-03-11 02:00 . 2010-02-20 21:22 193024 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iisres.dll
+ 2010-03-11 02:00 . 2010-02-20 23:11 209408 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\iismig.dll
+ 2010-03-11 02:00 . 2010-02-20 21:22 182784 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\aspnetca.exe
+ 2010-03-11 02:00 . 2010-02-20 23:07 311808 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\appobj.dll
+ 2010-03-11 02:00 . 2010-02-20 21:22 154112 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.22343_none_13314c23cb33f9c6\appcmd.exe
+ 2009-12-10 02:03 . 2009-11-09 12:31 331264 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\nativerd.dll
+ 2009-12-10 02:03 . 2009-11-09 12:30 202752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iisutil.dll
+ 2009-12-10 02:03 . 2009-11-09 10:49 228864 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iissetup.exe
+ 2009-12-10 02:03 . 2009-11-09 12:30 153600 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iisRtl.dll
+ 2009-12-10 02:03 . 2009-11-09 10:48 193024 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iisres.dll
+ 2009-12-10 02:03 . 2009-11-09 12:32 209408 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\iismig.dll
+ 2009-12-10 02:03 . 2009-11-09 10:49 182784 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\aspnetca.exe
+ 2009-12-10 02:03 . 2009-11-09 12:28 311808 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\appobj.dll
+ 2009-12-10 02:03 . 2009-11-09 10:48 154112 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18210_none_12c51e3eb200ba24\appcmd.exe
+ 2010-03-11 02:00 . 2010-02-20 23:30 331776 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\nativerd.dll
+ 2010-03-11 02:00 . 2010-02-20 23:29 202752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iisutil.dll
+ 2010-03-11 02:00 . 2010-02-20 21:35 228864 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iissetup.exe
+ 2010-03-11 02:00 . 2010-02-20 23:29 153600 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iisRtl.dll
+ 2010-03-11 02:00 . 2010-02-20 21:35 193024 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iisres.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 209408 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\iismig.dll
+ 2010-03-11 02:00 . 2010-02-20 21:35 182784 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\aspnetca.exe
+ 2010-03-11 02:00 . 2010-02-20 23:26 311808 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\appobj.dll
+ 2010-03-11 02:00 . 2010-02-20 21:35 154112 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.22638_none_115aab99ce010764\appcmd.exe
+ 2009-12-10 02:03 . 2009-11-09 13:22 326656 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\nativerd.dll
+ 2009-12-10 02:03 . 2009-11-09 13:20 202752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iisutil.dll
+ 2009-12-10 02:03 . 2009-11-09 11:22 228864 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iissetup.exe
+ 2009-12-10 02:03 . 2009-11-09 13:20 153600 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iisRtl.dll
+ 2009-12-10 02:03 . 2009-11-09 11:21 193024 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iisres.dll
+ 2009-12-10 02:03 . 2009-11-09 13:23 209408 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\iismig.dll
+ 2009-12-10 02:03 . 2009-11-09 11:22 182784 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\aspnetca.exe
+ 2009-12-10 02:03 . 2009-11-09 13:18 311296 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\appobj.dll
+ 2009-12-10 02:03 . 2009-11-09 11:21 154112 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18428_none_10dbdcd4b4db4e82\appcmd.exe
+ 2010-03-11 02:00 . 2010-02-20 23:34 236032 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\nativerd.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 189952 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iisutil.dll
+ 2010-03-11 02:00 . 2010-02-20 21:31 195072 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iissetup.exe
+ 2010-03-11 02:00 . 2010-02-20 23:31 148480 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iisRtl.dll
+ 2010-03-11 02:00 . 2010-02-20 20:21 183808 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iisres.dll
+ 2010-03-11 02:00 . 2010-02-20 23:35 128512 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\iismig.dll
+ 2010-03-11 02:00 . 2010-02-20 21:31 178176 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\aspnetca.exe
+ 2010-03-11 02:00 . 2010-02-20 23:30 297472 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\appobj.dll
+ 2010-03-11 02:00 . 2010-02-20 21:31 150528 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\appcmd.exe
+ 2010-03-11 02:00 . 2010-02-20 23:54 236032 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\nativerd.dll
+ 2010-03-11 02:00 . 2010-02-20 23:52 189952 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iisutil.dll
+ 2010-03-11 02:00 . 2010-02-20 21:47 195072 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iissetup.exe
+ 2010-03-11 02:00 . 2010-02-20 23:52 148480 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iisRtl.dll
+ 2010-03-11 02:00 . 2010-02-20 20:30 183808 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iisres.dll
+ 2010-03-11 02:00 . 2010-02-20 23:55 128512 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\iismig.dll
+ 2010-03-11 02:00 . 2010-02-20 21:47 178176 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\aspnetca.exe
+ 2010-03-11 02:00 . 2010-02-20 23:50 297472 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\appobj.dll
+ 2010-03-11 02:00 . 2010-02-20 21:47 150528 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\appcmd.exe
+ 2010-03-11 02:00 . 2010-02-20 23:08 107008 c:\windows\winsxs\x86_microsoft-windows-iis-isapiextensions_31bf3856ad364e35_6.0.6002.22343_none_6bd150839a36b650\isapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:05 107008 c:\windows\winsxs\x86_microsoft-windows-iis-isapiextensions_31bf3856ad364e35_6.0.6002.18210_none_6b65229e810376ae\isapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:29 107008 c:\windows\winsxs\x86_microsoft-windows-iis-isapiextensions_31bf3856ad364e35_6.0.6001.22638_none_69faaff99d03c3ee\isapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:37 107008 c:\windows\winsxs\x86_microsoft-windows-iis-isapiextensions_31bf3856ad364e35_6.0.6001.18428_none_697be13483de0b0c\isapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:32 107008 c:\windows\winsxs\x86_microsoft-windows-iis-isapiextensions_31bf3856ad364e35_6.0.6000.21227_none_681e17319fd633d0\isapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:52 107008 c:\windows\winsxs\x86_microsoft-windows-iis-isapiextensions_31bf3856ad364e35_6.0.6000.17022_none_678f770e86bd182c\isapi.dll
+ 2010-03-11 02:00 . 2010-02-20 23:08 190976 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6002.22343_none_d1f1e1863fa65f97\iiscore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:05 190976 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6002.18210_none_d185b3a126731ff5\iiscore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:29 190976 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6001.22638_none_d01b40fc42736d35\iiscore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:37 189952 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6001.18428_none_cf9c7237294db453\iiscore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:31 164864 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6000.21227_none_ce3ea8344545dd17\iiscore.dll
+ 2010-03-11 02:00 . 2010-02-20 23:52 164864 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6000.17022_none_cdb008112c2cc173\iiscore.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.23019_none_481337e6dd0a172b\ieui.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22995_none_47b8df3cdd4e5e15\ieui.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18928_none_477df4a9c3f543e0\ieui.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18904_none_478f9359c3e8a6a2\ieui.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.23019_none_ff02e517e8e79415\iesysprep.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.22995_none_fea88c6de92bdaff\iesysprep.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18928_none_fe6da1dacfd2c0ca\iesysprep.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18904_none_fe7f408acfc6238c\iesysprep.dll
+ 2010-06-10 01:03 . 2010-05-04 04:59 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.23019_none_a941806b8d645750\ie4uinit.exe
+ 2010-03-31 06:31 . 2010-02-23 13:25 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22995_none_a8e727c18da89e3a\ie4uinit.exe
+ 2010-06-10 01:03 . 2010-05-04 04:30 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18928_none_a8ac3d2e744f8405\ie4uinit.exe
+ 2010-03-31 06:31 . 2010-02-23 04:55 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18904_none_a8bddbde7442e6c7\ie4uinit.exe
+ 2010-06-10 01:03 . 2010-05-04 06:31 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.23019_none_2b1475a0bb6f3e25\sqmapi.dll
+ 2010-03-31 06:31 . 2010-02-23 15:05 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22995_none_2aba1cf6bbb3850f\sqmapi.dll
+ 2010-06-10 01:03 . 2010-05-04 05:58 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18928_none_2a7f3263a25a6ada\sqmapi.dll
+ 2010-03-31 06:31 . 2010-02-23 06:38 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18904_none_2a90d113a24dcd9c\sqmapi.dll
+ 2010-06-10 01:03 . 2010-05-04 06:31 206848 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.23019_none_1a973373430e2393\occache.dll
+ 2010-03-31 06:31 . 2010-02-23 15:04 206848 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22995_none_1a3cdac943526a7d\occache.dll
+ 2010-06-10 01:03 . 2010-05-04 05:58 206848 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18928_none_1a01f03629f95048\occache.dll
+ 2010-03-31 06:31 . 2010-02-23 06:37 206848 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18904_none_1a138ee629ecb30a\occache.dll
+ 2010-06-10 01:03 . 2010-05-04 06:32 638232 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_12d2cb5048e98eab\iexplore.exe
+ 2010-06-10 01:03 . 2010-05-04 04:59 133632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_12d2cb5048e98eab\ieUnatt.exe
+ 2010-03-31 06:31 . 2010-02-23 15:06 638232 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\iexplore.exe
+ 2010-03-31 06:31 . 2010-02-23 13:26 133632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\ieUnatt.exe
+ 2010-06-10 01:03 . 2010-05-04 06:00 638232 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_123d88132fd4bb60\iexplore.exe
+ 2010-06-10 01:03 . 2010-05-04 04:31 133632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_123d88132fd4bb60\ieUnatt.exe
+ 2010-03-31 06:31 . 2010-02-23 06:39 638232 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\iexplore.exe
+ 2010-03-31 06:31 . 2010-02-23 04:55 133632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\ieUnatt.exe
+ 2010-06-10 01:03 . 2010-05-04 06:30 197632 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.23019_none_2afdfb3cc92410b5\IEShims.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 197632 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.22995_none_2aa3a292c968579f\IEShims.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 197632 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18928_none_2a68b7ffb00f3d6a\IEShims.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 197632 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18904_none_2a7a56afb002a02c\IEShims.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 247808 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.23019_none_739fafa6797baa47\ieproxy.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 247808 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.22995_none_734556fc79bff131\ieproxy.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 247808 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18928_none_730a6c696066d6fc\ieproxy.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 247808 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18904_none_731c0b19605a39be\ieproxy.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 599040 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.23019_none_4357559369617280\msfeeds.dll
+ 2010-03-31 06:31 . 2010-02-23 15:01 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.22995_none_42fcfce969a5b96a\msfeeds.dll
+ 2010-06-10 01:03 . 2010-05-04 05:56 599040 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18928_none_42c21256504c9f35\msfeeds.dll
+ 2010-03-31 06:31 . 2010-02-23 06:34 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18904_none_42d3b106504001f7\msfeeds.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 743424 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.6001.23019_none_1f15d8176ec16c09\iedvtool.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 743424 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.6001.18928_none_1e8094da55ac98be\iedvtool.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 184320 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.23019_none_20344ff620f8e82a\iepeers.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 184320 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.22995_none_1fd9f74c213d2f14\iepeers.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 184320 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18928_none_1f9f0cb907e414df\iepeers.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 184320 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18904_none_1fb0ab6907d777a1\iepeers.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 387584 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.23019_none_57c137c08668408f\iedkcs32.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 387584 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.22995_none_5766df1686ac8779\iedkcs32.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 387584 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18928_none_572bf4836d536d44\iedkcs32.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 387584 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18904_none_573d93336d46d006\iedkcs32.dll
+ 2010-06-10 01:03 . 2010-05-04 06:31 919040 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
+ 2010-03-31 06:31 . 2010-02-23 15:06 919040 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
+ 2010-06-10 01:03 . 2010-05-04 05:59 916480 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
+ 2010-03-31 06:31 . 2010-02-23 06:39 916480 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
+ 2010-04-14 05:18 . 2010-02-18 13:42 211456 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6002.22341_none_1428eb9d92bddb72\iphlpsvc.dll
+ 2010-04-14 05:18 . 2010-02-18 13:30 200704 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6002.18209_none_13d290d27978969c\iphlpsvc.dll
+ 2010-04-14 05:18 . 2010-02-18 14:00 201216 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6001.22636_none_12524b13958ae910\iphlpsvc.dll
+ 2010-04-14 05:18 . 2010-02-18 14:11 190464 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6001.18427_none_11d47c987c644985\iphlpsvc.dll
+ 2010-04-14 05:18 . 2010-02-18 13:57 179712 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6000.21226_none_1076b295985c7249\iphlpsvc.dll
+ 2010-04-14 05:18 . 2010-02-18 14:19 179712 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6000.17021_none_0fe812727f4356a5\iphlpsvc.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 611840 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.6001.23019_none_c43671ebab5db8a4\mstime.dll
+ 2010-03-31 06:31 . 2010-02-23 15:02 611840 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.6001.22995_none_c3dc1941aba1ff8e\mstime.dll
+ 2010-06-10 01:03 . 2010-05-04 05:56 611840 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.6001.18928_none_c3a12eae9248e559\mstime.dll
+ 2010-03-31 06:31 . 2010-02-23 06:35 611840 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.6001.18904_none_c3b2cd5e923c481b\mstime.dll
+ 2010-03-11 02:00 . 2010-02-20 21:06 411648 c:\windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.0.6002.22343_none_af08d5a82f3c8f92\http.sys
+ 2010-03-11 02:00 . 2010-02-20 20:53 411648 c:\windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.0.6002.18210_none_ae9ca7c316094ff0\http.sys
+ 2010-03-11 02:00 . 2010-02-20 21:20 411136 c:\windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.0.6001.22638_none_ad32351e32099d30\http.sys
+ 2010-03-11 02:00 . 2010-02-20 21:18 411136 c:\windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.0.6001.18428_none_acb3665918e3e44e\http.sys
+ 2010-03-11 02:00 . 2010-02-20 21:16 398848 c:\windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.0.6000.21227_none_ab559c5634dc0d12\http.sys
+ 2010-03-11 02:00 . 2010-02-20 21:30 396800 c:\windows\winsxs\x86_microsoft-windows-http_31bf3856ad364e35_6.0.6000.17022_none_aac6fc331bc2f16e\http.sys
+ 2010-06-10 01:03 . 2010-05-26 14:54 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\atmfd.dll
+ 2010-06-10 01:03 . 2010-05-26 14:47 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\atmfd.dll
+ 2010-06-10 01:03 . 2010-05-26 14:35 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\atmfd.dll
+ 2010-06-10 01:03 . 2010-05-26 14:25 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\atmfd.dll
+ 2010-03-06 04:53 . 2010-02-12 10:43 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6002.22337_none_6466abc783660745\browserchoice.exe
+ 2010-03-06 04:53 . 2010-02-12 10:32 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6002.18205_none_63fb7e2c6a31e0fa\browserchoice.exe
+ 2010-03-06 04:53 . 2010-02-12 10:46 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6001.22632_none_627b386d8644336e\browserchoice.exe
+ 2010-03-06 04:53 . 2010-02-12 10:48 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6001.18423_none_61fd69f26d1d93e3\browserchoice.exe
+ 2010-03-06 04:53 . 2010-02-12 10:42 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6000.21223_none_60a0a0398914d5fe\browserchoice.exe
+ 2010-03-06 04:53 . 2010-02-12 10:49 293376 c:\windows\winsxs\x86_microsoft-windows-browserballot_31bf3856ad364e35_6.0.6000.17017_none_6025d29c6feb8278\browserchoice.exe
+ 2009-10-25 19:47 . 2009-03-30 04:42 622592 c:\windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6002.22372_de-de_3bb82148950ac69a\System.Web.Resources.dll
+ 2009-10-25 19:47 . 2009-03-30 04:42 622592 c:\windows\winsxs\msil_system.web.resources_b03f5f7f11d50a3a_6.0.6002.18232_de-de_5281c6e07b670138\System.Web.Resources.dll
+ 2010-06-10 01:03 . 2009-12-09 06:55 495616 c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6002.22380_de-de_0df4369cf5a3b2ab\System.ServiceModel.Resources.dll
+ 2010-06-10 01:03 . 2009-12-09 06:54 495616 c:\windows\winsxs\msil_system.servicemodel.resources_b77a5c561934e089_6.0.6002.18239_de-de_24bc0ee2dc01ba9b\System.ServiceModel.Resources.dll
+ 2010-06-10 01:04 . 2010-03-04 12:53 258048 c:\windows\winsxs\msil_system.security_b03f5f7f11d50a3a_6.0.6002.22354_none_851a050be8358bb4\System.Security.dll
+ 2010-06-10 01:04 . 2010-03-04 12:53 258048 c:\windows\winsxs\msil_system.security_b03f5f7f11d50a3a_6.0.6002.18222_none_9be4d87dce90ac67\System.Security.dll
+ 2010-06-10 01:03 . 2010-04-12 12:22 970752 c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.22380_none_eb7c4e35f9cf6d41\System.Runtime.Serialization.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 970752 c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6002.18239_none_0244267be02d7531\System.Runtime.Serialization.dll
+ 2010-06-10 01:03 . 2010-04-12 12:22 970752 c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.22380_none_bb39189bd2286c0e\System.Runtime.Serialization.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 970752 c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6002.18239_none_d200f0e1b88673fe\System.Runtime.Serialization.dll
+ 2009-10-25 19:47 . 2009-03-30 04:42 212992 c:\windows\winsxs\msil_system.resources_b77a5c561934e089_6.0.6002.22372_de-de_4f34a709d632c352\system.resources.dll
+ 2009-10-25 19:47 . 2009-03-30 04:42 212992 c:\windows\winsxs\msil_system.resources_b77a5c561934e089_6.0.6002.18232_de-de_65fe4ca1bc8efdf0\system.resources.dll
+ 2010-06-10 01:03 . 2010-04-12 12:22 442368 c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6002.22380_none_0670c1405dffcd5a\System.IdentityModel.dll
+ 2010-06-10 01:03 . 2010-04-12 12:20 438272 c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6002.18239_none_1d389986445dd54a\System.IdentityModel.dll
+ 2010-06-10 01:03 . 2010-04-12 12:22 110592 c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6002.22380_none_87a8a684c9f377a8\SMdiagnostics.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 110592 c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6002.18239_none_9e707ecab0517f98\SMdiagnostics.dll
+ 2010-06-09 21:39 . 2004-01-25 16:18 217088 c:\windows\System32\yv12vfw.dll
+ 2010-06-09 21:39 . 2009-05-29 21:37 205824 c:\windows\System32\xvidvfw.dll
+ 2010-06-09 21:39 . 2009-05-29 21:31 881664 c:\windows\System32\xvidcore.dll
+ 2010-05-12 19:31 . 2010-02-04 08:01 528216 c:\windows\System32\XAudio2_6.dll
+ 2010-05-12 19:31 . 2009-09-04 15:44 515416 c:\windows\System32\XAudio2_5.dll
+ 2010-05-12 19:31 . 2009-03-16 12:18 517448 c:\windows\System32\XAudio2_4.dll
+ 2010-05-12 19:31 . 2008-10-27 08:04 514384 c:\windows\System32\XAudio2_3.dll
+ 2010-05-12 19:31 . 2008-07-31 08:40 509448 c:\windows\System32\XAudio2_2.dll
+ 2010-05-12 19:31 . 2008-05-30 12:19 507400 c:\windows\System32\XAudio2_1.dll
+ 2010-05-12 19:31 . 2008-03-05 14:03 479752 c:\windows\System32\XAudio2_0.dll
+ 2010-05-12 19:31 . 2010-02-04 08:01 238936 c:\windows\System32\xactengine3_6.dll
+ 2010-05-12 19:31 . 2009-09-04 15:44 238936 c:\windows\System32\xactengine3_5.dll
+ 2010-05-12 19:31 . 2009-03-16 12:18 235352 c:\windows\System32\xactengine3_4.dll
+ 2010-05-12 19:31 . 2008-10-27 08:04 235856 c:\windows\System32\xactengine3_3.dll
+ 2010-05-12 19:31 . 2008-07-31 08:41 238088 c:\windows\System32\xactengine3_2.dll
+ 2010-05-12 19:31 . 2008-05-30 12:18 238088 c:\windows\System32\xactengine3_1.dll
+ 2010-05-12 19:31 . 2008-03-05 14:03 238088 c:\windows\System32\xactengine3_0.dll
+ 2010-05-12 19:31 . 2007-07-19 22:57 267112 c:\windows\System32\xactengine2_9.dll
+ 2010-05-12 19:31 . 2007-06-20 18:46 266088 c:\windows\System32\xactengine2_8.dll
+ 2010-05-12 19:31 . 2007-04-04 16:55 261480 c:\windows\System32\xactengine2_7.dll
+ 2010-05-12 19:31 . 2007-01-24 13:27 255848 c:\windows\System32\xactengine2_6.dll
+ 2010-05-12 19:31 . 2006-12-08 10:02 251672 c:\windows\System32\xactengine2_5.dll
+ 2010-05-12 19:31 . 2006-09-28 14:05 237848 c:\windows\System32\xactengine2_4.dll
+ 2010-05-12 19:31 . 2006-07-28 07:30 236824 c:\windows\System32\xactengine2_3.dll
+ 2010-05-12 19:31 . 2006-05-31 05:24 230168 c:\windows\System32\xactengine2_2.dll
+ 2010-05-12 19:31 . 2007-10-22 01:39 267272 c:\windows\System32\xactengine2_10.dll
+ 2010-03-02 14:29 . 2006-03-31 11:39 229584 c:\windows\System32\xactengine2_1.dll
+ 2010-03-02 14:29 . 2006-02-03 07:42 230096 c:\windows\System32\xactengine2_0.dll
+ 2007-06-21 20:55 . 2007-06-21 20:55 244336 c:\windows\System32\wpcap.dll
+ 2010-04-14 01:11 . 2009-12-23 11:33 172032 c:\windows\System32\wintrust.dll
+ 2009-10-24 23:23 . 2010-07-11 01:00 478518 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 13:05 . 2010-07-13 19:49 112446 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2010-04-14 05:18 . 2010-03-05 14:01 420352 c:\windows\System32\vbscript.dll
- 2009-10-24 23:09 . 2009-03-08 11:33 420352 c:\windows\System32\vbscript.dll
+ 2010-04-13 16:47 . 2000-10-01 21:00 125712 c:\windows\System32\VB6DE.DLL
+ 2010-06-09 21:39 . 2010-03-15 09:31 165376 c:\windows\System32\unrar.dll
+ 2006-03-06 05:49 . 2008-12-05 21:22 839680 c:\windows\System32\timiditydrv.dll
- 2006-11-02 10:33 . 2010-01-28 20:17 587178 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-07-12 10:43 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-01-28 20:17 101250 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-07-12 10:43 101250 c:\windows\System32\perfc009.dat
- 2010-01-22 17:24 . 2010-01-02 06:36 206848 c:\windows\System32\occache.dll
+ 2010-06-10 01:03 . 2010-05-04 05:58 206848 c:\windows\System32\occache.dll
+ 2010-02-16 10:51 . 2005-02-24 10:51 348160 c:\windows\System32\NCTWMAFile2.dll
+ 2010-02-16 10:51 . 2005-03-28 14:52 417792 c:\windows\System32\NCTTextToAudio2.dll
+ 2010-02-16 10:51 . 2005-03-28 14:54 479232 c:\windows\System32\NCTAudioVisualization2.dll
+ 2010-02-16 10:51 . 2005-04-04 16:21 602112 c:\windows\System32\NCTAudioTransform2.dll
+ 2010-02-16 10:51 . 2005-04-25 12:01 458752 c:\windows\System32\NCTAudioRecord2.dll
+ 2010-02-16 10:51 . 2005-04-25 12:01 458752 c:\windows\System32\NCTAudioPlayer2.dll
