Home » Viren, Trojaner & Malware Forum » Internet Seiten bauen sich sehr langsam auf » Themenansicht
Internet Seiten bauen sich sehr langsam auf |
||
|---|---|---|
| #0
| ||
|
11.08.2011, 08:07
Member
Beiträge: 262 |
||
 
|
|
|
|
11.08.2011, 19:58
Member
Beiträge: 34 |
||
|
|
|
|
|
12.08.2011, 07:52
Member
Themenstarter Beiträge: 262 |
#3
OTL logfile created on: 12.08.2011 07:41:02 - Run 4
OTL by OldTimer - Version 3.2.17.0 Folder = C:\Dokumente und Einstellungen\Admin\Desktop\tools Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 84,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 1512 3024 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 232,88 Gb Total Space | 213,97 Gb Free Space | 91,88% Space Free | Partition Type: NTFS Drive D: | 37,21 Gb Total Space | 32,16 Gb Free Space | 86,43% Space Free | Partition Type: NTFS Drive E: | 34,88 Gb Total Space | 30,55 Gb Free Space | 87,60% Space Free | Partition Type: NTFS Drive F: | 2,44 Gb Total Space | 2,44 Gb Free Space | 99,99% Space Free | Partition Type: FAT32 Computer Name: MAIN-1B84F08B18 | User Name: Admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Dokumente und Einstellungen\Admin\Desktop\tools\OTL.exe (OldTimer Tools) PRC - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousManager.exe (Yahoo!) PRC - C:\Programme\Tall Emu\Online Armor\oacat.exe (Tall Emu) PRC - C:\Programme\Tall Emu\Online Armor\oasrv.exe (Tall Emu) PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Programme\Outlook Express\msimn.exe (Microsoft Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (AVIRA GmbH) PRC - C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Dokumente und Einstellungen\Admin\Desktop\tools\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\Programme\Tall Emu\Online Armor\oawatch.dll (Tall Emu) MOD - C:\WINDOWS\system32\winsta.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\wsock32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\wtsapi32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (OAcat) -- C:\Programme\Tall Emu\Online Armor\OAcat.exe (Tall Emu) SRV - (SvcOnlineArmor) -- C:\Programme\Tall Emu\Online Armor\oasrv.exe (Tall Emu) SRV - (AntiVirService) -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (AVIRA GmbH) SRV - (AntiVirScheduler) -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (catchme) -- C:\DOKUME~1\Admin\LOKALE~1\Temp\catchme.sys File not found DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia) DRV - (OAnet) -- C:\WINDOWS\system32\drivers\OAnet.sys (Tall Emu Pty Ltd) DRV - (OAmon) -- C:\WINDOWS\system32\drivers\OAmon.sys (Tall Emu) DRV - (OADevice) -- C:\WINDOWS\system32\drivers\OADriver.sys (Tall Emu) DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation) DRV - (HECI) Intel(R) -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation) DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (avgio) -- C:\Programme\AntiVir PersonalEdition Classic\avgio.sys (H+BEDV Datentechnik GmbH) DRV - (avgntflt) -- C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys (H+BEDV Datentechnik GmbH) DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc) DRV - (ASPI) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542" FF - prefs.js..browser.search.order.1: "BearShare Web Search" FF - prefs.js..browser.search.param.yahoo-fr: "moz3" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz3" FF - prefs.js..browser.search.selectedEngine: "BearShare Web Search" FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/" FF - prefs.js..extensions.enabledItems: {ce18769b-c7fa-42d2-860d-17c4662c70ad}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:2.0 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.2 FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546 FF - prefs.js..extensions.enabledItems: engine@plasmoo.com:1.0.0.32 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.09.18 08:26:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.09.18 08:26:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.08.28 08:32:27 | 000,000,000 | ---D | M] [2010.12.10 13:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Extensions [2011.07.30 17:23:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions [2010.11.10 18:39:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.04.09 11:01:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.06.30 12:40:06 | 000,000,000 | ---D | M] (kikin plugin (Softonic Edition)) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2011.05.05 19:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.04.11 13:21:26 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2010.09.21 18:22:45 | 000,000,000 | ---D | M] (Babylon-English Toolbar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad} [2011.07.30 17:23:07 | 000,000,000 | ---D | M] (Torbutton) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2010.12.10 13:56:56 | 000,000,000 | ---D | M] (MediaBar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} [2011.05.05 19:20:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\engine@plasmoo.com [2010.09.14 14:41:12 | 000,002,506 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\searchplugins\BearShareWebSearch.xml [2010.03.16 11:42:56 | 000,000,927 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\searchplugins\conduit.xml [2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\searchplugins\icqplugin.xml [2011.07.30 17:23:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.05.25 11:39:57 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2008.12.19 00:30:20 | 000,106,128 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npstrlnk.dll [2008.03.15 15:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.21 18:22:42 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2010.09.14 14:41:12 | 000,002,506 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\BearShareWebSearch.xml [2008.03.15 15:56:14 | 000,002,642 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2008.02.19 16:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2006.12.03 17:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2006.11.17 13:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.05.11 17:54:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (CDelHotkeys Object) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O4 - HKLM..\Run: [Google Quick Search Box] C:\Programme\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.) O9 - Extra Button: Delicious - {2C887991-08F0-11DC-A9B2-0012F0B227DD} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O9 - Extra Button: Bookmarks - {2C887992-08F0-11DC-A9B2-0012F0B227DD} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O9 - Extra Button: Tag - {2C887993-08F0-11DC-A9B2-0012F0B227DD} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Programme\Tall Emu\Online Armor\oaevent.dll (Tall Emu) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.02.16 12:15:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005.11.14 20:40:48 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011.08.11 07:16:11 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2011.08.11 07:16:01 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011.08.12 07:41:13 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.08.12 07:41:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EFEF8E6C-0BD5-4F24-BC04-E9CC0FC61AAC}.job [2011.08.12 07:37:04 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.08.12 07:36:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.08.11 14:36:10 | 000,574,328 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.08.11 14:36:10 | 000,547,394 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.08.11 14:36:10 | 000,109,814 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.08.11 14:36:10 | 000,092,972 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.08.11 14:34:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.08.10 10:48:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.08.09 13:16:55 | 000,068,772 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\beleg Kopie.jpg [2011.08.06 18:05:08 | 000,000,488 | ---- | M] () -- C:\hpfr5550.xml [2011.08.05 14:46:55 | 000,000,263 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\Parallels Confixx.url [2011.08.04 13:44:10 | 003,106,326 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\beleg.psd [2011.08.03 16:58:50 | 000,008,419 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\Bayern Plus.url [2011.07.25 17:09:56 | 005,969,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2011.07.23 20:03:35 | 732,610,716 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image_03.nrg [2011.07.23 20:02:36 | 732,610,716 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image_02.nrg [2011.07.23 20:00:30 | 732,610,716 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image.nrg [2011.07.16 08:04:51 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011.07.15 17:00:26 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI [2011.07.15 15:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2011.07.15 12:46:00 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\zacher.jpg [2011.07.13 21:17:17 | 000,095,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011.08.09 13:16:52 | 000,068,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\beleg Kopie.jpg [2011.08.04 13:44:10 | 003,106,326 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\beleg.psd [2011.07.23 20:03:09 | 732,610,716 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image_03.nrg [2011.07.23 19:51:03 | 732,610,716 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image_02.nrg [2011.07.15 12:46:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\zacher.jpg [2010.04.08 08:48:46 | 000,000,056 | ---- | C] () -- C:\WINDOWS\uilib.INI [2010.02.14 13:51:14 | 000,076,407 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Smiley.ico [2010.01.07 17:50:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009.12.28 15:02:54 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2009.08.16 10:26:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009.02.28 18:42:24 | 000,001,176 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009.02.17 