+ 2010-02-16 10:51 . 2005-04-15 11:08 880640 c:\windows\System32\NCTAudioEditor2.dll
+ 2010-02-16 10:51 . 2004-11-04 12:31 835584 c:\windows\System32\NCTAudioCDGrabber2.dll
- 2008-01-21 02:24 . 2008-01-21 02:24 123904 c:\windows\System32\msvfw32.dll
+ 2010-02-10 17:38 . 2009-12-04 18:28 123904 c:\windows\System32\msvfw32.dll
+ 2010-01-27 21:54 . 2002-01-05 15:37 344064 c:\windows\System32\msvcr70.dll
- 2010-01-27 21:54 . 2007-02-27 18:36 344064 c:\windows\System32\msvcr70.dll
+ 2010-06-10 01:03 . 2010-05-04 05:56 611840 c:\windows\System32\mstime.dll
- 2009-10-24 23:09 . 2009-03-08 11:32 611840 c:\windows\System32\mstime.dll
+ 2010-06-10 01:03 . 2010-05-04 05:56 599040 c:\windows\System32\msfeeds.dll
+ 2010-04-13 16:47 . 1998-07-05 21:00 158208 c:\windows\System32\MSCMCDE.DLL
+ 2008-03-24 17:32 . 2008-03-24 17:32 218496 c:\windows\System32\Macromed\Flash\FlashUtil9f.exe
+ 2010-06-24 18:24 . 2010-06-24 18:24 231888 c:\windows\System32\Macromed\Flash\FlashUtil10h_Plugin.exe
- 2009-10-25 17:56 . 2009-06-06 05:01 726528 c:\windows\System32\jscript.dll
+ 2010-02-23 22:06 . 2009-12-04 07:19 726528 c:\windows\System32\jscript.dll
+ 2010-07-12 21:08 . 2010-07-12 21:07 153376 c:\windows\System32\javaws.exe
+ 2010-07-12 21:08 . 2010-07-12 21:07 145184 c:\windows\System32\javaw.exe
- 2009-12-01 22:06 . 2009-10-11 03:17 145184 c:\windows\System32\javaw.exe
- 2009-12-01 22:06 . 2009-10-11 03:17 145184 c:\windows\System32\java.exe
+ 2010-07-12 21:08 . 2010-07-12 21:07 145184 c:\windows\System32\java.exe
+ 2010-04-14 05:18 . 2010-02-18 13:30 200704 c:\windows\System32\iphlpsvc.dll
- 2009-10-25 19:48 . 2009-04-11 06:28 738816 c:\windows\System32\inetcomm.dll
+ 2010-05-12 04:06 . 2010-01-29 15:40 738816 c:\windows\System32\inetcomm.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 164352 c:\windows\System32\ieui.dll
- 2010-01-22 17:24 . 2010-01-02 06:32 164352 c:\windows\System32\ieui.dll
- 2010-01-22 17:24 . 2010-01-02 06:32 184320 c:\windows\System32\iepeers.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 184320 c:\windows\System32\iepeers.dll
- 2010-01-22 17:24 . 2010-01-02 06:32 387584 c:\windows\System32\iedkcs32.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 387584 c:\windows\System32\iedkcs32.dll
+ 2010-06-10 01:03 . 2010-05-04 04:30 173056 c:\windows\System32\ie4uinit.exe
- 2010-01-22 17:24 . 2010-01-02 04:56 173056 c:\windows\System32\ie4uinit.exe
+ 2006-11-02 12:47 . 2010-06-28 08:56 426176 c:\windows\System32\FNTCACHE.DAT
+ 2010-04-14 05:18 . 2010-02-18 14:07 904576 c:\windows\System32\drivers\tcpip.sys
+ 2010-02-10 17:38 . 2009-12-11 11:43 302080 c:\windows\System32\drivers\srv.sys
- 2009-10-25 19:48 . 2009-04-11 04:14 212992 c:\windows\System32\drivers\mrxsmb10.sys
+ 2010-04-14 05:18 . 2010-02-23 11:10 212992 c:\windows\System32\drivers\mrxsmb10.sys
+ 2010-04-14 05:18 . 2010-02-23 11:10 106496 c:\windows\System32\drivers\mrxsmb.sys
+ 2010-03-11 02:00 . 2010-02-20 20:53 411648 c:\windows\System32\drivers\http.sys
- 2009-12-10 02:03 . 2009-11-09 10:36 411648 c:\windows\System32\drivers\http.sys
+ 2010-05-12 19:31 . 2009-09-04 15:29 235344 c:\windows\System32\d3dx11_42.dll
+ 2010-05-12 19:31 . 2009-09-04 15:29 453456 c:\windows\System32\d3dx10_42.dll
+ 2010-05-12 19:31 . 2009-03-09 13:27 453456 c:\windows\System32\d3dx10_41.dll
+ 2010-05-12 19:31 . 2008-10-10 02:52 452440 c:\windows\System32\d3dx10_40.dll
+ 2010-05-12 19:31 . 2008-07-10 09:01 467984 c:\windows\System32\d3dx10_39.dll
+ 2010-05-12 19:31 . 2008-05-30 12:11 467984 c:\windows\System32\d3dx10_38.dll
+ 2010-05-12 19:31 . 2008-02-05 21:07 462864 c:\windows\System32\d3dx10_37.dll
+ 2010-05-12 19:31 . 2007-10-02 07:56 444776 c:\windows\System32\d3dx10_36.dll
+ 2010-05-12 19:31 . 2007-07-19 16:14 444776 c:\windows\System32\d3dx10_35.dll
+ 2010-05-12 19:31 . 2007-05-16 14:45 443752 c:\windows\System32\d3dx10_34.dll
+ 2010-05-12 19:31 . 2007-03-15 14:57 443752 c:\windows\System32\d3dx10_33.dll
+ 2010-05-12 19:31 . 2006-11-29 11:06 440080 c:\windows\System32\d3dx10.dll
- 2009-10-25 11:53 . 2010-01-28 17:47 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-25 11:53 . 2010-07-12 20:41 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-05-10 21:27 . 2009-05-10 21:27 484496 c:\windows\System32\capicom.dll
+ 2010-03-06 04:53 . 2010-02-12 10:32 293376 c:\windows\System32\browserchoice.exe
- 2009-10-25 13:32 . 2009-11-09 10:33 245760 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-25 13:32 . 2010-03-17 11:55 245760 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-10-25 16:40 . 2009-10-25 11:50 245760 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-10-25 16:40 . 2010-03-05 20:43 245760 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-06-24 18:25 . 2010-04-05 12:19 129896 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2009-10-25 19:49 . 2009-02-18 18:38 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2009-10-25 19:48 . 2009-02-18 18:38 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-06-10 01:03 . 2010-03-25 11:53 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2009-10-25 19:49 . 2009-03-30 04:42 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-06-10 01:04 . 2010-03-04 12:53 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2009-10-25 19:47 . 2009-03-30 04:42 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-03-02 14:29 . 2006-03-31 10:27 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2006-02-03 06:40 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2005-12-05 16:20 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2005-09-28 13:11 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2005-07-22 16:21 577024 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2005-05-26 14:15 576000 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2005-03-18 16:23 567296 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2005-02-05 18:32 563712 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2005-03-18 15:23 223232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2010-03-02 14:29 . 2005-03-18 15:23 178176 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2010-03-02 14:29 . 2005-03-18 15:23 364544 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2010-03-02 14:29 . 2005-03-18 15:23 159232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2010-03-02 14:29 . 2005-03-18 15:23 145920 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2010-03-02 14:29 . 2005-03-18 15:23 473600 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2010-04-18 17:56 . 2010-04-18 17:56 473600 c:\windows\Logo Design Studio Pro\uninstall.exe
+ 2010-05-12 19:29 . 2010-05-12 19:29 219648 c:\windows\Installer\c47049.msi
+ 2010-06-21 19:09 . 2010-06-21 19:09 807424 c:\windows\Installer\87176.msi
+ 2010-07-13 11:42 . 2010-07-13 11:42 381952 c:\windows\Installer\83ea75.msi
+ 2010-03-02 14:29 . 2010-03-02 14:29 409600 c:\windows\Installer\6987088.msi
+ 2010-03-02 13:58 . 2010-03-02 13:58 213504 c:\windows\Installer\698707c.msi
+ 2010-03-08 20:44 . 2010-03-08 20:44 355328 c:\windows\Installer\4b2f5f8.msi
+ 2010-04-18 21:33 . 2010-04-18 21:33 229888 c:\windows\Installer\14ba6e4.msi
+ 2010-07-12 21:09 . 2010-07-12 21:09 180224 c:\windows\Installer\14507a.msi
+ 2010-07-12 21:07 . 2010-07-12 21:07 577536 c:\windows\Installer\145074.msi
+ 2010-06-21 19:14 . 2010-06-21 19:14 372736 c:\windows\Installer\{7AB3A249-FB81-416B-917A-A2A10E74C503}\iTunesIco.exe
+ 2010-02-15 19:29 . 2010-02-15 19:29 295606 c:\windows\Installer\{50D69C54-6963-49A6-B762-A9FF8F56AF0F}\NewShortcut6_39FCF10E253C49DBACDD29148E9F1BDB.exe
+ 2010-02-15 19:29 . 2010-02-15 19:29 335872 c:\windows\Installer\{50D69C54-6963-49A6-B762-A9FF8F56AF0F}\NewShortcut5_39FCF10E253C49DBACDD29148E9F1BDB.exe
+ 2010-02-15 19:29 . 2010-02-15 19:29 295606 c:\windows\Installer\{50D69C54-6963-49A6-B762-A9FF8F56AF0F}\NewShortcut31_50D69C54696349A6B762A9FF8F56AF0F.exe
+ 2010-02-15 19:29 . 2010-02-15 19:29 295606 c:\windows\Installer\{50D69C54-6963-49A6-B762-A9FF8F56AF0F}\NewShortcut2_50D69C54696349A6B762A9FF8F56AF0F.exe
+ 2010-05-16 16:21 . 2010-05-16 16:21 454656 c:\windows\Installer\{34AFE453-F544-4269-89C9-CAB7F0744963}\ShortcutKeySchedule_27BC537B086D42E19CB39D115FA043BF.exe
+ 2010-05-16 16:21 . 2010-05-16 16:21 577536 c:\windows\Installer\{34AFE453-F544-4269-89C9-CAB7F0744963}\NewShortcut7_FE599FA3F4F14E13A72421ADFCB0E577.exe
+ 2010-05-16 16:21 . 2010-05-16 16:21 454656 c:\windows\Installer\{34AFE453-F544-4269-89C9-CAB7F0744963}\NewShortcut6_27BC537B086D42E19CB39D115FA043BF.exe
+ 2010-05-16 16:21 . 2010-05-16 16:21 454656 c:\windows\Installer\{34AFE453-F544-4269-89C9-CAB7F0744963}\NewShortcut5_C2133FA16288405E847EE66BD59EB0BB.exe
+ 2010-05-16 16:21 . 2010-05-16 16:21 411494 c:\windows\Installer\{34AFE453-F544-4269-89C9-CAB7F0744963}\ARPPRODUCTICON.exe
+ 2006-10-26 17:49 . 2006-10-26 17:49 970528 c:\windows\Installer\$PatchCache$\Managed\00002109010070400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2006-11-02 10:25 . 2010-06-21 19:10 143360 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2010-01-27 20:39 143360 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2010-01-27 20:39 143360 c:\windows\inf\infstor.dat
+ 2006-11-02 10:25 . 2010-06-21 19:10 143360 c:\windows\inf\infstor.dat
+ 2009-01-05 14:44 . 2009-01-05 14:44 741376 c:\windows\Downloaded Program Files\ipsupd.dll
+ 2009-10-19 16:27 . 2009-10-19 16:27 401008 c:\windows\Downloaded Program Files\fslauncher.dll
+ 2010-06-11 06:19 . 2010-06-11 06:19 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\46299301e4aa9211f96e7686c14c1470\WsatConfig.ni.exe
+ 2010-06-24 22:01 . 2010-06-24 22:01 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\c62719ee0c2d35ca36bcccf37b60a4ad\WindowsFormsIntegration.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\c2c84b416312c17dd3c51508bc4d0132\WindowsFormsIntegration.ni.dll
+ 2010-06-24 22:01 . 2010-06-24 22:01 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\89489f9a506497dadc57de54263e9ebe\UIAutomationClient.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\13086a9f77833f0ee92728d0cecfdc79\UIAutomationClient.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 235520 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\20608428d18ca5681cb1af1894733207\TaskScheduler.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\622598bd00035f69c52e29e5ca8b8050\System.Xml.Linq.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\cb5a8e2b3e7e4cd51836c3acb36b123d\System.Web.Routing.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d7a533d68e1dd6033cf47ca308c3705f\System.Web.RegularExpressions.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\10e8467404e4b6564ef22718c7db46f4\System.Web.Extensions.Design.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\53ff9779755cfee83ac6fd6411e2e00b\System.Web.Entity.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\6ff16cd390716f42051274d9413abaf8\System.Web.Entity.Design.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\315070f6f71e735e7068191754af4860\System.Web.DynamicData.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\7b116c427d7528fa1da76ec0d5eb003b\System.Web.Abstractions.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\6b7e54579cc1a225d045f90710e25bfe\System.Transactions.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6ab74b6e4a68bf93e3b27263317f744d\System.ServiceProcess.ni.dll
+ 2010-06-11 06:36 . 2010-06-11 06:36 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\16944bd9a01375d76431d74279723415\System.Security.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c98ba140a70ea6cb494dc75869845f6f\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4a2709dbba56d5df9d51d86e68af99ad\System.Runtime.Remoting.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\bb8b24798ce7f5fbe65b0eb1a8a11cc6\System.Net.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\320e40e628ff5e04cdb1df518f7c6a6a\System.Messaging.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\65f4d9a8fc295689d68109d0099b356b\System.Management.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d8d5ada35c3c63fe122727bc6f7ac705\System.Management.Instrumentation.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\f392a161be6c4df987d090dfa3138f29\System.IO.Log.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\3666e4bfb1c842cb114b4e8ba8071a61\System.IdentityModel.Selectors.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5b0655cec8c06bb5fcf3870451b89515\System.EnterpriseServices.Wrapper.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5b0655cec8c06bb5fcf3870451b89515\System.EnterpriseServices.ni.dll
+ 2010-06-11 06:09 . 2010-06-11 06:09 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b7d681010afba351800a16a14706e6ee\System.Drawing.Design.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c2496f8afdb090b244e415fc8d24fcc2\System.DirectoryServices.Protocols.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\22bc42bfc494f179da8e4dfbc58984ee\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e63f206e5fbc356c0c4f76279bdced39\System.Data.Services.Client.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\53b0dc0e577da5b7fd669ace52b185db\System.Data.Services.Design.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\46361a02659be347fa5950e1fa203975\System.Data.Entity.Design.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\6ecbcbf2c7de8474dcb1ee3a212b7ac7\System.Data.DataSetExtensions.ni.dll
+ 2010-06-11 06:36 . 2010-06-11 06:36 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\415e665ca509b2ed73569278ad57f043\System.Configuration.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\e02f453d576a8815fa2fedb19a92b7a5\System.Configuration.Install.ni.dll
+ 2010-06-11 06:17 . 2010-06-11 06:17 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\09c4ffff65698383d7f074ecd2d93e50\System.AddIn.ni.dll
+ 2010-06-11 06:17 . 2010-06-11 06:17 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\c8eb0ce0e0951f8acd0366504511c121\SMSvcHost.ni.exe
+ 2010-06-11 06:14 . 2010-06-11 06:14 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\1e5f52924313bd9c21255a2046340df5\SMDiagnostics.ni.dll
+ 2010-06-11 06:17 . 2010-06-11 06:17 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\f0c9dddb08f44024a8e3b80d8d5cd728\ServiceModelReg.ni.exe
+ 2010-06-24 21:58 . 2010-06-24 21:58 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af2c855fe34c856715fcbe4bd4e07cc1\PresentationFramework.Luna.ni.dll
+ 2010-06-11 06:09 . 2010-06-11 06:09 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9906cc70a0106499a0fff7e06ac3087b\PresentationFramework.Classic.ni.dll
+ 2010-06-11 06:09 . 2010-06-11 06:09 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\68c35c55c9651d3042ac41d23496e896\PresentationFramework.Aero.ni.dll
+ 2010-06-11 06:09 . 2010-06-11 06:09 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5d3b3c41ed8eca789d37578f7a3cee28\PresentationFramework.Luna.ni.dll
+ 2010-06-11 06:09 . 2010-06-11 06:09 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5ccc082c1ae24fdf58a527c27c302bfe\PresentationFramework.Royale.ni.dll
+ 2010-06-24 21:58 . 2010-06-24 21:58 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\433d990ff7f34012816d4af9c418b9f8\PresentationFramework.Royale.ni.dll
+ 2010-06-24 21:58 . 2010-06-24 21:58 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2de8703db894217915906f081ac3c8b0\PresentationFramework.Aero.ni.dll
+ 2010-06-24 21:58 . 2010-06-24 21:58 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\10cd9b83dc0b5ca57e45078e3264ae12\PresentationFramework.Classic.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 724992 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\f1dbebefdc4fc2583381fc12091748d1\napsnap.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 110080 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\066069d586b6d799c24f13ac0f533349\napinit.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\d63bc63c7ce10c2d82e275a44b560b28\MSBuild.ni.exe
+ 2010-06-11 06:16 . 2010-06-11 06:16 285184 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\8fa845f6080de8f787a3682150da8a60\MMCFxCommon.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\0f87900100756069dcb3d66b7c2fe145\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 221184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\e9c7c471329058cc14382413a4e6a298\Microsoft.MediaCenter.Interop.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 657408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\d2f467a88b93250749babd6edd5586cb\Microsoft.MediaCenter.Sports.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 197632 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\6000fb35b03b02680cfd69c825c73803\Microsoft.MediaCenter.iTv.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 104960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\4ccd21ad9fe1def4705ec2cdc4aeafa8\Microsoft.MediaCenter.Mheg.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 636928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\251ffc96e6fe410c5ffcdf529264956c\Microsoft.MediaCenter.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 395776 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\2160919021b42b7c0c20943c46f9ae93\Microsoft.MediaCenter.Shell.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 558592 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\0676d3f49c8f8e709c42490b8e919b01\Microsoft.ManagementConsole.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\93be1ba0677b1e1f2ec83db1a9f10785\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\8cdbe5070af8739b840ca237acda0b06\Microsoft.Build.Utilities.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6010eb2c3d4b61dd6536cf3c36880d36\Microsoft.Build.Engine.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\ff701f624360bf1729bb3d032a536008\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 241152 c:\windows\assembly\NativeImages_v2.0.50727_32\Mcx2Dvcs\40f5d0f41df1b9f812cfd5fb7064fc20\Mcx2Dvcs.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 338944 c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\94fcfd6172007fd931919ba83b425a8e\mcupdate.ni.exe
+ 2010-06-11 06:16 . 2010-06-11 06:16 317952 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\d16c0efedebac728ff4453f1c58c8521\mcstoredb.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 359936 c:\windows\assembly\NativeImages_v2.0.50727_32\mcplayerinterop\bb5351090a6119d86bc0b1c2e17a6a39\mcplayerinterop.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 419840 c:\windows\assembly\NativeImages_v2.0.50727_32\mcGlidHostObj\5b956e8b6638b3fb45c7d666424c3016\mcGlidHostObj.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 543744 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\6189573ab0aebe759daf13fca9841bec\EventViewer.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\e2eb14b7ad0b53724d1ca8d0061573d0\ehRecObj.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 835072 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\ba7a763347f8e14a0e62553814ff65e6\ehiVidCtl.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 248832 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\1e987caf17ba3cde32b5b24cd57090ac\ehExtHost.ni.exe
+ 2010-06-11 06:15 . 2010-06-11 06:15 208896 c:\windows\assembly\NativeImages_v2.0.50727_32\ehCIR\5e781cb4412eef67f856f677e1327c52\ehCIR.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\2aea4057ea6b121e350d2639e56290e6\ComSvcConfig.ni.exe
+ 2010-06-11 06:15 . 2010-06-11 06:15 439808 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\f9b8d80067eef13668a7ade2378c6909\BDATunePIA.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\3c164f3f7fd2d99e322680fd5d7af675\AspNetMMCExt.ni.dll
+ 2010-06-10 01:03 . 2009-12-09 06:54 495616 c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2009-10-25 19:47 . 2009-03-30 04:42 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-10 01:04 . 2010-03-04 12:53 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2009-10-25 19:49 . 2009-02-18 18:38 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-06-10 01:03 . 2010-04-12 12:20 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-10-25 19:48 . 2009-02-18 18:38 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-06-24 18:25 . 2010-03-31 13:03 1249280 c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6002.22377_none_599877a75e3c7b28\WindowsBase.dll
+ 2010-06-24 18:25 . 2010-04-05 12:19 1249280 c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6002.18236_none_59391a4244ff5243\WindowsBase.dll
+ 2010-06-24 18:25 . 2010-03-31 13:03 5279744 c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6002.22377_none_70b1c6c96c6cc352\PresentationFramework.dll
+ 2010-06-24 18:25 . 2010-04-05 12:19 5279744 c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6002.18236_none_70526964532f9a6d\PresentationFramework.dll
+ 2010-06-10 01:03 . 2010-04-12 12:22 5988352 c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6002.22380_none_fe0f09ef0565c535\System.ServiceModel.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 5967872 c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6002.18239_none_14d6e234ebc3cd25\System.ServiceModel.dll
+ 2010-06-10 01:03 . 2010-03-25 11:54 5246976 c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6002.22372_none_e03cd0a530762349\System.Web.dll
+ 2010-06-10 01:03 . 2010-03-25 11:53 5242880 c:\windows\winsxs\x86_system.web_b03f5f7f11d50a3a_6.0.6002.18232_none_f706763d16d25de7\System.Web.dll
+ 2010-06-24 18:25 . 2009-06-17 08:03 1736024 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.22377_none_ae5c7d02a66aa525\wpfgfx_v0300.dll
+ 2010-06-24 18:25 . 2010-03-31 13:02 4218880 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.22377_none_ae5c7d02a66aa525\PresentationCore.dll
+ 2009-10-25 19:49 . 2009-02-18 18:39 1737064 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.18236_none_adfd1f9d8d2d7c40\wpfgfx_v0300.dll
+ 2010-06-24 18:25 . 2010-04-05 12:19 4214784 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.18236_none_adfd1f9d8d2d7c40\PresentationCore.dll
+ 2010-06-24 20:54 . 2009-11-08 08:55 1130824 c:\windows\winsxs\x86_netfx-dfshim_dll_31bf3856ad364e35_6.1.6001.18242_none_40858864fbe3e0ce\dfshim.dll
+ 2010-05-12 19:29 . 2010-05-12 19:29 3780424 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90u.dll
+ 2010-05-12 19:29 . 2010-05-12 19:29 3765048 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7\mfc90.dll
+ 2010-04-18 21:33 . 2010-04-18 21:33 1162744 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86\mfc90u.dll
+ 2010-04-18 21:33 . 2010-04-18 21:33 1156600 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86\mfc90.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 1233920 c:\windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d\msxml4.dll
+ 2010-06-10 01:03 . 2010-05-01 14:26 2045440 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22396_none_bb08445bb10e43f4\win32k.sys
+ 2010-06-10 01:03 . 2010-05-01 14:13 2037248 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18253_none_baa6e66297d2e861\win32k.sys
+ 2010-06-10 01:03 . 2010-05-01 20:27 2036736 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22682_none_b928a137b3e36d83\win32k.sys
+ 2010-06-10 01:03 . 2010-05-01 13:53 2036224 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18468_none_b8baa41a9ab030ba\win32k.sys
+ 2010-04-14 05:18 . 2010-02-18 14:21 3550088 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntoskrnl.exe
+ 2010-04-14 05:18 . 2010-02-18 14:21 3601800 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22341_none_6e763a6bca868234\ntkrnlpa.exe
+ 2010-02-10 17:38 . 2009-12-08 20:14 3550264 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntoskrnl.exe
+ 2010-02-10 17:38 . 2009-12-08 20:14 3601464 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22283_none_6e4cf969caa5277f\ntkrnlpa.exe
+ 2010-04-14 05:18 . 2010-02-18 14:07 3548040 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntoskrnl.exe
+ 2010-04-14 05:18 . 2010-02-18 14:07 3600776 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18209_none_6e1fdfa0b1413d5e\ntkrnlpa.exe
+ 2010-02-10 17:38 . 2009-12-08 20:01 3548216 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntoskrnl.exe
+ 2010-02-10 17:38 . 2009-12-08 20:01 3600456 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18160_none_6dd5fb98b17a03ce\ntkrnlpa.exe
+ 2010-04-14 05:18 . 2010-02-18 17:36 3548560 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntoskrnl.exe
+ 2010-04-14 05:18 . 2010-02-18 17:36 3600776 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22636_none_6c9f99e1cd538fd2\ntkrnlpa.exe
+ 2010-02-10 17:38 . 2009-12-08 20:36 3548760 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntoskrnl.exe
+ 2010-02-10 17:38 . 2009-12-08 20:36 3600472 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22577_none_6c755895cd731bc6\ntkrnlpa.exe