11:14:10 | 000,000,849 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log [2009.02.16 14:46:29 | 000,000,173 | ---- | C] () -- C:\WINDOWS\KPCMS.INI [2009.02.16 14:46:16 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL [2009.02.16 13:38:31 | 000,065,536 | ---- | C] () -- C:\WINDOWS\Dit.DLL [2009.02.16 13:38:31 | 000,000,208 | ---- | C] () -- C:\WINDOWS\Dit.INI [2009.02.16 12:07:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008.09.18 00:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004.11.18 09:16:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\nktwab.dll [2003.11.18 10:03:28 | 000,200,704 | --S- | C] () -- C:\WINDOWS\System32\archlib.dll [2003.03.09 22:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [color=#E56717]========== LOP Check ==========[/color] [2010.12.10 14:50:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\bearsharemediabartb [2010.07.10 09:31:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Beok [2011.08.12 07:37:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Delicious IE Extension [2011.05.05 12:12:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\DVDVideoSoftIEHelpers [2011.01.13 11:48:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Dyty [2011.04.11 08:28:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\ICQ [2010.06.06 11:28:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\JonDo [2010.06.06 11:09:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\kikin [2010.12.21 18:00:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Lynoe [2009.07.14 12:35:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\NCH Swift Sound [2011.04.08 09:09:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Oggan [2009.10.08 16:54:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\OnlineArmor [2011.04.08 19:22:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\SendBlaster2 [2010.09.10 09:47:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\SuperMailer [2009.04.15 20:14:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\T-Online [2011.04.15 13:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\TeamViewer [2010.04.07 17:08:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Tenebril [2009.04.06 09:25:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Thunderbird [2010.12.27 12:32:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Tific [2011.05.11 08:32:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\TuneUp Software [2011.05.05 19:04:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1DCB [2011.05.05 19:23:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1F271 [2010.12.20 18:00:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\26399 [2010.09.17 08:28:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2E138 [2011.08.11 10:49:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic [2010.12.10 13:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BearShare [2011.04.09 11:01:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ [2009.02.16 18:43:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier [2009.10.23 13:16:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Napster [2009.07.14 17:14:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound [2009.10.08 16:54:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OnlineArmor [2009.04.17 19:07:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online [2011.05.11 08:32:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2011.05.11 08:32:22 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2010.08.28 08:33:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010.12.10 13:56:47 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{E79EBD1D-6C43-4FAA-8F4C-0BCF5A258E82} [2009.06.27 17:25:17 | 000,000,334 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1236153915.job [2011.08.12 07:41:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{EFEF8E6C-0BD5-4F24-BC04-E9CC0FC61AAC}.job [color=#E56717]========== Purity Check ==========[/color] < End of report > |
|
|
|
|
|
|
12.08.2011, 12:35
Member
Beiträge: 34 |
#4
Es müssten 2 Datei angelegt worden seien. Otl.Txt und Extras.Txt. Bitte poste beide. Außerdem mache ein [url=http://www.chip.de/downloads/Malwarebytes-Anti-Malware_27322637.html]MBAM[/url] Quikscan. Vor dem Scannen deaktiviere dein AVS. Vor dem scannen solltest du MBAM aktuallisieren. Bitte poste den Befund. Wenn Maleware gefunden wird, entferne diese nicht!
|
|
|
|
|
|
|
19.08.2011, 08:20
Member
Themenstarter Beiträge: 262 |
#5
OTL logfile created on: 19.08.2011 08:15:11 - Run 5
OTL by OldTimer - Version 3.2.17.0 Folder = C:\Dokumente und Einstellungen\Admin\Desktop\tools Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 83,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 1512 3024 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 232,88 Gb Total Space | 214,05 Gb Free Space | 91,91% Space Free | Partition Type: NTFS Drive D: | 37,21 Gb Total Space | 32,16 Gb Free Space | 86,43% Space Free | Partition Type: NTFS Drive E: | 34,88 Gb Total Space | 30,55 Gb Free Space | 87,60% Space Free | Partition Type: NTFS Drive F: | 2,44 Gb Total Space | 2,44 Gb Free Space | 99,99% Space Free | Partition Type: FAT32 Computer Name: MAIN-1B84F08B18 | User Name: Admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Dokumente und Einstellungen\Admin\Desktop\tools\OTL.exe (OldTimer Tools) PRC - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousManager.exe (Yahoo!) PRC - C:\Programme\Tall Emu\Online Armor\oacat.exe (Tall Emu) PRC - C:\Programme\Tall Emu\Online Armor\oasrv.exe (Tall Emu) PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (AVIRA GmbH) PRC - C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Dokumente und Einstellungen\Admin\Desktop\tools\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\Programme\Tall Emu\Online Armor\oawatch.dll (Tall Emu) MOD - C:\WINDOWS\system32\winsta.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\wsock32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\wtsapi32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (OAcat) -- C:\Programme\Tall Emu\Online Armor\OAcat.exe (Tall Emu) SRV - (SvcOnlineArmor) -- C:\Programme\Tall Emu\Online Armor\oasrv.exe (Tall Emu) SRV - (AntiVirService) -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (AVIRA GmbH) SRV - (AntiVirScheduler) -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (catchme) -- C:\DOKUME~1\Admin\LOKALE~1\Temp\catchme.sys File not found DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia) DRV - (OAnet) -- C:\WINDOWS\system32\drivers\OAnet.sys (Tall Emu Pty Ltd) DRV - (OAmon) -- C:\WINDOWS\system32\drivers\OAmon.sys (Tall Emu) DRV - (OADevice) -- C:\WINDOWS\system32\drivers\OADriver.sys (Tall Emu) DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation) DRV - (HECI) Intel(R) -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation) DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (avgio) -- C:\Programme\AntiVir PersonalEdition Classic\avgio.sys (H+BEDV Datentechnik GmbH) DRV - (avgntflt) -- C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys (H+BEDV Datentechnik GmbH) DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc) DRV - (ASPI) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542" FF - prefs.js..browser.search.order.1: "BearShare Web Search" FF - prefs.js..browser.search.param.yahoo-fr: "moz3" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz3" FF - prefs.js..browser.search.selectedEngine: "BearShare Web Search" FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com/" FF - prefs.js..extensions.enabledItems: {ce18769b-c7fa-42d2-860d-17c4662c70ad}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:2.0 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.2 FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546 FF - prefs.js..extensions.enabledItems: engine@plasmoo.com:1.0.0.32 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.09.18 08:26:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.09.18 08:26:57 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.08.28 08:32:27 | 000,000,000 | ---D | M] [2010.12.10 13:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Extensions [2011.07.30 17:23:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions [2010.11.10 18:39:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.04.09 11:01:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.06.30 12:40:06 | 000,000,000 | ---D | M] (kikin plugin (Softonic Edition)) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2011.05.05 19:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.04.11 13:21:26 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2010.09.21 18:22:45 | 000,000,000 | ---D | M] (Babylon-English Toolbar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad} [2011.07.30 17:23:07 | 000,000,000 | ---D | M] (Torbutton) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2010.12.10 13:56:56 | 000,000,000 | ---D | M] (MediaBar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} [2011.05.05 19:20:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\engine@plasmoo.com [2010.09.14 14:41:12 | 000,002,506 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\searchplugins\BearShareWebSearch.xml [2010.03.16 11:42:56 | 000,000,927 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\searchplugins\conduit.xml [2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\searchplugins\icqplugin.xml [2011.07.30 17:23:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.05.25 11:39:57 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2008.12.19 00:30:20 | 000,106,128 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npstrlnk.dll [2008.03.15 15:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.21 18:22:42 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2010.09.14 14:41:12 | 000,002,506 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\BearShareWebSearch.xml [2008.03.15 15:56:14 | 000,002,642 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2008.02.19 16:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2006.12.03 17:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2006.11.17 13:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.05.11 17:54:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (CDelHotkeys Object) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Delicious Toolbar) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O4 - HKLM..\Run: [Google Quick Search Box] C:\Programme\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.) O9 - Extra Button: Delicious - {2C887991-08F0-11DC-A9B2-0012F0B227DD} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O9 - Extra Button: Bookmarks - {2C887992-08F0-11DC-A9B2-0012F0B227DD} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O9 - Extra Button: Tag - {2C887993-08F0-11DC-A9B2-0012F0B227DD} - C:\Programme\Delicious Add-on for Internet Explorer\DeliciousExtension.dll (Yahoo!) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Programme\Tall Emu\Online Armor\oaevent.dll (Tall Emu) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.02.16 12:15:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005.11.14 20:40:48 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011.08.18 08:33:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1B2CE [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011.08.19 08:16:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EFEF8E6C-0BD5-4F24-BC04-E9CC0FC61AAC}.job [2011.08.19 07:48:16 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.08.19 07:48:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2011.08.19 07:48:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.08.18 18:19:02 | 007,864,320 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\NTUSER.DAT [2011.08.18 17:41:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.08.18 09:26:23 | 000,000,488 | ---- | M] () -- C:\hpfr5550.xml [2011.08.16 13:05:05 | 000,008,419 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\Bayern Plus.url [2011.08.15 16:27:13 | 000,006,597 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\windows 7.jpg [2011.08.15 16:25:44 | 000,004,424 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\windows7.jpg [2011.08.15 07:35:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.08.13 07:39:09 | 000,007,747 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\imagesCAKEDQG0.jpg [2011.08.13 07:26:52 | 000,005,465 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\images1.jpg [2011.08.11 14:36:10 | 001,295,212 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011.08.11 14:36:10 | 000,574,328 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.08.11 14:36:10 | 000,547,394 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.08.11 14:36:10 | 000,109,814 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.08.11 14:36:10 | 000,092,972 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.08.11 14:34:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.08.09 13:16:55 | 000,068,772 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\beleg Kopie.jpg [2011.08.05 14:46:55 | 000,000,263 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\Parallels Confixx.url [2011.08.04 13:44:10 | 003,106,326 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\beleg.psd [2011.07.23 20:03:35 | 732,610,716 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image_03.nrg [2011.07.23 20:02:36 | 732,610,716 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image_02.nrg [2011.07.23 20:00:30 | 732,610,716 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image.nrg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011.08.15 16:27:51 | 000,004,424 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\windows7.jpg [2011.08.15 16:27:28 | 000,006,597 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\windows 7.jpg [2011.08.13 07:39:33 | 000,007,747 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\imagesCAKEDQG0.jpg [2011.08.13 07:27:58 | 000,005,465 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\images1.jpg [2011.08.09 13:16:52 | 000,068,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\beleg Kopie.jpg [2011.08.04 13:44:10 | 003,106,326 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\beleg.psd [2011.07.23 20:03:09 | 732,610,716 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image_03.nrg [2011.07.23 19:51:03 | 732,610,716 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Image_02.nrg [2010.04.08 08:48:46 | 000,000,056 | ---- | C] () -- C:\WINDOWS\uilib.INI [2010.02.14 13:51:14 | 000,076,407 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Smiley.ico [2010.01.07 17:50:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009.12.28 15:02:54 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2009.08.16 10:26:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009.03.03 08:50:44 | 000,013,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT [2009.02.28 19:57:39 | 009,235,024 | -H-- | C] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2009.02.28 18:42:24 | 000,001,176 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009.02.17 11:14:10 | 000,000,849 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log [2009.02.16 14:46:29 | 000,000,173 | ---- | C] () -- C:\WINDOWS\KPCMS.INI [2009.02.16 14:46:16 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL [2009.02.16 13:38:31 | 000,065,536 | ---- | C] () -- C:\WINDOWS\Dit.DLL [2009.02.16 13:38:31 | 000,000,208 | ---- | C] () -- C:\WINDOWS\Dit.INI [2009.02.16 12:19:42 | 000,000,062 | -HS- | C] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\desktop.ini [2009.02.16 12:15:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2009.02.16 12:12:48 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2009.02.16 12:12:48 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2009.02.16 12:11:51 | 000,027,055 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2009.02.16 12:11:50 | 000,003,999 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2009.02.16 12:07:39 | 001,295,212 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009.02.16 12:07:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009.02.16 12:07:07 | 000,000,062 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini [2008.09.18 00:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004.11.18 09:16:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\nktwab.dll [2004.08.04 14:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2004.08.04 14:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2004.08.04 14:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2004.08.04 14:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2004.08.04 14:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll [2004.08.04 14:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2004.08.04 14:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2004.08.04 14:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2004.08.04 14:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2004.08.04 14:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2004.08.04 14:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2004.08.04 14:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2004.08.04 14:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2004.08.04 14:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2004.08.04 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2004.08.04 14:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2004.08.04 14:00:00 | 000,034,032 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2004.08.04 14:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2004.08.04 14:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2004.08.04 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2004.08.04 14:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2004.08.04 14:00:00 | 000,027,914 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2004.08.04 14:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2004.08.04 14:00:00 | 000,017,241 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2004.08.04 14:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2004.08.04 14:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2004.08.04 14:00:00 | 000,014,060 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2004.08.04 14:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2004.08.04 14:00:00 | 000,009,032 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2004.08.04 14:00:00 | 000,006,287 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2004.08.04 14:00:00 | 000,004,992 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2004.08.04 14:00:00 | 000,004,438 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2004.08.04 14:00:00 | 000,004,233 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2004.08.04 14:00:00 | 000,001,783 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2004.08.04 14:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2004.08.04 14:00:00 | 000,000,562 | ---- | C] () -- C:\WINDOWS\win.ini [2004.08.04 14:00:00 | 000,000,369 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2004.08.04 14:00:00 | 000,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2003.11.18 10:03:28 | 000,200,704 | --S- | C] () -- C:\WINDOWS\System32\archlib.dll [2003.03.09 22:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll [2001.08.18 06:54:08 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll < End of report > --------------- Ich finde kein Extras EXTRAS.txt nur dieses OTL.txt |
|
|
|
|
|
|
19.08.2011, 15:29
Member
Beiträge: 34 |
#6
Mache bitte noch einen [url=http://www.chip.de/downloads/Malwarebytes-Anti-Malware_27322637.html]Mbam[/url] scan. Vor dem Scan aktuallisieren und dein AV ausschalten. Ein Quikscan reicht aus. Falls Maleware gefunden wird, aus keinen fall entfernen
|
|
|
|
|
|
|
19.08.2011, 17:35
Member
Themenstarter Beiträge: 262 |
#7
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org Datenbank Version: 7507 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 19.08.2011 17:33:18 mbam-log-2011-08-19 (17-33-18).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 155660 Laufzeit: 2 Minute(n), 22 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
|
|
|
|
|
19.08.2011, 21:46
Member
Beiträge: 34 |
#8
Seit wann ist die Geschwindigkeit gedrosselt?