+ 2010-04-14 05:18 . 2010-02-18 14:49 3545992 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntoskrnl.exe
+ 2010-04-14 05:18 . 2010-02-18 14:49 3598216 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18427_none_6c21cb66b42cf047\ntkrnlpa.exe
+ 2010-02-10 17:38 . 2009-12-08 20:52 3546200 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntoskrnl.exe
+ 2010-02-10 17:38 . 2009-12-08 20:52 3597912 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18377_none_6bebb9e4b4557ed5\ntkrnlpa.exe
+ 2010-04-14 05:18 . 2010-02-18 14:34 3470216 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntoskrnl.exe
+ 2010-04-14 05:18 . 2010-02-18 14:34 3504008 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21226_none_6ac40163d025190b\ntkrnlpa.exe
+ 2010-02-10 17:38 . 2009-12-08 22:29 3469912 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntoskrnl.exe
+ 2010-02-10 17:38 . 2009-12-08 22:29 3503704 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21175_none_6a8cef97d04e8e42\ntkrnlpa.exe
+ 2010-04-14 05:18 . 2010-02-18 14:54 3468168 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntoskrnl.exe
+ 2010-04-14 05:18 . 2010-02-18 14:54 3502480 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.17021_none_6a356140b70bfd67\ntkrnlpa.exe
+ 2010-02-10 17:38 . 2009-12-08 20:54 3467848 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntoskrnl.exe
+ 2010-02-10 17:38 . 2009-12-08 20:54 3502168 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16973_none_6a017a16b7328888\ntkrnlpa.exe
+ 2010-05-12 04:06 . 2010-01-29 13:49 2836992 c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6002.22325_none_5ade3b513b99bff2\MSOERES.dll
+ 2010-05-12 04:06 . 2010-01-29 16:08 1616384 c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6002.22325_none_5ade3b513b99bff2\msoe.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 2836992 c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6002.18197_none_5a0aedc022b31946\MSOERES.dll
+ 2010-05-12 04:06 . 2010-01-29 15:40 1616384 c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6002.18197_none_5a0aedc022b31946\msoe.dll
+ 2010-05-12 04:06 . 2010-01-29 13:57 2836992 c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6001.22621_none_58f3c8413e770572\MSOERES.dll
+ 2010-05-12 04:06 . 2010-01-29 16:09 1616384 c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6001.22621_none_58f3c8413e770572\msoe.dll
+ 2006-11-02 12:34 . 2006-11-02 12:34 2836992 c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6001.18416_none_5879faee254ccb43\MSOERES.dll
+ 2010-05-12 04:06 . 2010-01-29 16:22 1616384 c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6001.18416_none_5879faee254ccb43\msoe.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 1986048 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.23019_none_2b1475a0bb6f3e25\iertutil.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 1986048 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22995_none_2aba1cf6bbb3850f\iertutil.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 1985536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18928_none_2a7f3263a25a6ada\iertutil.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 1985536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18904_none_2a90d113a24dcd9c\iertutil.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 5953024 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23019_none_f6b3dde3511488fe\mshtml.dll
+ 2010-03-31 06:31 . 2010-02-23 15:01 5946880 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22995_none_f65985395158cfe8\mshtml.dll
+ 2010-06-10 01:03 . 2010-05-04 05:56 5950976 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18928_none_f61e9aa637ffb5b3\mshtml.dll
+ 2010-03-31 06:31 . 2010-02-23 06:34 5944832 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18904_none_f630395637f31875\mshtml.dll
+ 2010-06-10 01:03 . 2010-05-04 06:31 1209856 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.23019_none_9853e32305b4f935\urlmon.dll
+ 2010-03-31 06:31 . 2010-02-23 15:05 1209856 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.22995_none_97f98a7905f9401f\urlmon.dll
+ 2010-06-10 01:03 . 2010-05-04 05:59 1209344 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18928_none_97be9fe5eca025ea\urlmon.dll
+ 2010-03-31 06:31 . 2010-02-23 06:39 1209344 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18904_none_97d03e95ec9388ac\urlmon.dll
+ 2010-02-10 17:38 . 2009-12-28 12:06 1314304 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6002.22295_none_a8840052046e8f42\quartz.dll
+ 2010-02-10 17:38 . 2009-12-04 18:29 1314816 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6002.18158_none_a828a414eb2dcbb9\quartz.dll
+ 2010-02-10 17:38 . 2009-12-28 13:41 1314816 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6001.22590_none_a6988cf8074cbb6b\quartz.dll
+ 2010-02-10 17:38 . 2009-12-28 12:35 1314816 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6001.18389_none_a622c0ccee1ee698\quartz.dll
+ 2010-02-10 17:38 . 2009-12-28 12:31 1327616 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6000.21188_none_a4c4f6ca0a170f5c\quartz.dll
+ 2010-02-10 17:38 . 2009-12-28 12:35 1327616 c:\windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6000.16986_none_a4398148f0fb09a2\quartz.dll
+ 2010-06-24 18:25 . 2010-03-31 13:03 1249280 c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6002.22377_none_994a55364619f35f\WindowsBase.dll
+ 2010-06-24 18:25 . 2010-04-05 12:19 1249280 c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6002.18236_none_98eaf7d12cdcca7a\WindowsBase.dll
+ 2010-06-10 01:03 . 2010-03-19 13:46 3182592 c:\windows\winsxs\msil_system_b77a5c561934e089_6.0.6002.22372_none_c3a4f0a375ea8be2\System.dll
+ 2010-06-10 01:03 . 2010-03-25 11:53 3182592 c:\windows\winsxs\msil_system_b77a5c561934e089_6.0.6002.18232_none_da6e963b5c46c680\System.dll
+ 2010-06-10 01:03 . 2010-04-12 12:22 5988352 c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6002.22380_none_8e00a25ea496be7d\System.ServiceModel.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 5967872 c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6002.18239_none_a4c87aa48af4c66d\System.ServiceModel.dll
+ 2010-06-10 01:03 . 2010-04-12 12:23 5988352 c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6002.22380_none_557c24922ca54584\System.ServiceModel.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 5967872 c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6002.18239_none_6c43fcd813034d74\System.ServiceModel.dll
+ 2010-06-24 18:25 . 2010-03-31 13:03 5279744 c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6002.22377_none_78e300c80a731721\PresentationFramework.dll
+ 2010-06-24 18:25 . 2010-04-05 12:19 5279744 c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6002.18236_none_7883a362f135ee3c\PresentationFramework.dll
+ 2010-06-10 01:03 . 2010-05-04 05:59 1209344 c:\windows\System32\urlmon.dll
+ 2006-11-02 10:22 . 2010-06-24 21:56 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2006-11-02 10:22 . 2010-01-22 17:52 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2009-10-25 19:48 . 2009-04-11 06:28 1314816 c:\windows\System32\quartz.dll
+ 2010-02-10 17:38 . 2009-12-04 18:29 1314816 c:\windows\System32\quartz.dll
+ 2010-04-14 05:18 . 2010-02-18 14:07 3548040 c:\windows\System32\ntoskrnl.exe
+ 2010-04-14 05:18 . 2010-02-18 14:07 3600776 c:\windows\System32\ntkrnlpa.exe
+ 2010-02-16 10:51 . 2005-05-18 10:52 1212416 c:\windows\System32\NCTAudioInformation2.dll
+ 2010-02-16 10:51 . 2005-05-17 11:37 1986560 c:\windows\System32\NCTAudioFile2.dll
+ 2010-06-10 01:03 . 2010-05-04 05:56 5950976 c:\windows\System32\mshtml.dll
+ 2009-07-18 03:21 . 2010-06-24 18:24 5612496 c:\windows\System32\Macromed\Flash\NPSWF32.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 1985536 c:\windows\System32\iertutil.dll
- 2010-01-22 17:24 . 2010-01-02 06:32 1985536 c:\windows\System32\iertutil.dll
+ 2010-04-19 18:47 . 2010-04-19 18:47 3062048 c:\windows\System32\DriverStore\FileRepository\usbaapl.inf_c8043cf0\usbaaplrc.dll
+ 2010-04-19 18:29 . 2010-04-19 18:29 1461992 c:\windows\System32\DriverStore\FileRepository\netaapl.inf_3bc4f952\wdfcoinstaller01009.dll
+ 2010-05-12 19:31 . 2009-09-04 15:29 1892184 c:\windows\System32\D3DX9_42.dll
+ 2010-05-12 19:31 . 2009-03-09 13:27 4178264 c:\windows\System32\D3DX9_41.dll
+ 2010-05-12 19:31 . 2008-10-10 02:52 4379984 c:\windows\System32\D3DX9_40.dll
+ 2010-05-12 19:31 . 2008-07-10 09:00 3851784 c:\windows\System32\D3DX9_39.dll
+ 2010-05-12 19:31 . 2008-05-30 12:11 3850760 c:\windows\System32\D3DX9_38.dll
+ 2010-05-12 19:31 . 2008-03-05 13:56 3786760 c:\windows\System32\D3DX9_37.dll
+ 2010-05-12 19:31 . 2007-10-12 13:14 3734536 c:\windows\System32\d3dx9_36.dll
+ 2010-05-12 19:31 . 2007-07-19 16:14 3727720 c:\windows\System32\d3dx9_35.dll
+ 2010-05-12 19:31 . 2007-05-16 14:45 3497832 c:\windows\System32\d3dx9_34.dll
+ 2010-05-12 19:31 . 2007-03-12 14:42 3495784 c:\windows\System32\d3dx9_33.dll
+ 2010-05-12 19:31 . 2006-09-28 14:05 2414360 c:\windows\System32\d3dx9_31.dll
+ 2010-03-02 14:29 . 2006-03-31 11:40 2388176 c:\windows\System32\d3dx9_30.dll
+ 2010-03-02 14:29 . 2006-02-03 07:43 2332368 c:\windows\System32\d3dx9_29.dll
+ 2010-03-02 14:29 . 2005-12-05 17:09 2323664 c:\windows\System32\d3dx9_28.dll
+ 2010-03-02 14:29 . 2005-07-22 18:59 2319568 c:\windows\System32\d3dx9_27.dll
+ 2010-03-02 14:29 . 2005-05-26 14:34 2297552 c:\windows\System32\d3dx9_26.dll
+ 2010-03-02 14:29 . 2005-03-18 16:19 2337488 c:\windows\System32\d3dx9_25.dll
+ 2010-03-02 14:29 . 2005-02-05 18:45 2222800 c:\windows\System32\d3dx9_24.dll
+ 2010-05-12 19:31 . 2009-09-04 15:29 5501792 c:\windows\System32\d3dcsx_42.dll
+ 2010-05-12 19:31 . 2009-09-04 15:29 1974616 c:\windows\System32\D3DCompiler_42.dll
+ 2010-05-12 19:31 . 2009-03-09 13:27 1846632 c:\windows\System32\D3DCompiler_41.dll
+ 2010-05-12 19:31 . 2008-10-10 02:52 2036576 c:\windows\System32\D3DCompiler_40.dll
+ 2010-05-12 19:31 . 2008-07-10 09:00 1493528 c:\windows\System32\D3DCompiler_39.dll
+ 2010-05-12 19:31 . 2008-05-30 12:11 1491992 c:\windows\System32\D3DCompiler_38.dll
+ 2010-05-12 19:31 . 2008-03-05 13:56 1420824 c:\windows\System32\D3DCompiler_37.dll
+ 2010-05-12 19:31 . 2007-10-12 13:14 1374232 c:\windows\System32\D3DCompiler_36.dll
+ 2010-05-12 19:31 . 2007-07-19 16:14 1358192 c:\windows\System32\D3DCompiler_35.dll
+ 2010-05-12 19:31 . 2007-05-16 14:45 1124720 c:\windows\System32\D3DCompiler_34.dll
+ 2010-05-12 19:31 . 2007-03-12 14:42 1123696 c:\windows\System32\D3DCompiler_33.dll
+ 2006-11-02 12:47 . 2010-03-11 02:22 4309979 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat
- 2006-11-02 12:47 . 2009-10-26 16:21 4309979 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat
+ 2010-07-06 07:02 . 2010-07-13 19:46 4955432 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-06-10 01:03 . 2010-04-12 12:21 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2010-06-10 01:03 . 2010-03-25 11:53 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2009-10-25 19:49 . 2009-03-30 04:42 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-06-10 01:03 . 2010-03-25 11:53 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2010-03-02 14:29 . 2004-12-01 14:53 2846720 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2004-09-29 11:38 2676224 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-15 19:29 . 2010-02-15 19:29 2393600 c:\windows\Installer\afd30e.msi
+ 2010-06-16 18:31 . 2010-06-16 18:31 9472000 c:\windows\Installer\9a7a7.msi
+ 2010-05-31 10:05 . 2010-05-31 10:05 2644992 c:\windows\Installer\96bab12.msi
+ 2010-06-21 19:14 . 2010-06-21 19:14 4820480 c:\windows\Installer\87a5f.msi
+ 2010-06-21 19:10 . 2010-06-21 19:10 3089408 c:\windows\Installer\87201.msi
+ 2010-06-21 19:09 . 2010-06-21 19:09 1984000 c:\windows\Installer\871c3.msi
+ 2010-02-28 18:31 . 2010-02-28 18:31 2168320 c:\windows\Installer\3e3b5e.msi
+ 2010-05-24 15:27 . 2010-05-24 15:27 1235968 c:\windows\Installer\18e00d3.msi
+ 2006-10-26 17:49 . 2006-10-26 17:49 1011488 c:\windows\Installer\$PatchCache$\Managed\00002109010070400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2006-05-10 06:48 . 2006-05-10 06:48 2572288 c:\windows\BROCKHAUS multimedial.scr
+ 2010-06-11 06:33 . 2010-06-11 06:33 3314176 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\f2c782b40b6cc14c2c016d51244b1e1b\WindowsBase.ni.dll
+ 2010-06-24 21:57 . 2010-06-24 21:57 3325952 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\7f4e2ded203a366244d61ee0af84a2d3\WindowsBase.ni.dll
+ 2010-06-24 22:01 . 2010-06-24 22:01 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\aca227476f7f27feef0c990ed486386c\UIAutomationClientsideProviders.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\a4424d6a290888ada0069a47e94a410d\UIAutomationClientsideProviders.ni.dll
+ 2010-06-11 06:07 . 2010-06-11 06:07 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\b8e4a9556d3ddd49ec70aae0516c2007\System.ni.dll
+ 2010-06-11 06:10 . 2010-06-11 06:10 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f4e9769eaf42b9c2c0d795b1a99c3dbc\System.Xml.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\a7f5a83bf1409c24c1ca0c4b36f31fe1\System.WorkflowServices.ni.dll
+ 2010-06-11 06:10 . 2010-06-11 06:10 1911296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\295244b67c7d3324ad422353821c3173\System.Workflow.Runtime.ni.dll
+ 2010-06-11 06:10 . 2010-06-11 06:10 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\a9f49dc15cd71c6d6242f7408dc45b31\System.Workflow.ComponentModel.ni.dll
+ 2010-06-11 06:09 . 2010-06-11 06:09 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ae0d9045838b9c38c5f227515e0daee6\System.Workflow.Activities.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\fc4e103b1922275f46b3ee6ee5bdffdc\System.Web.Services.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\7285331fd503de286f1066faeb400904\System.Web.Mobile.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\06a991c6fb869c9d1876aff8a7a95249\System.Web.Extensions.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\b26b84cc16a235b2c6905b553e537c4b\System.Speech.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 1705984 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9bf852458a10e5e16435c608d1a178ef\System.ServiceModel.Web.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 2346496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f38171cd5f65ed09262279ba7aea807c\System.Runtime.Serialization.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\543cbcb908b8f3ab562d42c1cc988d3c\System.Printing.ni.dll
+ 2010-06-24 22:01 . 2010-06-24 22:01 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\3ea8b230f695348487d8726da572408c\System.Printing.ni.dll
+ 2010-06-11 06:37 . 2010-06-11 06:37 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\9890cc2dbf0782bc3e49eb98104b3fdd\System.IdentityModel.ni.dll
+ 2010-06-11 06:09 . 2010-06-11 06:09 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\64b4c60e1b2b417000db5d8c2828a53f\System.Drawing.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7e489876ae08f12a0e44839226440669\System.DirectoryServices.ni.dll
+ 2010-06-11 06:36 . 2010-06-11 06:36 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\2e07a348f84f3e73de1537854169c533\System.Deployment.ni.dll
+ 2010-06-11 06:09 . 2010-06-11 06:09 6621696 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\e9709fb8f0aca4844ebba0df031bd9ea\System.Data.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\aef9de36b989b281f4b969787d0d4905\System.Data.SqlXml.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\def6cce94384d42a84bac491ad2e811c\System.Data.Services.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 1119232 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\3d723245b4405bfb07980ad2a2ccb0c6\System.Data.OracleClient.ni.dll
+ 2010-06-11 06:34 . 2010-06-11 06:34 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\f7f3a6e28ae31c867204b95b08ef9bf6\System.Data.Linq.ni.dll
+ 2010-06-11 06:39 . 2010-06-11 06:39 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\c81daac68747cd86564db72297308176\System.Data.Entity.ni.dll
+ 2010-06-11 06:34 . 2010-06-11 06:34 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\7f277c0ce8a649d6f521c11f84a3962f\System.Core.ni.dll
+ 2010-06-24 22:01 . 2010-06-24 22:01 2146816 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\6795a6e4b828658a0bfb7591d097dd54\ReachFramework.ni.dll
+ 2010-06-11 06:36 . 2010-06-11 06:36 2146816 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4008054bb265645c10e658d6ce634003\ReachFramework.ni.dll
+ 2010-06-24 22:01 . 2010-06-24 22:01 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fa23d982183e2e94edee4755107354b7\PresentationUI.ni.dll
+ 2010-06-11 06:36 . 2010-06-11 06:36 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\67fde11a5d008b3ff6f95e84fd38330b\PresentationUI.ni.dll
+ 2010-06-11 06:17 . 2010-06-11 06:17 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\285b5021c0cde2883234e8e72d4ac041\PresentationBuildTasks.ni.dll
+ 2010-06-11 06:17 . 2010-06-11 06:17 2538496 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\0ec562d5cb422abb1565423db64696a8\Narrator.ni.exe
+ 2010-06-11 06:16 . 2010-06-11 06:16 1536512 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\36b5c53f1d04137400dce3de405e75c8\MMCEx.ni.dll
+ 2010-06-11 06:38 . 2010-06-11 06:38 6340096 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\a4dedfaf9a0d4e721153171b5437999d\MIGUIControls.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 1711616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\848ebb638e1b40c18a11029aa79104f0\Microsoft.VisualBasic.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\e93b5b375c1a6d54349800540a2f5f43\Microsoft.Transactions.Bridge.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 1084416 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\5280f62f8c8215d54daa8b57a317f562\Microsoft.MediaCenter.Bml.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 5857280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\2cd18bc37df0e645a843792a492029aa\Microsoft.MediaCenter.UI.ni.dll
+ 2010-06-11 06:18 . 2010-06-11 06:18 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\87f1933f94b406f081cbcc6b7cd76d2a\Microsoft.JScript.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\319a441331da1e11e9b1db6618d3c2b7\Microsoft.Ink.ni.dll
+ 2010-06-11 06:38 . 2010-06-11 06:38 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\44105c2ae30008c7caace925f6d1db0b\Microsoft.Build.Tasks.ni.dll
+ 2010-06-11 06:38 . 2010-06-11 06:38 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\113b44cde39b250de53de33f94fd9027\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9376bf0847738f4983bc82ebfc9e9a88\Microsoft.Build.Engine.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 1191936 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\f296296742710bffc1980080c5aa3b68\mcstore.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 2779648 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\045ee8ea1d4ec9d19d39ef0a32aae78d\mcepg.ni.dll
+ 2010-06-11 06:15 . 2010-06-11 06:15 1746432 c:\windows\assembly\NativeImages_v2.0.50727_32\cfmain\bbc0a5a438c7e8dc5759a028e7d0c971\cfmain.ni.exe
+ 2010-06-24 22:00 . 2010-06-24 22:00 1746432 c:\windows\assembly\NativeImages_v2.0.50727_32\cfmain\7c9aadbd91f0825acfd5ecf77e93540d\cfmain.ni.exe
+ 2010-06-24 18:25 . 2010-04-05 12:19 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-06-10 01:03 . 2010-03-25 11:53 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-06-10 01:03 . 2010-04-12 12:21 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-06-24 18:25 . 2010-04-05 12:19 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-06-10 01:03 . 2010-03-25 11:53 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-25 19:49 . 2009-03-30 04:42 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-06-24 18:25 . 2010-04-05 12:19 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2009-10-25 19:49 . 2009-02-18 18:39 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-02 14:29 . 2010-03-02 14:29 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-03-11 01:29 . 2009-10-14 14:10 10926592 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6002.22245_none_f4abc44d237d7ed9\MOVIEMK.dll
+ 2010-03-11 01:29 . 2009-10-14 13:58 10926592 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6002.18121_none_f433c6320a5341d1\MOVIEMK.dll
+ 2010-03-11 01:29 . 2009-10-14 15:06 10926592 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.22541_none_f2c1513d265ac459\MOVIEMK.dll
+ 2010-03-11 01:29 . 2009-10-14 14:45 10926592 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.18341_none_f237b28c0d3d2768\MOVIEMK.dll
+ 2010-03-11 01:29 . 2009-10-14 14:48 10921984 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6000.21139_none_f0edbb0f2925184a\MOVIEMK.dll
+ 2010-03-11 01:29 . 2009-10-14 15:02 10922496 c:\windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6000.16937_none_f062458e10091290\MOVIEMK.dll
+ 2010-06-10 01:03 . 2010-05-04 06:30 11078144 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.23019_none_481337e6dd0a172b\ieframe.dll
+ 2010-03-31 06:31 . 2010-02-23 15:00 11073024 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22995_none_47b8df3cdd4e5e15\ieframe.dll
+ 2010-06-10 01:03 . 2010-05-04 05:55 11076096 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18928_none_477df4a9c3f543e0\ieframe.dll
+ 2010-03-31 06:31 . 2010-02-23 06:33 11070976 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18904_none_478f9359c3e8a6a2\ieframe.dll
+ 2006-11-02 10:24 . 2010-05-28 19:37 32472008 c:\windows\System32\mrt.exe
+ 2010-06-10 01:03 . 2010-05-04 05:55 11076096 c:\windows\System32\ieframe.dll
+ 2010-06-04 01:00 . 2010-06-04 01:00 20242432 c:\windows\Installer\c39c8c1.msp
+ 2010-05-16 16:21 . 2010-05-16 16:21 11399168 c:\windows\Installer\14b0557f.msi
+ 2009-04-04 05:32 . 2009-04-04 05:32 14140416 c:\windows\Installer\11381d70.msp
+ 2010-06-11 06:34 . 2010-06-11 06:34 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9c6fe9d44d22834993e9aa23cc9dc272\System.Windows.Forms.ni.dll
+ 2010-06-11 06:14 . 2010-06-11 06:14 11801088 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\cbca3ed989b8fc96e76f14602ad9c424\System.Web.ni.dll
+ 2010-06-11 06:37 . 2010-06-11 06:37 17404416 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\52cbaee4e94489731096be5ecc320958\System.ServiceModel.ni.dll
+ 2010-06-11 06:09 . 2010-06-11 06:09 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\72fac53d8beaf555ea00172a5db70226\System.Design.ni.dll
+ 2010-06-11 06:34 . 2010-06-11 06:34 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b89f584d5b315c16d4e57e747158cb69\PresentationFramework.ni.dll
+ 2010-06-24 21:58 . 2010-06-24 21:58 14328832 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0832f9155d800cb802e70409447c1128\PresentationFramework.ni.dll
+ 2010-06-24 21:57 . 2010-06-24 21:57 12216832 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d786572e9e7270cbf3604f4a34d9244e\PresentationCore.ni.dll
+ 2010-06-11 06:33 . 2010-06-11 06:33 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d27beed58ee849a11e772c7e39ea7d96\PresentationCore.ni.dll
+ 2010-06-11 06:16 . 2010-06-11 06:16 14902784 c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\fb5c92b52e171b89f48387b9e02cf47a\ehshell.ni.dll
+ 2009-10-25 11:55 . 2010-06-24 20:54 195146861 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-07-03 135680]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Getdo"="c:\users\Drago\AppData\Roaming\Adobe\Update\flacor.dat" [2010-07-13 135680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-30 7289376]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2008-12-19 83336]
"TUSBSleepChargeSrv"="c:\program files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe" [2009-03-27 252288]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2007-04-16 421888]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2008-11-21 438272]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" [2009-04-23 1011712]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-04-16 2513472]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-21 61440]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-03-06 468320]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-03-31 503808]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-03-23 729088]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-04-01 1283384]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2009-04-07 811008]
"TRCMan"="c:\program files\TOSHIBA\TRCMan\TRCMan.exe" [2008-11-26 701752]
"TPCHWMsg"="c:\program files\TOSHIBA\TPHM\TPCHWMsg.exe" [2009-04-15 570736]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-29 198160]
"Nuance OmniPage 17-reminder"="c:\program files\Nuance\OmniPage17\Ereg\Ereg.exe" [2008-11-03 54560]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]