Zitat [2011.08.11 14:34:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAKDie Datei bitte mal bei Virustotal.com uppen und Link zum Scan geben (Korrigiere mich wenns unsinnig ist, @Swiss) Hat du einen HP Drucker? Das würde die 'hpfr5550.xml' erklären. Zitat [2010.04.08 08:48:46 | 000,000,056 | ---- | C] () -- C:\WINDOWS\uilib.INIDen Inhalt dieser Datei würde ich gerne sehen. 'KPCMS.INI' kommt mir auch leicht verdächtig vor. ich denke dich hats erwischt, gewissheit wird Virustotal geben |
|
|
|
|
|
|
20.08.2011, 11:55
Member
Themenstarter Beiträge: 262 |
#9
Wo sollte ich diese Datei (zitat) eingeben unter search ?
|
|
|
|
|
|
|
20.08.2011, 13:39
Member
Beiträge: 34 |
#10
Die Datei 'C:\WINDOWS\imsins.BAK' sollst du auf Virustotal.com hochladn und den Link posten.
'C:\WINDOWS\uilib.INI' mit Notepad öffnen und hier als Zitat posten |
|
|
|
|
|
|
21.08.2011, 08:00
Member
Themenstarter Beiträge: 262 |
#11
[Tip]
TimeStamp=Thu May 22 16:05:49 2003 FilePos=139 virustotal.com strukturieren gerade um, file uploaden wird nicht angenommen ich habe alles versucht. |
|
|
|
|
|
|
21.08.2011, 12:45
Member
Beiträge: 34 |
#12
Probiers nochmal, von hieraus gehts - kann aber sein das die host datei manipuliert wurde, um anfragen dahin zu sperren. Sonst probiere noch http://virusscan.Jotti.org/de
Falls das nicht geht, lade die datei bei xup.in hoch und ich werde sie bei Virustotal uploaden (Habe Linux, kann mich also daran nicht infecten) |
|
|
|
|
|
|
21.08.2011, 13:10
Member
Themenstarter Beiträge: 262 |
#13
Alles in Ordnung keine verdächtigen Daten, alles Grün ibei msins.BAK und uilib.INI
|
|
|
|
|
|
|
21.08.2011, 13:19
Member
Beiträge: 34 |
||
|
|
|
|
|
21.08.2011, 14:14
Member
Themenstarter Beiträge: 262 |
#15
ComboFix 11-08-21.01 - Admin 21.08.2011 14:00:00.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.3054.2606 [GMT 2:00] ausgeführt von:: c:\dokumente und einstellungen\Admin\Desktop\tools\ComboFix.exe FW: Online Armor Firewall *Disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\dokumente und einstellungen\Admin\4.0 c:\windows\IsUn0407.exe c:\windows\system32\MailBee.dll E:\RECYCLER(2) e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1000.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1001.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1002.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1003.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1004.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1005.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1006.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1007.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1008.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1009.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1010.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1011.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1012.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1013.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1014.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1015.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1016.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1017.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1018.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1019.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1020.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1021.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1022.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1023.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1024.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1025.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1026.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1027.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1028.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1029.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1030.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1031.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1032.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1033.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1034.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1035.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1036.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1037.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1038.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1039.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1040.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1041.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1042.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1043.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1044.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1045.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1046.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1047.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1048.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1049.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1050.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1051.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1052.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1053.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1054.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1055.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1056.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1057.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1058.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1059.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1060.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1061.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1062.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1063.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1064.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1065.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1066.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1067.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1068.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1069.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1070.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1071.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1072.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1073.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1074.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1075.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1076.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1077.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1078.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1079.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1080.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1081.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1082.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1083.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1084.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1085.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1086.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1087.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1088.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1089.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1090.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1091.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1092.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1093.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1097.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1098.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1099.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1100.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1101.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1102.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1103.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1104.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1105.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1106.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1107.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1108.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1109.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1110.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1111.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1112.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1113.