c:\users\Katarina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2009-2-24 391072]

c:\users\Mcx1-DRAGO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2009-2-24 391072]

c:\users\Drago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Touch Mouse Server.lnk - c:\program files\Logitech Touch Mouse Server\iTouch-Server-Win.exe [2009-10-23 228352]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Automatic Update-Agent.lnk - c:\program files\T-Mobile\Communication Center\AutoUpdateSrv.exe [2009-11-16 499712]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MIDI1"=timiditydrv.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cfFncEnabler.exe]
2009-03-24 11:53 16384 ----a-w- c:\program files\Toshiba\ConfigFree\cfFncEnabler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
2009-05-12 20:26 299008 ----a-w- c:\program files\Toshiba\ConfigFree\NDSTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
2009-03-24 17:33 163840 ----a-w- c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Teco]
2009-04-24 09:40 1323008 ----a-w- c:\program files\Toshiba\TECO\TEco.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-10-29 21:25 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
2009-03-04 13:53 96144 ----a-w- c:\program files\Toshiba\Registration\ToshibaReminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
2009-03-23 12:30 1045904 ----a-w- c:\program files\Toshiba TEMPRO\TemproTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2009-10-26 07:33 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):7b,9f,7a,54,58,56,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4032735365-608106937-2049815217-1000]
"EnableNotificationsRef"=dword:00000001

R1 SASDIFSV;SASDIFSV;c:\users\Drago\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\Drago\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-10 135664]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-04-08 114528]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-06-21 42512]
R4 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-10-27 722416]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2009-03-25 30272]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2007-09-04 13336]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-04-21 176128]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 camsvc;TOSHIBA Web Camera Service;c:\program files\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe [2009-04-16 20544]
S2 gtdetectsc;GtDetectSc Service;c:\windows\system32\gtdetectsc.exe [2007-01-09 118784]
S2 GtFlashSwitch;GtFlashSwitch;c:\program files\Common Files\GtFlashSwitch\GtFlashSwitch.exe [2007-02-09 176128]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-01-12 185640]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2009-03-23 116104]
S2 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-04-01 62776]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-04-24 176128]
S2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-03-17 73728]
S2 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-04-15 656752]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-03-20 12920]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-12-30 57856]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2008-04-28 11264]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-25 5632]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-03-18 22272]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners

2010-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-10 00:10]

2010-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-10 00:10]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
IE: &Alles mit FlashGet laden - c:\program files\FlashGet\jc_all.htm
IE: &Mit FlashGet laden - c:\program files\FlashGet\jc_link.htm
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/707-44556-9400-3/4
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
Trusted Zone: btopenzone.com\www
Trusted Zone: t-mobile.net\hotspot
FF - ProfilePath - c:\users\Drago\AppData\Roaming\Mozilla\Firefox\Profiles\ct7w40o0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKCU-Run-{D1EB6125-9558-01EE-B723-E5F7A964780A} - c:\users\Drago\AppData\Roaming\Alur\xiyvi.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-13 22:03
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-4032735365-608106937-2049815217-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EE2FCA3-F0A8-ED94-C3EA-AB22E9FBF5A0}*]
"ianmocgdfpfejinkpi"=hex:6a,61,69,6a,62,6c,61,65,69,69,6e,6b,67,66,6f,6c,65,61,
65,62,00,71
"hadoidhnldbmcenk"=hex:6a,61,69,6a,62,6c,61,65,69,69,6e,6b,67,66,6f,6c,65,61,
65,62,00,44

[HKEY_USERS\S-1-5-21-4032735365-608106937-2049815217-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9A4E3BC2-6451-D004-771F-4AAFA4EA7311}*]
"maphhjbkccpmhlhpdefjkcfcin"=hex:6a,61,6b,6a,64,61,67,6a,68,65,69,6f,65,66,61,
6b,6b,66,6e,6e,00,00
"nabinlndebhlpajpeonchfmfiijn"=hex:6a,61,66,6a,6b,6f,6a,64,67,66,6d,63,65,70,
6e,6a,6c,70,65,66,00,fe
.
Zeit der Fertigstellung: 2010-07-13 22:06:53
ComboFix-quarantined-files.txt 2010-07-13 20:06
ComboFix2.txt 2010-01-28 20:26
ComboFix3.txt 2010-01-28 15:47

Vor Suchlauf: 18 Verzeichnis(se), 66.025.025.536 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 64.936.308.736 Bytes frei

- - End Of File - - 8EDB830037C9526E4E89BABA87537E99

Anhang: ComboFix.txt

13.07.2010, 22:17

Swisstreasure

Moderator

Beiträge: 5694

#8 Hast Du Combofix frisch herunter geladen?

Zitat

ComboFix2.txt 2010-01-28 20:26
ComboFix3.txt 2010-01-28 15:47

Ist für mich:

Zitat

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Getdo"="c:\users\Drago\AppData\Roaming\Adobe\Update\flacor.dat" [2010-07-13 135680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MIDI1"=timiditydrv.dll

13.07.2010, 22:28

dr.ago

Member

Themenstarter

Beiträge: 60

#9 ja, habe gerade eben combofix runtergeladen...
hatte es irgendwann schon mal runtergeladen, sollte aber nicht mehr drauf gewesen sein

was soll ich mit dem letzten Absatz anfangen

Zitat

Ist für mich:

Zitat

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Getdo"="c:\users\Drago\AppData\Roaming\Adobe\Update\flacor.dat" [2010-07-13 135680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MIDI1"=timiditydrv.dll

Quelle: http://board.protecus.de/t39987.htm#ixzz0tb22Yg8I

13.07.2010, 22:31

Swisstreasure

Moderator

Beiträge: 5694

#10 Schritt 1

Combofix mit Skript laufen lassen

• Denke daran, während des Laufs von Combofix Dein Antiviren-Programm temporär abzustellen.
Danach wieder anstellen nicht vergessen!
• Wichtig: Bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein.
Dies kann dazu führen, dass ComboFix sich aufhängt.

Anwendung

• Öffne notepad (Start => Ausführen => notepad (reinschreiben) => ok) oder einen Editor Deiner Wahl und kopiere alles aus der nachfolgenden Codebox in ein leeres Dokument:

Code

File::
c:\users\Drago\AppData\Roaming\Adobe\Update\flacor.dat

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Getdo"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MIDI1"=-

• Speichere dies als CFScript.txt auf Deinem Desktop. Achte darauf, dass bei Dateityp "All types" aktiv ist.
.

.
• In Bezug auf obiges Bild, ziehe CFScript.txt in die ComboFix.exe
• Wenn ComboFix fertig ist, wird es ein Log erstellen, C:\ComboFix.txt.
Unbedingt warten, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint.
Bitte füge es hier als Antwort ein.

Hinweis für Mitleser: Obiges Combofix-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Schritt 2

• Eset Online Scanner (NOD32)
• Unterstützte Betriebssysteme: Microsoft Windows 98/ME/NT 4.0/2000/XP und Windows Vista
• Anmerkung für Vista-User: Bitte den Browser unbedingt als Administrator starten.
• Voraussetzung: Internet Explorer (IE) 5.0 oder höher
• Haken bei "YES, I accept the Terms of Use" machen
• Start
• ActiveX-Steuerelement installieren
• Start
• Signaturen werden heruntergeladen
• Haken machen bei "Remove found threads"
• Haken machen bei "Remove found threads" und "Scan unwanted applications"
• Scan
• Scanende
• Browser schließen
• Explorer öffnen
• C:\Programme\EsetOnlineScanner\log.txt
• Log hier posten
• Deinstallation: Systemsteuerung => Software => Eset Online Scanner entfernen.

13.07.2010, 22:52

dr.ago

Member

Themenstarter

Beiträge: 60

#11 So hier das combofix-log nochmal.

der scan mit esset wird bestimmt ein wenig dauern nehme ich an

Anhang: ComboFix.txt

14.07.2010, 09:29

dr.ago

Member

Themenstarter

Beiträge: 60

#12 Hier ist nun auch das ESET-Log

Code

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=3ed1b86e85fdd14bb3bf2ebd74fd89cd
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-14 12:42:52
# local_time=2010-07-14 02:42:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 14426369 14426369 0 0
# compatibility_mode=1797 16775165 100 100 121663 54566376 37715 0
# compatibility_mode=5892 16776573 100 100 48546 116587397 0 0
# compatibility_mode=8192 67108863 100 0 188 188 0 0
# scanned=273136
# found=3
# cleaned=3
# scan_time=13502
C:\ProgramData\Ashampoo\Ashampoo UnInstaller 4\Backup\Tempfiles\Tempfiles_2010-02-09_UIBak.zip    a variant of OSX/Exploit.Smid.B trojan (deleted - quarantined)    00000000000000000000000000000000    C
C:\Qoobox\Quarantine\C\Users\Drago\AppData\Roaming\Itezba\ylgio.exe.vir    a variant of Win32/Kryptik.FJY trojan (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\_OTL\MovedFiles\07122010_231254\C_Users\Drago\AppData\Roaming\Alur\xiyvi.exe    a variant of Win32/Kryptik.FJY trojan (cleaned by deleting - quarantined)    00000000000000000000000000000000    C

14.07.2010, 11:57

Swisstreasure

Moderator

Beiträge: 5694

#13 Schritt 1

Combofix deinstallieren

Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking (Norton) und Anti-Malware Programme deaktivieren.

Start => Ausführen (bei Vista (Windows-Taste + R) => dort reinschreiben Combo-Fix.exe /uninstall => Enter drücken - damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch daraus die Schädlinge verschwinden. Es wird ein neuer Systemwiederherstellungspunkt erstellt. Gleichzeitig setzt Combofix die Zeiteinstellungen wieder auf die Ursprungseinstellungen, und setzt die Systemeinstellungen wieder so zurück, dass Dateierweiterungen und Systemdateien versteckt sind, was Du bei Bedarf im Explorer unter Extras => Ordneroptionen aber wieder ändern bzw. Deinen persönlichen Vorlieben entsprechend anpassen kannst.

Schritt 2

Erneuter Systemscan mit OTL

• Doppelklick auf die OTL.exe
• Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
• Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Minimal-Ausgabe
• Unter Extra-Registrierung wähle bitte Benutze SafeList.
• Mache Häckchen bei LOP- und Purity-Prüfung.
• Klicke nun auf Scan links oben.