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1114.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1115.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1116.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1117.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1118.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1119.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1120.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1121.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1122.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1123.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1124.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1125.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1126.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1127.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1128.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1129.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1130.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1131.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1132.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1133.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1134.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1135.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1136.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1137.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De1138.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De918.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De919.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De920.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De921.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De922.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De923.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De924.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De925.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De926.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De927.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De928.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De929.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De930.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De931.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De932.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De933.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De934.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De935.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De936.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De937.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De938.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De939.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De940.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De941.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De942.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De943.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De944.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De945.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De946.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De947.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De948.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De949.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De950.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De951.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De952.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De953.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De954.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De955.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De956.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De957.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De958.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De959.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De961.ZIP e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De962.zip e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De964.ZIP e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De967.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De968.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De969.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De970.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De971.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De972.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De973.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De974.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De975.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De976.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De977.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De978.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De979.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De980.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De981.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De982.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De983.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De984.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De985.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De986.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De987.db e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De988.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De989.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De990.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De991.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De992.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De993.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De994.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De995.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De996.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De997.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De998.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\De999.jpg e:\recycler(2)\S-1-5-21-3604470327-3723271197-3242847100-1005\INFO2 . . ((((((((((((((((((((((( Dateien erstellt von 2011-07-21 bis 2011-08-21 )))))))))))))))))))))))))))))) . . 2011-08-20 11:26 . 2011-08-20 11:26 -------- d-----w- c:\windows\system32\wbem\Repository 2011-08-20 11:26 . 2011-08-20 11:26 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\1F271 2011-08-18 06:33 . 2011-08-18 06:33 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\1B2CE 2011-08-11 05:16 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys 2011-08-11 05:16 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-15 13:29 . 2004-08-04 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02 . 2004-08-04 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-06-24 14:10 . 2009-02-16 10:11 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:31 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2011-06-23 18:31 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-06-23 18:31 . 2004-08-04 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-06-23 12:05 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec 2011-06-20 17:44 . 2004-08-04 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-06-18 09:01 . 2011-06-18 09:01 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-06 11:35 . 2004-08-04 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((( SnapShot@2011-05-11_15.54.33 ))))))))))))))))))))))))))))))))))))))))) . + 2011-08-21 05:22 . 2011-08-21 05:22 16384 c:\windows\Temp\Perflib_Perfdata_458.dat - 2004-08-04 12:00 . 2011-04-13 11:28 92972 c:\windows\system32\perfc009.dat + 2004-08-04 12:00 . 2011-08-11 12:36 92972 c:\windows\system32\perfc009.dat - 2004-08-04 12:00 . 2011-02-22 23:05 66560 c:\windows\system32\mshtmled.dll + 2004-08-04 12:00 . 2011-06-23 18:31 66560 c:\windows\system32\mshtmled.dll + 2007-08-13 17:54 . 2011-06-23 18:31 55296 c:\windows\system32\msfeedsbs.dll - 2007-08-13 17:54 . 2011-02-22 23:05 55296 c:\windows\system32\msfeedsbs.dll + 2004-08-04 12:00 . 2011-06-23 18:31 25600 c:\windows\system32\jsproxy.dll - 2004-08-04 12:00 . 2011-02-22 23:05 25600 c:\windows\system32\jsproxy.dll - 2009-02-16 10:06 . 2011-04-13 15:03 95864 c:\windows\system32\FNTCACHE.DAT + 2009-02-16 10:06 . 2011-07-13 19:17 95864 c:\windows\system32\FNTCACHE.DAT - 2010-07-14 17:53 . 2011-02-22 23:05 12800 c:\windows\system32\dllcache\xpshims.dll + 2010-07-14 17:53 . 2011-06-23 18:31 12800 c:\windows\system32\dllcache\xpshims.dll - 2004-08-04 12:00 . 