14.07.2010, 12:52

dr.ago

Member

Themenstarter

Beiträge: 60

#14 Schritt 1) löschung Combofix = erledigt

Schritt 2) Log´s von OTL

Code

OTL Extras logfile created on: 14.07.2010 12:49:13 - Run 4
OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\Drago\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 59,88 Gb Free Space | 32,14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 184,84 Gb Total Space | 102,58 Gb Free Space | 55,50% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DRAGO-PC
Current User Name: Drago
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [alex] -- "C:\Program Files\Alextv\alextv.exe" "%1" (Alex Media, Inc)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\CeWe Color\Meine CEWE FOTOWELT\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [Meine CEWE FOTOWELT] -- "C:\Program Files\CeWe Color\Meine CEWE FOTOWELT\Meine CEWE FOTOWELT.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4032735365-608106937-2049815217-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03E89EB4-ACC7-427A-A4AD-B7BA2209CC4E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{055C5137-A0D9-42FA-A45B-B67E7F8A9A32}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{067171DE-06DE-4BA3-B297-E3DC42080A18}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{09D4A4E1-739C-4023-937F-579A0263D957}" = lport=139 | protocol=6 | dir=in | app=system | 
"{12988BE5-B2BA-4796-AD70-701C6842AF24}" = lport=138 | protocol=17 | dir=in | app=system | 
"{1812889B-5F26-438F-A480-9C1DC4221652}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{277E1851-B84F-4955-A23E-81694796327E}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{2C5D17DA-5DBC-4638-952B-A18A86F1520C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{33028629-305E-44CD-BAD6-25FAE6C7896A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{478FC8C2-EDE5-4124-B31C-73023B7A5855}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{49E40F71-0A2A-409D-8F4D-8214B8EB67E3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{4B8E1CB9-A347-4141-815E-28E0F48E286D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{54BC3EAF-DE8E-47FB-BF4C-7F9BE1DBE191}" = rport=139 | protocol=6 | dir=out | app=system | 
"{5A26917E-1C7F-4A66-AAB7-80DDBD90CCBC}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{5B9EF814-F071-4816-B1E1-46BBCF970412}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{5F001314-9517-419D-8E8B-ED8E80E6C6CE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{5F277B6F-79B4-4F85-8684-7155FA1C86D1}" = rport=445 | protocol=6 | dir=out | app=system | 
"{5F5FD424-2AF7-4BE8-A474-014BB70828E2}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{619C314E-905A-430F-A27C-A919EB217662}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{713C10E5-0AF1-4C58-825B-A7000C40DB0C}" = rport=10244 | protocol=6 | dir=out | app=system | 
"{76BCBD83-97F8-44F0-9514-2F231D7D45A9}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{7BC29FA1-C4F8-429F-B314-FDA0DCDBC1B1}" = lport=137 | protocol=17 | dir=in | app=system | 
"{8006AC32-CD11-4EF6-A4EA-33F13B1DC069}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{80AC0CF1-8C66-4E5E-A056-8D42534FEC05}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{8CA4B80C-5A5F-4CFD-B82A-6660EC5285A1}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8FF30766-703D-4F6E-A99F-F6A45FF5E636}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{90C4594C-96E0-41FB-8436-9EB08E0A4280}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{A5E6BA7C-D6BA-4614-BC06-4A6B5B636900}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{BB3BB176-07F7-4282-B34C-FB9EE92DF293}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BE6A712E-0112-45AD-9A3A-FC02AEC3BE4A}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | 
"{C0ACE7CF-A01F-4D4D-A5E9-28A00E093407}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{C92407C6-0D03-47FF-8DC4-9D7699F64816}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D4B55364-314F-47EC-B8CD-35CF19F69C70}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{D7EE35B2-323D-4518-8164-2EF82BE40700}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{E024DD13-545C-4626-8898-EAB181600830}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{E83344C6-AC71-4EB2-AA1E-DF28C3F8CC74}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | 
"{EA4F0FF6-0383-47D6-9072-44629C5B31B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{EA826A87-526E-4549-9E70-979C6133C684}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F08D347D-C0D7-48F7-96B7-8BB02978881B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{FC4DE971-AD3A-4EF3-AA3C-58276A5B15C8}" = rport=138 | protocol=17 | dir=out | app=system | 
"{FF000478-AAB3-4DE5-8FF4-5E5AD766E5C8}" = rport=137 | protocol=17 | dir=out | app=system | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021CB87D-9183-4129-AB7D-D9A352E9818E}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | 
"{052AB5B6-C578-4D21-A194-D1EC6AEABFC7}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{06606746-5017-4B7A-8CEC-CAD576001D52}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{06F605AE-307B-4627-A793-CCAD3A43B13F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{0E5BAA0D-629D-4595-8B1B-309CA106825D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{12B65F8F-AD5C-413C-AA8B-5FBB0C7E21F0}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{1674B9F3-104F-4EAB-9727-039B7E5A570D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1940529E-3F1B-483F-9446-996941E858E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1C344180-C0B8-48BB-BA3F-0AE00A5C0D34}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{33CD512E-972C-4C30-B6A9-CC8E8175CBAB}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{3CBD6CBE-4199-4A0B-A489-51B060FEAAB1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3F6DD851-36BF-47C6-BADE-55D36963F421}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{4CB916ED-1819-45D0-8EFB-33656EB9CF24}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{571CC9B2-B896-4205-8C0D-E80DF296D971}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{57DE2FED-C584-47B3-8755-F9B5039997C8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{61BD60E1-ED29-4E33-A3CD-CDA5420EE25D}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{6765A731-7631-44F7-B2B2-8D0FFEF233F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{684EBB2C-10F5-4CC2-B1AA-92741363D3F8}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{6C56A75A-3E9B-4B52-B5B7-28DA0875F8A1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6DE5E33A-EB2E-48D3-AAD5-7964140344CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6DF2A5E9-7CC3-42F8-979A-CCA8A4739BB7}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{73355977-04DA-45E0-8052-331BC9F83980}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"{755F5F6F-C0B0-4124-AF91-2C6B5C9D8265}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{83F596B5-139D-44DF-8F60-098F1209D0DE}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | 
"{8EF3FB4C-63F3-4020-83C2-2F794F723D87}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{94678229-5BB6-42A7-A656-447FD0183897}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{9A3C2A82-09E1-446A-A121-4A698E77DA20}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9AD81074-E6D5-4362-888A-263E8F4DA830}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{9B0F9D53-7296-44B6-8599-5394D9C62FA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9B9764AC-106B-4E40-B40D-1205F433E360}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9D7712CD-4FA1-4055-8E95-6F0847C946F1}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"{A0DA9564-5EB7-4324-A39C-509341BE0922}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | 
"{A1759E21-AC9E-4E2D-823A-35EA38AA0A53}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{A6DEA0B6-E74D-438F-9426-6E6C61E1FB81}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A7B09C54-1BFB-4173-B1C4-07406E4426EA}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | 
"{AFB7EA84-2DCF-4A4D-8DBA-94A904AFCDE3}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{B6CFA2D7-3C50-4692-8AC3-8FF5FBA137C1}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{B8E3E42F-D38F-4311-AE81-CC0F3FF0A8C7}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | 
"{BD4BD023-8CF4-4BAD-B023-66C0BA0E4D86}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CD7A4664-6357-4B7D-8CAD-7F9AE5B88956}" = protocol=6 | dir=out | app=system | 
"{DEB057F7-59EC-457D-8597-7FCF82A5F144}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E2367E92-4F15-496C-8CE5-CE697B658E52}" = protocol=17 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe | 
"{F9B80E7C-B8A2-49D8-9BD8-77C0F927753C}" = protocol=6 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe | 
"TCP Query User{04FBDA94-EC3E-4BDC-AD10-6C9883C062C4}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe | 
"TCP Query User{18B61E96-FF91-45A3-A77E-5621D7DF8AAD}C:\program files\nettvplayer2.0\nettvplayer2.exe" = protocol=6 | dir=in | app=c:\program files\nettvplayer2.0\nettvplayer2.exe | 
"TCP Query User{2370EDE3-3E2B-4BA1-87F2-0C36EB1B6E8F}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe | 
"TCP Query User{2D3B92DD-8837-445F-862B-8233061062C8}C:\program files\logitech touch mouse server\itouch-server-win.exe" = protocol=6 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe | 
"TCP Query User{3AC685CC-1D07-4EBA-8049-E3835367637F}C:\program files\nettvplayer2.0\nettvplayer2.exe" = protocol=6 | dir=in | app=c:\program files\nettvplayer2.0\nettvplayer2.exe | 
"TCP Query User{4D50FB74-6C57-49CF-835D-9886B5512789}C:\program files\nettvplus player\nettvplayer.exe" = protocol=6 | dir=in | app=c:\program files\nettvplus player\nettvplayer.exe | 
"TCP Query User{4FAED1B1-413E-464C-95E2-3670486EEA87}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{574695E2-5C81-4270-9A4E-4E88B95C9940}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"TCP Query User{5B540635-897C-407C-993F-0A65AE853283}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{6FD2C160-CCC4-4949-914A-937E6E4AA1A8}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"TCP Query User{74EBA47E-B8F0-41C3-AC72-9212E7F0F0E0}C:\program files\nettvplayer2.3\nettvplayer.exe" = protocol=6 | dir=in | app=c:\program files\nettvplayer2.3\nettvplayer.exe | 
"TCP Query User{74FC108D-72A7-4ADA-A5E2-3149E939E56C}C:\program files\nettvprofessional\nettvprofessional.exe" = protocol=6 | dir=in | app=c:\program files\nettvprofessional\nettvprofessional.exe | 
"TCP Query User{7B695F63-9FC6-4166-88F6-7EE023CF3933}C:\program files\java\jre6\launch4j-tmp\stanza.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\stanza.exe | 
"TCP Query User{7CF3B2F1-7E2B-4B52-A79E-78CC57AB225B}C:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe | 
"TCP Query User{81FF4FE0-05AA-4C91-A67F-5E2E455DDE0D}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{9802FA07-18B1-4412-8B61-8DC950744FA1}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{9C217352-A874-4EC4-A138-1AEDBF32D428}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{A9E6BD7C-7075-4E7B-9BDF-2DFAF4E2BB7C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{AF02D250-C1A3-4DFA-BD22-40C554F3002D}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"TCP Query User{B542DB12-CBD8-4CF8-B477-FCF7205BF387}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"TCP Query User{BBDB77A0-F5D3-445D-B8CD-B3F688914D82}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{C53CD2F9-37BD-4786-9173-80D417867BFD}C:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe" = protocol=6 | dir=in | app=c:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe | 
"TCP Query User{C9775856-051B-4E20-85C4-4CC9D8836B7C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{D02F931A-F6A9-4A10-8876-E40E7BDE1596}C:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe" = protocol=6 | dir=in | app=c:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe | 
"TCP Query User{D94A8C66-9AA9-4C73-B025-8BDF5639F9AC}C:\program files\readon technology\readon tv movie radio player 5.8.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 5.8.0.0\internettv.exe | 
"TCP Query User{E18343ED-939E-4669-9937-3A65082CB5A6}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"TCP Query User{E44EE076-2691-4163-98C0-0A119B04C8F4}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{E8A30833-99F5-41E0-B550-6DD758509E08}C:\program files\nettvplus player\nettvplayer.exe" = protocol=6 | dir=in | app=c:\program files\nettvplus player\nettvplayer.exe | 
"TCP Query User{EB8D315A-884D-4A8E-B7E9-C50200AEF7B4}C:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe | 
"TCP Query User{ECB7C364-F38F-456D-A8B4-80479C88CB54}C:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe | 
"TCP Query User{EE025B23-0FF2-4288-A527-A71A4FD6D92A}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe | 
"TCP Query User{F011AC76-6CB8-4C0E-BCCC-037F34EA3A1A}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | 
"TCP Query User{F081D106-A84A-4941-911A-F25990A21F54}C:\windows\system32\presentationhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\presentationhost.exe | 
"TCP Query User{F712B617-731B-464B-B939-6375A05839DF}C:\users\drago\desktop\seda_tv.exe" = protocol=6 | dir=in | app=c:\users\drago\desktop\seda_tv.exe | 
"TCP Query User{FB207454-5F85-4C25-A7EF-C2FFB102BED3}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{0A41D6D7-CE29-46E4-BF1F-B550F2FD3483}C:\program files\nettvprofessional\nettvprofessional.exe" = protocol=17 | dir=in | app=c:\program files\nettvprofessional\nettvprofessional.exe | 
"UDP Query User{0F9A843A-8C6F-49E7-86FA-E4C015D80A42}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe | 
"UDP Query User{1784467E-4375-4301-8242-46BE7C042442}C:\program files\nettvplus player\nettvplayer.exe" = protocol=17 | dir=in | app=c:\program files\nettvplus player\nettvplayer.exe | 
"UDP Query User{18817525-D242-4EEF-9F28-842FC871DCC6}C:\program files\nettvplayer 2.0\nettvplayer2.exe" = protocol=17 | dir=in | app=c:\program files\nettvplayer 2.0\nettvplayer2.exe | 
"UDP Query User{195ED9EA-11A5-4196-A1DA-9E416BFA1599}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{29C4FA40-9313-41AF-85B1-9B54E2BCB8EE}C:\program files\logitech touch mouse server\itouch-server-win.exe" = protocol=17 | dir=in | app=c:\program files\logitech touch mouse server\itouch-server-win.exe | 
"UDP Query User{2CD882BA-243C-489C-9BFF-0E0E2B4950E7}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"UDP Query User{322DC170-2384-4AC1-8ACE-51A530551EE9}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe | 
"UDP Query User{33207998-6D33-4D96-AF91-A6BF1DA06615}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{3A589051-884E-4D4A-AB07-F6B693672939}C:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe | 
"UDP Query User{3E66C266-437D-4004-9F26-7815B5738DD5}C:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 6.2.0.0\internettv.exe | 
"UDP Query User{461F93AF-1790-4CC3-BE67-2462592A6F6C}C:\users\drago\desktop\seda_tv.exe" = protocol=17 | dir=in | app=c:\users\drago\desktop\seda_tv.exe | 
"UDP Query User{4A85EC0C-CBAB-42CD-9E02-8EB5715360C3}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"UDP Query User{4B35DDBC-4049-421C-826E-D85D7E093693}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{5186BBA3-D172-4F46-BF40-387F029935F6}C:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe" = protocol=17 | dir=in | app=c:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe | 
"UDP Query User{530745DB-5620-4BA4-B722-43B356E9E72A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{595D97E0-16DA-4363-B53B-FD52E44525E8}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe | 
"UDP Query User{66C43968-32A5-456A-A12F-78FB1167A8D8}C:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe" = protocol=17 | dir=in | app=c:\program files\e.w.e.-software\befree4iphone\befree4iphone.exe | 
"UDP Query User{67A95FE6-6C38-413E-BBE7-9F40E53F5471}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe | 
"UDP Query User{6DE9EA47-AC35-41FF-8E5D-DB166B7A08B3}C:\program files\nettvplayer2.0\nettvplayer2.exe" = protocol=17 | dir=in | app=c:\program files\nettvplayer2.0\nettvplayer2.exe | 
"UDP Query User{8130C873-7A52-49FC-8659-6529FFA97446}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{836197AD-1878-4AC2-AA33-E6D54EB69013}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | 
"UDP Query User{91357C67-1753-49C8-9E0E-9F186A243E96}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | 
"UDP Query User{943C336B-1B8A-4003-8338-E9A7A4AC8F48}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{A282316C-B565-4C3E-9D3B-B5AA79F5F42C}C:\program files\nettvplus player\nettvplayer.exe" = protocol=17 | dir=in | app=c:\program files\nettvplus player\nettvplayer.exe | 
"UDP Query User{AB7610FA-3347-4C6E-974E-5F384CC07B60}C:\program files\java\jre6\launch4j-tmp\stanza.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\stanza.exe | 
"UDP Query User{AD08CE9A-A3B5-4136-A500-A8980D94C2C1}C:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 5.5.0.0\internettv.exe | 
"UDP Query User{B7DA8ABA-E89D-4843-9D46-BBDF327A425C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{BA280D9A-BF37-4805-A29C-07B958276B3E}C:\program files\nettvplayer2.0\nettvplayer2.exe" = protocol=17 | dir=in | app=c:\program files\nettvplayer2.0\nettvplayer2.exe | 
"UDP Query User{BA7DE283-C878-4437-BF35-DCB6908FA421}C:\program files\nettvplayer2.3\nettvplayer.exe" = protocol=17 | dir=in | app=c:\program files\nettvplayer2.3\nettvplayer.exe | 
"UDP Query User{C5F49F09-63EE-4E8F-B64E-FC8297A9C172}C:\windows\system32\presentationhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\presentationhost.exe | 
"UDP Query User{CE206DA3-D0B8-4FDA-9CDD-01BF5B652608}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{F215BA48-A334-4C72-B350-4348B443BC1A}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{F48515B5-75A2-42DD-BABC-CEFF5A90AFFF}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{FA2816A8-1AE9-4E02-A630-E2FC7F58EDC3}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{FF619F4F-929F-46E0-8D4B-00824A4F37EA}C:\program files\readon technology\readon tv movie radio player 5.8.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 5.8.0.0\internettv.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06223EA1-8977-4A44-B2AB-30FD78B7DCC1}" = CCC Help Thai
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0B156D28-C8C5-44C3-A57E-7B3EF4AF7FB8}_is1" = Alextv 2.2.6
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0CF37D58-38A8-E03F-8DD8-B01B55C09615}" = CCC Help English
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20CCA435-1465-4567-885C-4A0AFCD0EB05}" = F2100_Help
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27349465-3521-8214-5311-286D806C86C3}" = CCC Help Dutch
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{32762866-8C6E-437E-1E79-4506FEB7323A}" = Catalyst Control Center Graphics Full Existing
"{34AFE453-F544-4269-89C9-CAB7F0744963}" = Nuance OmniPage 17
"{37FD2F04-EC91-41AE-B5AB-AFF904BF20EE}" = Mobile Broadband Drivers
"{3AB2F8DF-F905-44F9-8003-C81FEE95BC2B}" = Communication Center
"{3CAF2B2D-0DA3-7BD6-6701-E3D71992DB78}" = Catalyst Control Center Localization All
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{4324E4DD-C67C-A413-5C12-5DC694A99AF6}" = ATI Catalyst Install Manager
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{45633D5F-76CE-B1D7-325B-A3F329AA99DB}" = Catalyst Control Center InstallProxy
"{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}" = SPSS Statistics 17.0
"{4786E500-4FA0-C30F-D4E8-0E3D70D86227}" = CCC Help Swedish
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F147AEF-790D-DBE2-5830-94D90C02AC24}" = Catalyst Control Center Graphics Full New
"{50D69C54-6963-49A6-B762-A9FF8F56AF0F}" = Brockhaus multimedial 2009
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5985DD7D-67F4-DD15-8589-B3F43C4A111D}" = CCC Help Chinese Traditional
"{5D264375-3E92-7D10-F219-3536F5BAE7BA}" = CCC Help Japanese
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5F98C4EE-879F-232C-3F44-0BBFAB6A29D4}" = CCC Help Polish
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61F8A9EC-5CB4-0001-FF88-C469156BA14C}" = CCC Help German
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67830C2E-0345-7CE7-3829-8AB3D34E3AEB}" = CCC Help Turkish
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A9B4C2D-E651-6DD7-EC1D-AF331F250AB8}" = ccc-core-static
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}" = SPSS 15.0 für Windows [Auswertung Version]
"{6DEEDB89-D449-B985-4E0E-91D45AF66DFF}" = CCC Help Spanish
"{70312451-0D00-4A84-B9B1-0D59B5180A4F}" = Opera 10.53
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{716E5774-DD70-4A16-82AD-6341D5D37E4C}" = Readon TV Movie Radio Player 6.2.0.0
"{71702641-2849-45A4-8E62-4B85974B24A0}_is1" = BumpTop
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7513A376-16F0-7E53-5CA1-7DA10A6216BC}" = CCC Help Danish
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7C30283C-8DC7-4FBB-805E-52BEA5F580E8}" = Toshiba TEMPRO
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{811EF3A7-0861-0B8F-5432-3052E8230DC0}" = Catalyst Control Center Graphics Light
"{8259E348-50E8-A3C8-52B8-699DFDD31BA8}" = CCC Help Finnish
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{85E4952C-8C85-A58D-B9D9-783D1FADB775}" = Skins
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}" = EndNote X1
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8921F4ED-A696-D629-45E6-45A43A0F4FF0}" = CCC Help Czech
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{989112B0-74DB-4A40-932F-580049CD0B97}" = Visual Basic for Applications (R) Core - German
"{98C70B57-4930-7088-22F4-93FC196938D0}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6137721-B2D0-1DAF-0B19-12AB0D065C45}" = Catalyst Control Center Core Implementation
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC1A4255-0EC8-585B-2D1A-8306C07F2B91}" = CCC Help Hungarian
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AEE65D6C-EDF4-B3E1-00CD-B17A6FC6BC6A}" = CCC Help Italian
"{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}" = CorelDRAW Graphics Suite X4 - Lang DE
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9F119C0-6886-A250-BF18-3ABEAA26F6A5}" = CCC Help Korean
"{BB3B4056-4539-485E-A996-3B52480AA4B7}" = GT HSDPA driver installer
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DB64C016-1705-36E9-1AEA-C2D4738BDE9A}" = CCC Help Norwegian
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{DE2E45A2-31B1-7D26-2701-B1244763DE10}" = CCC Help Portuguese
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E16087F4-3CE3-B644-A5F5-503F55F34CC0}" = CCC Help Russian
"{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}" = TOSHIBA USB Sleep and Charge Utility
"{E4FD13E2-1638-A5B8-E28A-54D39F13D747}" = Catalyst Control Center Graphics Previews Vista
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{E9598E78-C39A-4FAB-A8C9-2F5F915A3852}" = TOSHIBA TV Tuner
"{E9E5845E-C2E1-4D8D-A2E1-46E6F7F68C68}" = Befree4iPhone
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0E4A500-34B5-E8B7-FC2C-3726A0577AAD}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F34009E9-6EA5-F0D2-4D7D-A9CE421908B6}" = CCC Help Greek
"{F69114BE-EFDC-C756-1B38-ABD1E4873113}" = ccc-utility
"{F6F90406-4726-4559-B6F7-3A96529CDD45}" = F2100
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}" = HDMI Control Manager
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}" = TOSHIBA Remote Control Manager
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"2F91FC44350477C3D31ADE03728FF7F1B1B9E493" = ENE CIR Receiver Driver
"630F35D9C4C7F7F8BA4429CDB68D368E926D33B3" = Windows-Treiberpaket - TOSHIBA (mod7700) Media  (08/12/2008 2.3.3.24)
"AAA Logo 2008_is1" = AAA Logo 2008 2.10
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AllDup_is1" = AllDup 2.1.10
"Any Video Converter_is1" = Any Video Converter 3.0.3
"AnyDVD" = AnyDVD
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"[url="http://www.ccleaner.de"]CCleaner[/url]" = [url="http://www.ccleaner.de"]CCleaner[/url]
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CloneDVDmobile" = CloneDVDmobile
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"DiskAid_is1" = DiskAid 3.0
"FlashGet" = FlashGet 1.9.6.1073
"FreePDF_XP" = FreePDF (Remove only)
"FTP Commander" = FTP Commander
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HPOCR" = HP OCR Software 8.0
"iLyrics_is1" = iLyrics 1.1.1.2 BETA
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper
"JDownloader" = JDownloader
"KaraFun_is1" = KaraFun 1.18
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Full)
"Logitech Touch Mouse Server" = Logitech Touch Mouse Server 1.0
"Logo Design Studio Pro 3.5.2" = Logo Design Studio Pro
"Magic NetTrace_is1" = Magic NetTrace 3.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"MediaMonkey_is1" = MediaMonkey 3.2
"Meine CEWE FOTOWELT" = Meine CEWE FOTOWELT
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"Mp3tag" = Mp3tag v2.44
"NetTVPlayer" = NetTVPlayer
"Novatel_V20025Installer" = Novatel driver package V2.00.25
"OptionPCCardInstaller" = Option Fusion Card driver, Ricola v 2.0.0.0
"OptionPluss_PCCardInstaller" = Option Fusion+ Card driver, Nozomi v 2.1.1.112
"Picasa2" = Picasa 2
"PokerStars.net" = PokerStars.net
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.1.95
"RealPlayer 12.0" = RealPlayer
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Revo Uninstaller" = Revo Uninstaller 1.89
"sfArk" = sfArk
"ShockwaveFlash" = Macromedia Flash Player 8
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 5" = TeamViewer 5
"tvbrowser" = TV-Browser 2.7.4
"TVUPlayer" = TVUPlayer 2.4.9.1
"UltraStar" = UltraStar 0.7.1
"Unlocker" = Unlocker 1.8.8
"URLSnooper 2_is1" = URL Snooper v2.20.02
"Veetle TV" = Veetle TV 0.9.17
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.0.2
"VMidi" = vanBasco's Karaoke Player
"Web Media for Vista_is1" = Web Media for Vista
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"Winamp" = Winamp
"Winamp Essentials Pack" = Winamp Essentials Pack
"Winamp Offizielle Deutsche Sprachdatei" = Winamp Offizielle Deutsche Sprachdatei v5.56
"WinPcapInst" = WinPcap 4.1 beta
"WinRAR archiver" = WinRAR
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NetTVProfessional" = NetTVProfessional
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 08.07.2010 17:29:36 | Computer Name = Drago-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung twsyng.exe, Version 2.13.0.0, Zeitstempel 0x49399a6e,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821, Ausnahmecode
 0xc0000005, Fehleroffset 0x000666ab,  Prozess-ID 0x1474, Anwendungsstartzeit 01cb1ee26d8adb90.
 