2011-02-22 23:05 66560 c:\windows\system32\dllcache\mshtmled.dll + 2004-08-04 12:00 . 2011-06-23 18:31 66560 c:\windows\system32\dllcache\mshtmled.dll - 2009-02-16 13:46 . 2011-02-22 23:05 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2009-02-16 13:46 . 2011-06-23 18:31 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2004-08-04 12:00 . 2011-02-22 23:05 43520 c:\windows\system32\dllcache\licmgr10.dll + 2004-08-04 12:00 . 2011-06-23 18:31 43520 c:\windows\system32\dllcache\licmgr10.dll + 2004-08-04 12:00 . 2011-06-23 18:31 25600 c:\windows\system32\dllcache\jsproxy.dll - 2004-08-04 12:00 . 2011-02-22 23:05 25600 c:\windows\system32\dllcache\jsproxy.dll - 2004-08-04 12:00 . 2010-12-09 14:29 33280 c:\windows\system32\dllcache\csrsrv.dll + 2004-08-04 12:00 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll - 2004-08-04 12:00 . 2010-12-09 14:29 33280 c:\windows\system32\csrsrv.dll + 2004-08-04 12:00 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll + 2009-02-16 10:18 . 2011-08-02 11:36 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat - 2009-02-16 10:18 . 2009-03-27 17:14 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat - 2009-02-16 10:18 . 2009-03-27 17:14 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat + 2009-02-16 10:18 . 2011-08-02 11:36 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat + 2011-08-02 11:36 . 2011-08-02 11:36 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2011-08-04 15:36 . 2011-08-04 15:36 22016 c:\windows\Installer\1c74e0.msi + 2011-08-11 12:32 . 2011-04-25 16:05 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll + 2011-08-11 12:32 . 2011-04-25 16:05 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll + 2011-08-11 12:32 . 2011-04-25 16:05 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll + 2011-08-11 12:32 . 2011-04-25 16:05 43520 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll + 2011-08-11 12:32 . 2011-04-25 16:05 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll + 2011-06-16 17:49 . 2011-02-22 23:05 12800 c:\windows\ie8updates\KB2530548-IE8\xpshims.dll + 2011-06-16 17:49 . 2011-02-22 23:05 66560 c:\windows\ie8updates\KB2530548-IE8\mshtmled.dll + 2011-06-16 17:49 . 2011-02-22 23:05 55296 c:\windows\ie8updates\KB2530548-IE8\msfeedsbs.dll + 2011-06-16 17:49 . 2011-02-22 23:05 43520 c:\windows\ie8updates\KB2530548-IE8\licmgr10.dll + 2011-06-16 17:49 . 2011-02-22 23:05 25600 c:\windows\ie8updates\KB2530548-IE8\jsproxy.dll + 2011-06-30 17:36 . 2011-06-30 17:36 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\1492e9393417d6e91b5ddc746b5ef320\UIAutomationProvider.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\343c52b741531ce9ae874ea7508831a7\System.Windows.Presentation.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\246110974e3c48733458819b07464b23\System.Web.DynamicData.Design.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ace861fe8dbf146c3e449abaa7691e9f\System.ComponentModel.DataAnnotations.ni.dll + 2011-06-30 18:28 . 2011-06-30 18:28 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\177a17af98d803ab79006d6785706462\System.AddIn.Contract.ni.dll + 2011-08-11 15:10 . 2011-08-11 15:10 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\40ee65aacd9d7472cd6f8dddbfca604b\PresentationFontCache.ni.exe + 2011-08-11 15:10 . 2011-08-11 15:10 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\12c424eed7ee0e9c017bf72ff09eb78c\PresentationCFFRasterizer.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f9c514544c8e23220493cd42a0e20678\Microsoft.Vsa.ni.dll + 2011-06-30 18:28 . 2011-06-30 18:28 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\f5057c30d89ad8d99e38c946a68def9e\Microsoft.Build.Framework.ni.dll + 2011-06-30 18:28 . 2011-06-30 18:28 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\623c05a555ac0719a1367f511d4a9270\Microsoft.Build.Framework.ni.dll + 2011-06-30 18:27 . 2011-06-30 18:27 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\c40d3caad8bff3c52db7e7562286406a\dfsvc.ni.exe + 2011-06-30 18:27 . 2011-06-30 18:27 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll - 2011-04-13 11:28 . 2011-04-13 11:28 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2011-08-11 12:35 . 2011-08-11 12:35 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2011-04-13 11:28 . 2011-04-13 11:28 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2011-08-11 12:35 . 2011-08-11 12:35 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2011-04-13 11:28 . 2011-04-13 11:28 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2011-08-11 12:35 . 2011-08-11 12:35 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2011-08-11 12:35 . 2011-08-11 12:35 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2011-04-13 11:28 . 2011-04-13 11:28 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2011-04-13 11:28 . 2011-04-13 11:28 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2011-08-11 12:35 . 2011-08-11 12:35 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2011-08-11 12:35 . 2011-08-11 12:35 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2011-04-13 11:28 . 2011-04-13 11:28 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2011-08-11 12:35 . 2011-08-11 12:35 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2011-04-13 11:28 . 2011-04-13 11:28 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2011-04-13 11:28 . 2011-04-13 11:28 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2011-08-11 12:35 . 2011-08-11 12:35 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2011-04-13 11:28 . 2011-04-13 11:28 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2011-08-11 12:35 . 2011-08-11 12:35 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2011-08-11 12:35 . 2011-08-11 12:35 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2011-04-13 11:28 . 2011-04-13 11:28 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2011-08-11 12:35 . 2011-08-11 12:35 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2011-04-13 11:28 . 2011-04-13 11:28 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2011-08-11 12:35 . 2011-08-11 12:35 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2011-04-13 11:28 . 2011-04-13 11:28 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2011-08-11 12:35 . 2011-08-11 12:35 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2011-04-13 11:28 . 2011-04-13 11:28 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2011-07-13 18:21 . 2010-12-09 14:29 33280 c:\windows\$NtUninstallKB2507938$\csrsrv.dll + 2011-07-13 18:20 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2555917\update\spcustom.dll + 2011-07-13 18:20 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2555917\spmsg.dll + 2011-06-16 17:49 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2544893\update\spcustom.dll + 2011-06-16 17:49 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2544893\spmsg.dll + 2011-06-16 17:49 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2544521-IE8\update\spcustom.dll + 2011-06-16 17:49 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2544521-IE8\spmsg.dll + 2011-06-29 08:26 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2541763\update\spcustom.dll + 2011-06-29 08:26 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2541763\spmsg.dll + 2011-06-16 17:49 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2536276\update\spcustom.dll + 2011-06-16 17:49 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2536276\spmsg.dll + 2011-06-16 17:49 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2535512\update\spcustom.dll + 2011-06-16 17:49 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2535512\spmsg.dll + 2011-06-16 17:49 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2530548-IE8\update\spcustom.dll + 2011-06-16 17:49 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2530548-IE8\spmsg.dll + 2011-06-16 06:45 . 2011-04-25 16:04 12800 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\xpshims.dll + 2011-06-16 06:45 . 2011-04-25 16:04 66560 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtmled.dll + 2011-06-16 06:45 . 2011-04-25 16:04 55296 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeedsbs.dll + 2011-06-16 06:45 . 2011-04-25 16:04 43520 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\licmgr10.dll + 2011-06-16 06:45 . 2011-04-25 16:04 25600 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\jsproxy.dll + 2011-07-13 18:21 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2507938\update\spcustom.dll + 2011-07-13 18:21 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2507938\spmsg.dll + 2011-04-26 11:02 . 2011-04-26 11:02 33280 c:\windows\$hf_mig$\KB2507938\SP3QFE\csrsrv.dll + 2011-06-16 17:50 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2503665\update\spcustom.dll + 2011-06-16 17:50 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2503665\spmsg.dll + 2011-06-16 17:50 . 2010-07-05 13:14 26488 c:\windows\$hf_mig$\KB2476490\update\spcustom.dll + 2011-06-16 17:50 . 2010-07-05 13:14 18808 c:\windows\$hf_mig$\KB2476490\spmsg.dll + 2011-08-11 12:35 . 2011-08-11 12:35 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2011-04-13 11:28 . 2011-04-13 11:28 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2011-04-13 11:28 . 2011-04-13 11:28 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2011-08-11 12:35 . 2011-08-11 12:35 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2011-08-11 12:35 . 2011-08-11 12:35 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2011-04-13 11:28 . 2011-04-13 11:28 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2011-04-13 11:28 . 2011-04-13 11:28 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2011-08-11 12:35 . 2011-08-11 12:35 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2011-04-13 11:28 . 2011-04-13 11:28 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2011-08-11 12:35 . 2011-08-11 12:35 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2011-04-13 11:28 . 2011-04-13 11:28 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2011-08-11 12:35 . 2011-08-11 12:35 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2011-04-13 11:28 . 2011-04-13 11:28 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2011-08-11 12:35 . 2011-08-11 12:35 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2004-08-04 12:00 . 2011-06-23 18:31 105984 c:\windows\system32\url.dll - 2004-08-04 12:00 . 2009-03-08 02:34 105984 c:\windows\system32\url.dll + 2004-08-04 12:00 . 2011-04-29 17:25 151552 c:\windows\system32\schannel.dll + 2010-05-29 06:59 . 2011-08-20 11:27 174032 c:\windows\system32\Restore\rstrlog.dat + 2004-08-04 12:00 . 2011-08-11 12:36 547394 c:\windows\system32\perfh009.dat - 2004-08-04 12:00 . 2011-04-13 11:28 547394 c:\windows\system32\perfh009.dat - 2004-08-04 12:00 . 2011-04-13 11:28 574328 c:\windows\system32\perfh007.dat + 2004-08-04 12:00 . 2011-08-11 12:36 574328 c:\windows\system32\perfh007.dat + 2004-08-04 12:00 . 2011-08-11 12:36 109814 c:\windows\system32\perfc007.dat - 2004-08-04 12:00 . 2011-04-13 11:28 109814 c:\windows\system32\perfc007.dat + 2004-08-04 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll - 2004-08-04 12:00 . 2008-04-14 02:22 551936 c:\windows\system32\oleaut32.dll - 2004-08-04 12:00 . 2011-02-22 23:05 206848 c:\windows\system32\occache.dll + 2004-08-04 12:00 . 2011-06-23 18:31 206848 c:\windows\system32\occache.dll - 2004-08-04 12:00 . 2011-02-22 23:05 611840 c:\windows\system32\mstime.dll + 2004-08-04 12:00 . 2011-06-23 18:31 611840 c:\windows\system32\mstime.dll + 2007-08-13 17:54 . 2011-06-23 18:31 602112 c:\windows\system32\msfeeds.dll - 2007-08-13 17:54 . 2011-02-22 23:05 602112 c:\windows\system32\msfeeds.dll + 2011-06-18 09:01 . 2011-06-18 09:01 240288 c:\windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe + 2011-06-18 09:01 . 2011-06-18 09:01 321184 c:\windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.dll + 2009-02-16 10:13 . 2011-05-02 15:31 692736 c:\windows\system32\inetcomm.dll - 2009-02-16 10:13 . 2011-03-07 05:33 692736 c:\windows\system32\inetcomm.dll + 2004-08-04 12:00 . 2011-06-23 18:31 184320 c:\windows\system32\iepeers.dll - 2004-08-04 12:00 . 2011-02-22 23:05 184320 c:\windows\system32\iepeers.dll - 2004-08-04 12:00 . 2011-02-22 23:05 387584 c:\windows\system32\iedkcs32.dll + 2004-08-04 12:00 . 2011-06-23 18:31 387584 c:\windows\system32\iedkcs32.dll - 2004-08-04 12:00 . 2011-02-18 11:49 173568 c:\windows\system32\ie4uinit.exe + 2004-08-04 12:00 . 2011-06-23 12:05 173568 c:\windows\system32\ie4uinit.exe + 2004-08-04 12:00 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys - 2004-08-04 12:00 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys + 2004-08-04 12:00 . 2011-02-16 13:22 138496 c:\windows\system32\drivers\afd.sys - 2010-06-18 17:44 . 2010-06-18 17:44 293888 c:\windows\system32\dllcache\winsrv.dll + 2010-06-18 17:44 . 2011-06-20 17:44 293888 c:\windows\system32\dllcache\winsrv.dll + 2004-08-04 12:00 . 2011-06-23 18:31 916480 c:\windows\system32\dllcache\wininet.dll - 2004-08-04 12:00 . 2011-02-22 23:05 916480 c:\windows\system32\dllcache\wininet.dll + 2009-02-16 10:13 . 2011-04-30 03:01 758784 c:\windows\system32\dllcache\vgx.dll + 2004-08-04 12:00 . 2011-06-23 18:31 105984 c:\windows\system32\dllcache\url.dll - 2004-08-04 12:00 . 2009-03-08 02:34 105984 c:\windows\system32\dllcache\url.dll + 2004-08-04 12:00 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll + 2004-08-04 12:00 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll - 2004-08-04 12:00 . 2008-04-14 02:22 551936 c:\windows\system32\dllcache\oleaut32.dll + 2004-08-04 12:00 . 2011-06-23 18:31 206848 c:\windows\system32\dllcache\occache.dll - 2004-08-04 12:00 . 2011-02-22 23:05 206848 c:\windows\system32\dllcache\occache.dll + 2011-06-16 06:45 . 2011-04-21 13:37 105472 c:\windows\system32\dllcache\mup.sys + 2004-08-04 12:00 . 2011-06-23 18:31 611840 c:\windows\system32\dllcache\mstime.dll - 2004-08-04 12:00 . 2011-02-22 23:05 611840 c:\windows\system32\dllcache\mstime.dll - 2009-02-16 13:46 . 2011-02-22 23:05 602112 c:\windows\system32\dllcache\msfeeds.dll + 2009-02-16 13:46 . 2011-06-23 18:31 602112 c:\windows\system32\dllcache\msfeeds.dll + 2009-02-17 07:00 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys + 2009-02-16 16:47 . 2011-05-02 15:31 692736 c:\windows\system32\dllcache\inetcomm.dll - 2009-02-16 16:47 . 2011-03-07 05:33 692736 c:\windows\system32\dllcache\inetcomm.dll + 2010-07-14 17:53 . 2011-06-23 18:31 247808 c:\windows\system32\dllcache\ieproxy.dll - 2010-07-14 17:53 . 2011-02-22 23:05 247808 c:\windows\system32\dllcache\ieproxy.dll - 2004-08-04 12:00 . 2011-02-22 23:05 184320 c:\windows\system32\dllcache\iepeers.dll + 2004-08-04 12:00 . 2011-06-23 18:31 184320 c:\windows\system32\dllcache\iepeers.dll + 2010-07-14 17:53 . 2011-06-23 18:31 743424 c:\windows\system32\dllcache\iedvtool.dll - 2010-07-14 17:53 . 2011-02-22 23:05 743424 c:\windows\system32\dllcache\iedvtool.dll - 2004-08-04 12:00 . 2011-02-22 23:05 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2004-08-04 12:00 . 2011-06-23 18:31 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2004-08-04 12:00 . 2011-02-18 11:49 173568 c:\windows\system32\dllcache\ie4uinit.exe + 2004-08-04 12:00 . 2011-06-23 12:05 173568 c:\windows\system32\dllcache\ie4uinit.exe + 2004-08-04 12:00 . 2011-02-16 13:22 138496 c:\windows\system32\dllcache\afd.sys - 2004-08-04 12:00 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys - 2011-01-18 02:39 . 2011-01-18 02:39 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2011-03-25 04:15 . 2011-03-25 04:15 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll - 2011-01-18 02:39 . 2011-01-18 02:39 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2011-03-25 04:15 . 2011-03-25 04:15 363856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - 2011-01-18 02:39 . 2011-01-18 02:39 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2011-03-25 04:15 . 2011-03-25 04:15 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2011-08-11 12:32 . 2011-04-25 16:05 916480 c:\windows\ie8updates\KB2559049-IE8\wininet.dll + 2011-08-11 12:32 . 2009-03-08 02:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll + 2011-08-11 12:32 . 2010-07-05 13:14 388984 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll + 2011-08-11 12:32 . 2010-07-05 13:14 234872 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe + 2011-08-11 12:32 . 2011-04-25 16:05 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll + 2011-08-11 12:32 . 2011-04-25 16:05 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll + 2011-08-11 12:32 . 2011-04-25 16:05 602112 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll + 2011-08-11 12:32 . 2011-04-25 16:05 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll + 2011-08-11 12:32 . 2011-04-25 16:05 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll + 2011-08-11 12:32 . 2011-04-25 16:05 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll + 2011-08-11 12:32 . 2011-04-25 16:05 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll + 2011-08-11 12:32 . 