Error - 08.07.2010 17:31:35 | Computer Name = Drago-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung twsyng.exe, Version 2.13.0.0, Zeitstempel 0x49399a6e,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821, Ausnahmecode
 0xc0000005, Fehleroffset 0x000666ab,  Prozess-ID 0x14f0, Anwendungsstartzeit 01cb1ee4abad28e0.
 
Error - 08.07.2010 17:32:53 | Computer Name = Drago-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung twsyng.exe, Version 2.13.0.0, Zeitstempel 0x49399a6e,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821, Ausnahmecode
 0xc0000005, Fehleroffset 0x000666ab,  Prozess-ID 0x874, Anwendungsstartzeit 01cb1ee4f3440890.
 
Error - 08.07.2010 17:37:11 | Computer Name = Drago-PC | Source = Application Hang | ID = 1002
Description = Programm vmidi.exe, Version 0.0.0.0 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: 1440  Anfangszeit: 01cb1ee5a288a7c0  Zeitpunkt der Beendigung:
 33
 
Error - 08.07.2010 17:42:01 | Computer Name = Drago-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung is-GARBR.tmp, Version 51.44.0.0, Zeitstempel
 0x2a425e19, fehlerhaftes Modul shfolder.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4549bdb5, Ausnahmecode 0xc0000005, Fehleroffset 0x752d1344,  Prozess-ID 0x13e0,
 Anwendungsstartzeit 01cb1ee659d51800.
 
Error - 08.07.2010 22:37:06 | Computer Name = Drago-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 08.07.2010 22:37:06 | Computer Name = Drago-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description = 
 
Error - 09.07.2010 01:09:55 | Computer Name = Drago-PC | Source = Bonjour Service | ID = 100
Description = 388: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 09.07.2010 01:13:29 | Computer Name = Drago-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.07.2010 12:59:29 | Computer Name = Drago-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 11.06.2010 02:13:33 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (2244.1128)
 
Error - 11.06.2010 02:13:33 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (2244.1129)
 
Error - 02.07.2010 02:15:31 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (4928.1128)
 
Error - 02.07.2010 02:15:31 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (4928.1129)
 
Error - 02.07.2010 03:15:36 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (3880.1128)
 
Error - 02.07.2010 03:15:36 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (3880.1129)
 
Error - 02.07.2010 04:15:41 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (5200.1128)
 
Error - 02.07.2010 04:15:41 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (5200.1129)
 
Error - 02.07.2010 05:15:46 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (5868.1128)
 
Error - 02.07.2010 05:15:46 | Computer Name = Drago-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (5868.1129)
 
[ System Events ]
Error - 28.01.2010 11:26:55 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X SD Host Controller" (PCI\VEN_197B&DEV_2381&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&02E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 11:26:55 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X MS Host Controller" (PCI\VEN_197B&DEV_2383&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&03E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 11:26:55 | Computer Name = Drago-PC | Source = PlugPlayManager | ID = 12
Description = Das Gerät "JMB38X xD Host Controller" (PCI\VEN_197B&DEV_2384&SUBSYS_FF021179&REV_00\4&2bcebcdb&0&04E5)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 28.01.2010 11:27:29 | Computer Name = Drago-PC | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 28.01.2010 11:28:07 | Computer Name = Drago-PC | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 28.01.2010 11:28:08 | Computer Name = Drago-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 28.01.2010 11:32:48 | Computer Name = Drago-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 28.01.2010 11:36:27 | Computer Name = Drago-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 28.01.2010 11:36:39 | Computer Name = Drago-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 28.01.2010 11:39:43 | Computer Name = Drago-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >

Code

OTL logfile created on: 14.07.2010 12:49:13 - Run 4
OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\Drago\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 59,88 Gb Free Space | 32,14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 184,84 Gb Total Space | 102,58 Gb Free Space | 55,50% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DRAGO-PC
Current User Name: Drago
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Drago\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Toshiba\TECO\TecoService.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Toshiba\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Programme\T-Mobile\Communication Center\AutoUpdateSrv.exe ()
PRC - C:\Programme\Common Files\GtFlashSwitch\GtFlashSwitch.exe (OptionNV)
PRC - C:\Windows\System32\Gtdetectsc.exe (OptionNV)
PRC - C:\Programme\Microsoft Office\Office10\WINWORD.EXE (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Drago\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80DEU.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfc80u.dll (Microsoft Corporation)
MOD - C:\Windows\System32\riched20.dll (Microsoft Corporation)
MOD - C:\Windows\System32\rsaenh.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Programme\Common Files\Thomson ResearchSoft\Cwyw\EndNote Cwyw.dll (Thomson ResearchSoft)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (camsvc) -- C:\Programme\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe (TOSHIBA)
SRV - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV - (TMachInfo) -- C:\Programme\Toshiba\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (TNaviSrv) -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TosCoSrv) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (GameConsoleService) -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (AdobeActiveFileMonitor7.0) -- C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (Thpsrv) -- C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (GtFlashSwitch) -- C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe (OptionNV)
SRV - (gtdetectsc) -- C:\Windows\System32\Gtdetectsc.exe (OptionNV)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (SASKUTIL) -- C:\Users\Drago\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS File not found
DRV - (SASDIFSV) -- C:\Users\Drago\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS File not found
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek                                            )
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NWUSBPort) -- C:\Windows\System32\drivers\nwusbser.sys (Novatel Wireless Inc.)
DRV - (NWUSBModem) -- C:\Windows\System32\drivers\nwusbmdm.sys (Novatel Wireless Inc.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (Thpdrv) -- C:\Windows\system32\DRIVERS\thpdrv.sys (TOSHIBA Corporation)
DRV - (TVALZFL) -- C:\Windows\System32\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (PGEffect) -- C:\Windows\System32\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (mod7700) -- C:\Windows\System32\drivers\dvb7700all.sys (DiBcom)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (enecirhid) -- C:\Windows\System32\drivers\enecirhid.sys (ENE TECHNOLOGY INC.)
DRV - (enecirhidma) -- C:\Windows\System32\drivers\enecirhidma.sys (ENE TECHNOLOGY INC.)
DRV - (UMPass) -- C:\Windows\System32\drivers\umpass.sys (Microsoft Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ManyCam) -- C:\Windows\System32\drivers\ManyCam.sys (ManyCam LLC.)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (Thpevm) -- C:\Windows\system32\DRIVERS\Thpevm.SYS (TOSHIBA Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (NWADI) -- C:\Windows\System32\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.08
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.28 14:41:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.12 23:08:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010.06.14 23:43:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.06.21 23:22:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.06.16 20:31:54 | 000,000,000 | ---D | M]
 
[2010.06.21 23:22:47 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\mozilla\Extensions
[2010.06.21 23:22:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Drago\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.06.07 17:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Drago\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2010.07.14 12:10:26 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\mozilla\Firefox\Profiles\ct7w40o0.default\extensions
[2010.01.03 23:06:36 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Drago\AppData\Roaming\mozilla\Firefox\Profiles\ct7w40o0.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009.11.05 23:40:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Drago\AppData\Roaming\mozilla\Firefox\Profiles\ct7w40o0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.07 17:44:17 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\mozilla\Sunbird\Profiles\dpmjhbhk.default\extensions
[2010.06.07 17:44:17 | 000,000,000 | ---D | M] (Provider for Google Calendar) -- C:\Users\Drago\AppData\Roaming\mozilla\Sunbird\Profiles\dpmjhbhk.default\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}
[2010.07.14 09:30:26 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.07.12 23:08:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.07.12 23:07:53 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.14 17:24:20 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.14 17:24:20 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.14 17:24:21 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.14 17:24:21 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.14 17:24:21 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.07.13 22:47:25 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll (www.flashget.com)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Programme\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeNotify] C:\Programme\Toshiba\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Nuance OmniPage 17-reminder] C:\Program Files\Nuance\OmniPage17\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ThpSrv] C:\Windows\System32\thpsrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Programme\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPCHWMsg] C:\Programme\Toshiba\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TRCMan] C:\Programme\Toshiba\TRCMan\TRCMan.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Programme\Toshiba\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Drago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk = C:\Programme\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Programme\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Mit FlashGet laden - C:\Programme\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} -  File not found
O9 - Extra Button: Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Programme\Magic NetTrace\MTIE.exe (TialSoft software)
O9 - Extra 'Tools' menuitem : &Magic Nettrace - {92848C13-5482-49CB-B31C-CA8D74EFF508} - C:\Programme\Magic NetTrace\MTIE.exe (TialSoft software)
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe File not found
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: btopenzone.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: t-mobile.net ([hotspot] https in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\System32\acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010.07.13 22:54:41 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2010.07.13 22:50:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.07.13 22:50:42 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.07.13 22:38:32 | 000,000,000 | ---D | C] -- C:\Combo-Fix3881C
[2010.07.13 22:06:55 | 000,000,000 | ---D | C] -- C:\Users\Drago\AppData\Local\temp
[2010.07.13 21:45:49 | 000,000,000 | ---D | C] -- C:\Combo-Fix
[2010.07.13 13:40:30 | 039,074,536 | ---- | C] (Microsoft Corporation) -- C:\Users\Drago\Documents\FileFormatConverters.exe
[2010.07.12 23:29:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.12 23:29:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.12 23:29:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.12 23:29:01 | 006,153,352 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Drago\Desktop\mbam-setup-1.46.exe
[2010.07.12 23:12:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.07.12 23:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.07.12 23:09:04 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.07.12 23:08:08 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.07.12 23:08:08 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.07.12 23:08:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.07.12 23:08:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.07.12 22:18:40 | 000,000,000 | ---D | C] -- C:\Users\Drago\AppData\Roaming\SUPERAntiSpyware.com
[2010.07.12 22:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.07.12 20:53:20 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Virus neu
[2010.07.12 20:52:20 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Drago\Desktop\OTL.exe
[2010.07.08 23:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Recisio
[2010.07.08 23:41:56 | 000,000,000 | ---D | C] -- C:\Programme\KaraFun
[2010.07.08 23:41:31 | 005,063,603 | ---- | C] (Recisio                                                     ) -- C:\Users\Drago\Desktop\karafun_118.exe
[2010.07.08 23:24:18 | 000,000,000 | ---D | C] -- C:\Programme\UltraStar
[2010.07.08 23:03:36 | 000,000,000 | ---D | C] -- C:\Programme\vanBasco's Karaoke Player
[2010.07.08 09:23:10 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\WGV Kfz-Versicherung
[2010.07.05 15:12:40 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\ExistPrimeCup
[2010.06.28 12:56:49 | 000,000,000 | ---D | C] -- C:\Programme\sfArk
[2010.06.28 12:06:01 | 000,000,000 | ---D | C] -- C:\timidity
[2010.06.28 12:03:26 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\sound midi
[2010.06.26 16:02:26 | 000,000,000 | ---D | C] -- C:\Programme\NetTVPlayer
[2010.06.26 13:36:35 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\karaoke pjesme
[2010.06.24 22:54:22 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.24 22:54:22 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.24 22:54:22 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.24 21:08:32 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Präsi
[2010.06.22 22:55:50 | 000,000,000 | ---D | C] -- C:\Programme\Alextv
[2010.06.21 21:13:21 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.06.21 21:13:19 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.06.21 21:09:41 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.06.18 22:07:59 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\MOBILE_MP4
[2010.06.18 20:56:41 | 000,000,000 | ---D | C] -- C:\Users\Drago\Desktop\Neuer Ordner
[2010.06.14 23:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010.07.14 12:48:08 | 005,242,880 | -HS- | M] () -- C:\Users\Drago\NTUSER.DAT
[2010.07.14 12:45:44 | 000,016,628 | ---- | M] () -- C:\Users\Drago\Desktop\CF.jpg
[2010.07.14 12:39:01 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.14 12:36:32 | 000,000,016 | -H-- | M] () -- C:\Windows\System32\servdat.slm
[2010.07.14 12:34:15 | 000,000,219 | ---- | M] () -- C:\Windows\System32\lsprst7.tgz
[2010.07.14 12:34:15 | 000,000,205 | ---- | M] () -- C:\Windows\System32\lsprst7.dll
[2010.07.14 12:34:15 | 000,000,014 | ---- | M] () -- C:\Windows\System32\ssprs.tgz
[2010.07.14 12:20:26 | 000,251,392 | ---- | M] () -- C:\Users\Drago\Desktop\DOKTORARBEIT.spo
[2010.07.14 11:48:41 | 000,032,116 | ---- | M] () -- C:\Users\Drago\Desktop\LowDoseCT_definitiv_2010-04-19-1.sav
[2010.07.14 11:47:03 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.14 11:47:03 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.14 11:29:27 | 000,000,014 | ---- | M] () -- C:\Windows\System32\tmpPrst.tgz
[2010.07.14 11:29:27 | 000,000,000 | ---- | M] () -- C:\Windows\System32\ssprs.dll
[2010.07.13 23:39:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.13 22:47:32 | 000,000,243 | ---- | M] () -- C:\Windows\system.ini
[2010.07.13 22:47:25 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.07.13 21:47:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.13 21:47:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.13 21:46:10 | 000,524,288 | -HS- | M] () -- C:\Users\Drago\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.07.13 21:46:10 | 000,065,536 | -HS- | M] () -- C:\Users\Drago\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.07.13 21:46:09 | 006,291,456 | -H-- | M] () -- C:\Users\Drago\AppData\Local\IconCache.db
[2010.07.13 19:46:22 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.13 19:22:21 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.07.13 13:40:58 | 039,074,536 | ---- | M] (Microsoft Corporation) -- C:\Users\Drago\Documents\FileFormatConverters.exe
[2010.07.13 10:44:45 | 000,147,935 | ---- | M] () -- C:\Windows\hpoins12.dat
[2010.07.13 10:44:26 | 000,000,261 | ---- | M] () -- C:\Windows\win.ini
[2010.07.12 23:29:54 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.12 23:29:04 | 006,153,352 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Drago\Desktop\mbam-setup-1.46.exe
[2010.07.12 23:07:53 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.07.12 23:07:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.07.12 23:07:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.07.12 23:07:52 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.07.12 21:17:58 | 292,309,254 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.07.12 20:52:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Drago\Desktop\OTL.exe
[2010.07.12 12:43:45 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.12 12:43:45 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.12 12:43:45 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.12 12:43:45 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.12 12:43:45 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.09 19:28:43 | 000,001,356 | ---- | M] () -- C:\Users\Drago\AppData\Local\d3d9caps.dat
[2010.07.08 23:41:58 | 000,001,621 | ---- | M] () -- C:\Users\Drago\Desktop\KaraFun Editor.lnk
[2010.07.08 23:41:58 | 000,000,743 | ---- | M] () -- C:\Users\Drago\Desktop\KaraFun.lnk
[2010.07.08 23:41:38 | 005,063,603 | ---- | M] (Recisio                                                     ) -- C:\Users\Drago\Desktop\karafun_118.exe
[2010.07.08 23:41:20 | 000,262,952 | ---- | M] () -- C:\Users\Drago\Documents\SoftonicDownloader36854.exe
[2010.07.08 23:36:11 | 000,000,561 | ---- | M] () -- C:\Windows\timidity.cfg
[2010.07.08 23:36:11 | 000,000,218 | ---- | M] () -- C:\Users\Drago\.recently-used.xbel
[2010.07.08 23:23:41 | 000,262,952 | ---- | M] () -- C:\Users\Drago\Documents\SoftonicDownloader57983.exe
[2010.07.08 23:03:37 | 000,000,875 | ---- | M] () -- C:\Users\Drago\Desktop\vanBasco's Karaoke Player.lnk
[2010.07.08 22:59:58 | 000,884,736 | ---- | M] () -- C:\Users\Drago\Desktop\vkaraoke.exe
[2010.07.08 22:54:51 | 000,058,880 | ---- | M] (Putzlowitsch) -- C:\Windows\System32\PLWMidiMap.cpl
[2010.07.08 22:53:31 | 000,027,322 | ---- | M] () -- C:\Users\Drago\Desktop\plw-vista-midi-mapper_0_93.zip
[2010.07.01 18:34:27 | 000,133,208 | ---- | M] () -- C:\Users\Drago\AppData\Roaming\GDIPFONTCACHEV1.DAT
[2010.06.30 09:51:22 | 000,641,536 | ---- | M] () -- C:\Users\Drago\Desktop\TN_RK_AbrFormular_ProCup-Leipzig.xls
[2010.06.28 22:32:39 | 000,026,624 | ---- | M] () -- C:\Users\Drago\Documents\Panini WM 2010 doppel.xls
[2010.06.28 21:55:43 | 000,027,136 | ---- | M] () -- C:\Users\Drago\Documents\Panini WM 2010.xls
[2010.06.28 12:06:07 | 000,000,069 | ---- | M] () -- C:\Windows\timidity.cfg.bak
[2010.06.28 10:58:15 | 000,133,208 | ---- | M] () -- C:\Users\Drago\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.28 10:56:25 | 000,426,176 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.26 16:02:46 | 000,000,845 | ---- | M] () -- C:\Users\Public\Desktop\Net TV Player.lnk
[2010.06.25 10:25:36 | 000,000,809 | ---- | M] () -- C:\Users\Drago\Desktop\[url="http://www.ccleaner.de"]CCleaner[/url].lnk
[2010.06.25 09:46:30 | 000,001,062 | ---- | M] () -- C:\Users\Drago\Desktop\Revo Uninstaller.lnk
[2010.06.22 20:15:07 | 024,241,197 | ---- | M] () -- C:\Users\Drago\Desktop\NetTVPretrazivac2.4.exe
[2010.06.18 22:21:38 | 000,134,144 | ---- | M] () -- C:\Users\Drago\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.18 22:17:40 | 000,025,600 | ---- | M] () -- C:\Users\Drago\Documents\Lieber Ujak.doc
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010.07.14 12:45:43 | 000,016,628 | ---- | C] () -- C:\Users\Drago\Desktop\CF.jpg
[2010.07.14 12:20:25 | 000,251,392 | ---- | C] () -- C:\Users\Drago\Desktop\DOKTORARBEIT.spo
[2010.07.14 11:29:27 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010.07.14 11:29:13 | 000,032,116 | ---- | C] () -- C:\Users\Drago\Desktop\LowDoseCT_definitiv_2010-04-19-1.sav
[2010.07.12 23:29:54 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.12 21:12:49 | 292,309,254 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.07.08 23:41:58 | 000,001,621 | ---- | C] () -- C:\Users\Drago\Desktop\KaraFun Editor.lnk
[2010.07.08 23:41:58 | 000,000,743 | ---- | C] () -- C:\Users\Drago\Desktop\KaraFun.lnk
[2010.07.08 23:41:19 | 000,262,952 | ---- | C] () -- C:\Users\Drago\Documents\SoftonicDownloader36854.exe
[2010.07.08 23:36:11 | 000,000,218 | ---- | C] () -- C:\Users\Drago\.recently-used.xbel
[2010.07.08 23:23:39 | 000,262,952 | ---- | C] () -- C:\Users\Drago\Documents\SoftonicDownloader57983.exe
[2010.07.08 23:03:37 | 000,000,875 | ---- | C] () -- C:\Users\Drago\Desktop\vanBasco's Karaoke Player.lnk
[2010.07.08 22:59:57 | 000,884,736 | ---- | C] () -- C:\Users\Drago\Desktop\vkaraoke.exe
[2010.07.08 22:53:22 | 000,027,322 | ---- | C] () -- C:\Users\Drago\Desktop\plw-vista-midi-mapper_0_93.zip
[2010.07.01 17:38:50 | 000,641,536 | ---- | C] () -- C:\Users\Drago\Desktop\TN_RK_AbrFormular_ProCup-Leipzig.xls
[2010.06.28 22:32:39 | 000,026,624 | ---- | C] () -- C:\Users\Drago\Documents\Panini WM 2010 doppel.xls
[2010.06.28 21:54:05 | 000,027,136 | ---- | C] () -- C:\Users\Drago\Documents\Panini WM 2010.xls
[2010.06.28 12:55:49 | 000,081,920 | ---- | C] () -- C:\Windows\portaudio.dll
[2010.06.28 12:39:19 | 000,000,063 | ---- | C] () -- C:\Users\Drago\timidity.cfg.txt
[2010.06.28 12:06:07 | 000,000,561 | ---- | C] () -- C:\Windows\timidity.cfg
[2010.06.28 12:06:07 | 000,000,069 | ---- | C] () -- C:\Windows\timidity.cfg.bak
[2010.06.26 16:02:46 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Net TV Player.lnk
[2010.06.25 10:25:36 | 000,000,809 | ---- | C] () -- C:\Users\Drago\Desktop\[url="http://www.ccleaner.de"]CCleaner[/url].lnk
[2010.06.22 22:56:11 | 000,001,504 | ---- | C] () -- C:\Users\Drago\Desktop\FMTuner.lnk
[2010.06.22 20:14:49 | 024,241,197 | ---- | C] () -- C:\Users\Drago\Desktop\NetTVPretrazivac2.4.exe
[2010.06.21 21:14:16 | 000,002,231 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.18 22:17:39 | 000,025,600 | ---- | C] () -- C:\Users\Drago\Documents\Lieber Ujak.doc
[2010.06.16 19:40:23 | 1200,187,908 | ---- | C] () -- C:\Users\Drago\Desktop\Cars.divx
[2010.06.09 23:39:17 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.06.09 23:39:17 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.06.09 23:39:16 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.06.09 23:39:16 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.06.09 23:39:15 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.06.09 23:39:15 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010.05.16 18:22:24 | 000,000,391 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010.02.10 00:31:44 | 000,003,584 | ---- | C] () -- C:\Windows\System32\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.07 10:42:49 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2010.01.07 10:42:49 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2010.01.07 10:42:49 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2009.11.06 00:41:03 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.11.03 00:14:21 | 000,000,010 | ---- | C] () -- C:\Windows\wininit.ini
[2009.11.02 22:13:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.10.27 13:49:23 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2009.10.27 13:49:23 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2009.10.27 13:45:45 | 000,002,048 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009.10.25 21:48:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.14 22:09:32 | 001,936,528 | ---- | C] () -- C:\Windows\System32\ltmm15.dll
[2009.07.24 11:39:33 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.07.24 11:08:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.06.05 10:43:09 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2009.06.05 08:22:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.01.05 16:44:10 | 000,000,483 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008.09.02 02:32:38 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2007.06.21 22:55:54 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.06 07:49:42 | 000,839,680 | ---- | C] () -- C:\Windows\System32\timiditydrv.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010.05.05 20:35:37 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\adma
[2009.11.16 15:05:18 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Alice Systems
[2010.04.13 19:56:55 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\AllDup
[2010.07.12 23:12:56 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Alur
[2010.03.11 21:57:21 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\AnvSoft
[2010.06.06 22:12:55 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Bump Technologies, Inc
[2009.11.16 14:31:49 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Bytemobile
[2009.10.27 13:42:51 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\DAEMON Tools Lite
[2009.10.27 13:32:58 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\DAEMON Tools Pro
[2010.01.03 21:11:28 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\DC++
[2010.01.30 18:13:56 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\DiskAid
[2010.07.14 09:37:56 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\EndNote
[2010.02.16 19:39:52 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\FlashGet
[2010.02.17 00:16:52 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\foobar2000
[2010.07.12 13:10:05 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\gtk-2.0
[2009.10.26 03:20:01 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Jasc
[2010.07.09 19:12:16 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Kigeo
[2010.03.28 23:27:45 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\ManyCam
[2010.01.28 00:15:58 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\MOVAVI
[2010.07.12 13:10:06 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Mp3tag
[2010.02.16 12:55:12 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Music Editor Free
[2010.05.16 16:46:28 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Nuance
[2009.10.25 14:42:13 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\ooVoo Details
[2010.05.31 12:05:31 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Opera
[2010.03.22 23:12:06 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\PPLive
[2010.05.17 09:34:59 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\ScanSoft
[2009.11.06 01:20:32 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\SlySoft
[2010.03.23 00:29:52 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Steinberg
[2010.04.18 20:00:44 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Summitsoft
[2010.02.15 01:04:44 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Sytexis Software
[2010.02.02 20:51:34 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\TeamViewer
[2010.01.10 00:39:49 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Thinstall
[2010.06.21 23:22:32 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Thunderbird
[2009.11.03 01:33:28 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\TOSHIBA
[2009.11.16 14:33:21 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Vodafone
[2010.07.12 23:09:56 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Wyem
[2010.05.16 16:53:31 | 000,000,000 | ---D | M] -- C:\Users\Drago\AppData\Roaming\Zeon
[2010.07.13 21:46:13 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
< End of report >

Schritt 3) Fehlermeldungen kamen nicht mehr und der Laptop ist auch recht tabil, also hat sein heute morgen keinen Neustart mehr ausgeführt (gezwungen durch den Fehler).

War es das jetzt oder was sagt das OTL log?!

14.07.2010, 13:33

Swisstreasure

Moderator

Beiträge: 5694

#15 Schritt 1

Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.• Bitte lade Dir (falls noch nicht vorhanden) [url="http://oldtimer.geekstogo.com/OTL.exe]OTL von OldTimer[/url] herunter.
• Speichere es auf Deinem Desktop.
• Doppelklick auf OTL.exe um das Programm auszuführen.
• Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
• Klicke auf den Button "Bereinigung"
• OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.Anmerkung: Nach dem Neustart werden
OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast,
nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme
nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

Schritt 2

Programme updaten

Du verwendest zum Teil veraltete Software, die Sicherheitslücken auf deinem System bildet, durch die Malware eindringen kann. Alle Software, die du auf deinem Rechner hast, muss regelmäßig geupdatet werden, auch dann, wenn du sie nicht verwendest. Eine einfache Möglichkeit, diese Software Updates zu überwachen, bietet der Secunia Inspektor.

Schritt 3

Nachsorge

Um Dein System vor Malware zu schützen, gebe ich Dir im Anschluss eine Kurzversion mit Tipps und Hinweisen auf Tools, die Dir helfen werden, Dein System abzusichern und in Zukunft frei von Infektionen zu halten. Wenn Dein System infiziert war, rate ich Dir, Deine Passwörter zu ändern. Bitte betrachte die Tipps als Vorschläge und nicht als Nonplusultra

.

Erstelle einen neuen Systemwiederherstellungspunkt

Das ist ein guter Zeitpunkt, die Systemwiederherstellung zu leeren und einen neuen sauberen Wiederherstellungspunkt zu erstellen (Anleitung für Vista-User).
• Start => Alle Programme => Zubehör => Systemprogramme => Systemwiederherstellung
• Wähle "Einen Wiederherstellungspunkt erstellen" => Weiter
• Gebe als Beschreibung z. B. "Nach_Bereinigung" ein => Erstellen => Schließen.
• Nun Start => Ausführen => cleanmgr (reinschreiben) => OK => Reiter Weitere Optionen
• Klicke unter Systemwiederherstellung auf Bereinigen und bestätige das Löschen mit Ja => OK.
Das wird alle Wiederherstellungspunkte bis auf den letzten neu erstellten löschen.

Diesen Punkt kannst Du weglassen, falls Du das System gerade neu aufgesetzt hast oder Combofix benutzt und ordentlich deinstalliert wurde, da Combofix das schon erledigt.

Massnahmen:

Um Dein System vor Malware zu schützen, gebe ich Dir im Anschluss eine Kurzversion mit Tipps und Hinweisen auf Tools, die Dir helfen werden, Dein System abzusichern und in Zukunft frei von Infektionen zu halten. Wenn Dein System infiziert war, rate ich Dir, Deine Passwörter zu ändern. Bitte betrachte die Tipps als Vorschläge und nicht als Nonplusultra

.

Falls bei Dir noch nicht installiert, solltest Du Dir die folgenden Programme installieren. Spybot Search&Destroy ist ein gutes Tool, welches bösartige Software sucht und unschädlich macht. Bei der Installation darauf achten, dass der TeaTimer nicht aktiviert wird. Lasse das Tool in regelmäßige Abständen (z. B. einmal pro Woche) laufen und lasse vor der Überprüfung immer nach Updates suchen, Details siehe ausführliche Anleitung. Um Dein System frei von temporären Dateien zu halten, empfehle ich [url="http://www.[url="http://www.CCleaner.de"]CCleaner[/url].de"][url="http://www.CCleaner.de"]CCleaner[/url][/url], (Toolbar nicht mitinstallieren) eine Freeware-Software zur Optimierung und zum Aufräumen von Windows, Einzelheiten siehe die Anleitung von Hijackthis-Forum.de. Bei Java (Sun) immer nur die aktuellste Version auf dem Rechner haben, alle anderen deinstallieren.

Verwende einen alternativen Browser, ich empfehle Firefox. Es gibt eine große Anzahl von Erweiterungen, wie z. B. Adblock Plus und NoScript. Mit der Erweiterung IE Tab ist sogar das Windows- und Office-Upate über Firefox möglich. Die Erweiterung QuickJava sorgt dafür, dass Du Java und Java-Skript nur bei Bedarf einschalten kannst. Eine alternatives E-Mail-Programm ist Thunderbird. Auch dafür gibt es viele sehr gute Erweiterungen.

Als Alternative für die ganzen Messenger kommen Miranda-IM oder Trillian infrage. Miranda ist ein malwarefreier OpenSource Instant-Messenger, der mit Protokollen von AOL, ICQ, IRC, MSN und Yahoo zusammen arbeitet. Mit dem ebenfalls malwarefreien Trillian kannst du mit Nutzern von ICQ, AIM, Yahoo Messenger, MSN und IRC chatten.

"Wie konnte die Malware auf meinen Rechner kommen?", ist die wohl am häufigsten gestellte Frage. Malware gelangt in erster Linie über sogenannte Browser Exploits auf einen Rechner, also über Sicherheitslücken im Browser selbst. Weitere Schleusen sind E-Mail-Anhänge, Lecks im Betriebssystem oder Dateidownloads aus unsicheren Quellen.

Durch Einsatz Deines Köpfchens und folgende simple Maßnahmen kannst Du den Schutz optimieren:

• System immer auf aktuellem Stand halten (Windows Update regelmäßig machen und Software aktualisieren).
• Programme wenn möglich "benutzerdefiniert" installieren und Toolbars und Sponsoren abwählen.
• Internet Explorer sicher konfigurieren.
• Nur Original-Software nutzen und auf Programme aus dubiosen Quellen konsequent verzichten.
• Programme, die Du nicht mehr nutzt, über Systemsteuerung => Software entfernen/deinstallieren.
• Nicht alles anklicken, wo klickmich draufsteht!
• Gesunden Menschenverstand und Vorsicht walten lassen,
• insbesondere bei Dateien, die Du Dir auf den PC holst, also E-Mails, Downloads etc.,
• am besten auf Filesharing über P2P-Programme ganz verzichten.
• Router durch Vergabe eines Kennwortes vor Änderungen von außen schützen.
• Nicht benötigte Dienste und Programme gar nicht erst starten.
Bezüglich der Dienste ist es allerdings nötig, sich damit ausführlich zu beschäftigen, ansonsten die Dienste lieber lassen, wie sie sind.
• Nicht benötigte "Ports" (am eventuell vorhandenen DSL-Router), Freigaben u. ä. schließen.
• Port-Scan-Test.
• WLAN absichern.
• Sichere Passwörter vergeben.
• Nicht mehr als einen Virenscanner mit Hintergrundwächter installieren.
• Nicht mehr als ein Antispyware-Programm mit Hintergrundwächter ständig laufen lassen.
• Das System hin und wieder zusätzlich mit einem dieser kostenlosen Online Scanner überprüfen.
• Datensicherung nicht vergessen!
Immer eine saubere Datensicherung als zurückspielbares Image auf Lager haben.

Freiwillige Spende

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1