2011-04-25 12:01 173568 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe + 2011-06-16 17:49 . 2009-03-08 02:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll + 2011-06-16 17:49 . 2010-07-05 13:14 388984 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe + 2011-06-16 17:49 . 2011-02-22 23:05 916480 c:\windows\ie8updates\KB2530548-IE8\wininet.dll + 2011-06-16 17:49 . 2010-07-05 13:14 388984 c:\windows\ie8updates\KB2530548-IE8\spuninst\updspapi.dll + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\ie8updates\KB2530548-IE8\spuninst\spuninst.exe + 2011-06-16 17:49 . 2011-02-22 23:05 206848 c:\windows\ie8updates\KB2530548-IE8\occache.dll + 2011-06-16 17:49 . 2011-02-22 23:05 611840 c:\windows\ie8updates\KB2530548-IE8\mstime.dll + 2011-06-16 17:49 . 2011-02-22 23:05 602112 c:\windows\ie8updates\KB2530548-IE8\msfeeds.dll + 2011-06-16 17:49 . 2011-02-22 23:05 247808 c:\windows\ie8updates\KB2530548-IE8\ieproxy.dll + 2011-06-16 17:49 . 2011-02-22 23:05 184320 c:\windows\ie8updates\KB2530548-IE8\iepeers.dll + 2011-06-16 17:49 . 2011-02-22 23:05 743424 c:\windows\ie8updates\KB2530548-IE8\iedvtool.dll + 2011-06-16 17:49 . 2011-02-22 23:05 387584 c:\windows\ie8updates\KB2530548-IE8\iedkcs32.dll + 2011-06-16 17:49 . 2011-02-18 11:49 173568 c:\windows\ie8updates\KB2530548-IE8\ie4uinit.exe + 2009-02-17 07:00 . 2011-07-15 13:29 456320 c:\windows\Driver Cache\i386\mrxsmb.sys + 2011-08-11 15:16 . 2011-08-11 15:16 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\cc14c69205b984edba1db26fd5e421ac\WsatConfig.ni.exe + 2011-08-11 15:11 . 2011-08-11 15:11 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\39ce0c9c9cc294c0ee26c4ff01522961\WindowsFormsIntegration.ni.dll + 2011-06-30 17:36 . 2011-06-30 17:36 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\3740d6db28af31a6523a79fcdd71fbeb\UIAutomationTypes.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\431e918aee8da919f5b9e3a5195ccf93\UIAutomationClient.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\946eefb99bc116ee68e0e7c69a5a8a5c\System.Xml.Linq.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a82eef3128b9527dc05b3c8667e713bc\System.Web.Routing.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\203c148c913357bfc2ae9d209101f2b3\System.Web.RegularExpressions.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f89fe39468ea6faf71c4257c89cf3c54\System.Web.Extensions.Design.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2314ff800782dc85224e69e802a073f7\System.Web.Entity.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f690a8f5d784a5bb20f2cbaa7277eb6c\System.Web.Entity.Design.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c5c96400424b85536443623f96f64581\System.Web.DynamicData.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5f8e87b47465a038403e73012c6d102a\System.Web.Abstractions.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\846dd505f97805f00999ee26aec9bf75\System.Transactions.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\de9cd25ccb24bcf8a0316756e766721f\System.Security.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\21248037960cf6dfa2ce401d355bd6c9\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\480ea914e13fe41cdd8fb542bb1f7e81\System.Net.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\dc72c7581f1b3794c0ea595ba02ff7ad\System.Management.Instrumentation.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\fcf8612a210d1f76e0b37dc8467b4696\System.IO.Log.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ec017b5a95d02fccaefd835490ef1e14\System.IdentityModel.Selectors.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.Wrapper.dll + 2011-08-11 15:33 . 2011-08-11 15:33 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\75f452279422a7898e840ee5768c9d2e\System.EnterpriseServices.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\f7cd3d07c15366b76fe4c38d24455d6b\System.Drawing.Design.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\822c996e6ad4901219b7de399a6f78bf\System.DirectoryServices.AccountManagement.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1ffe911e62f482e42be2c4428bd08c10\System.DirectoryServices.Protocols.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\e1c009b2c9becdb732a2ea45f32a46b8\System.Data.Services.Design.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1defd94e1662a4478ccf2cd0b1b4e6a6\System.Data.Services.Client.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04267c1dbdcdd8ec37e1518126767ead\System.Data.Entity.Design.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\f2a6d41b3f6e26eea6dcac9298aa637b\System.Data.DataSetExtensions.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\585e68739b2a8aff61ee6b2786513245\System.Configuration.Install.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\fbf6ef12d1456058acde29f2640092fb\System.AddIn.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\896e42071939e038008b0bbbfed1213c\SMSvcHost.ni.exe + 2011-08-11 15:16 . 2011-08-11 15:16 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a5aa977dd575a6beb3a416bd480b98a7\ServiceModelReg.ni.exe + 2011-08-11 15:10 . 2011-08-11 15:10 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f52e48f55258d0a04fbab3a1f93752e9\PresentationFramework.Classic.ni.dll + 2011-08-11 15:10 . 2011-08-11 15:10 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\cf812b99f587ab514afb36fa9d4c1567\PresentationFramework.Aero.ni.dll + 2011-08-11 15:10 . 2011-08-11 15:10 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b7795999cc67f3a6cec40f5b24005e00\PresentationFramework.Luna.ni.dll + 2011-08-11 15:10 . 2011-08-11 15:10 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09f5af61ea2af04eb32c04b3091ffc86\PresentationFramework.Royale.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\2d89c7b72bc8e527b26d5b6f3b931012\MSBuild.ni.exe + 2011-08-11 15:16 . 2011-08-11 15:16 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\39e9d172f0cf5eec30b1b67212cc032b\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\f1b0ec3ccde9142e67ac681fb521ac66\Microsoft.Build.Utilities.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\9250f038410f0d6432e3ccb0b046862b\Microsoft.Build.Utilities.v3.5.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\a4672179aba638cd78bdfe268391b47b\Microsoft.Build.Engine.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\37db660a84ee52b61a7ca55812581bbd\Microsoft.Build.Conversion.v3.5.ni.dll + 2011-06-30 18:28 . 2011-06-30 18:28 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\80bd17388778c90f301746ad88700758\CustomMarshalers.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\fe9a21b94803f74697bb42b9d1fdea5b\ComSvcConfig.ni.exe + 2011-08-11 15:16 . 2011-08-11 15:16 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\f160c8e40b60edd47ae74b0b911fece1\AspNetMMCExt.ni.dll - 2011-04-13 11:28 . 2011-04-13 11:28 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2011-08-11 12:35 . 2011-08-11 12:35 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2011-04-13 11:28 . 2011-04-13 11:28 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2011-08-11 12:35 . 2011-08-11 12:35 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2011-08-11 12:35 . 2011-08-11 12:35 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2011-04-13 11:28 . 2011-04-13 11:28 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2011-04-13 11:28 . 2011-04-13 11:28 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2011-08-11 12:35 . 2011-08-11 12:35 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2011-04-13 11:28 . 2011-04-13 11:28 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2011-08-11 12:35 . 2011-08-11 12:35 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2011-04-13 11:28 . 2011-04-13 11:28 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2011-08-11 12:35 . 2011-08-11 12:35 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2011-08-11 12:35 . 2011-08-11 12:35 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2011-04-13 11:28 . 2011-04-13 11:28 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2011-04-13 11:28 . 2011-04-13 11:28 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2011-08-11 12:35 . 2011-08-11 12:35 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2011-08-11 12:35 . 2011-08-11 12:35 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2011-04-13 11:28 . 2011-04-13 11:28 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2011-08-11 12:35 . 2011-08-11 12:35 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2011-04-13 11:28 . 2011-04-13 11:28 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2011-04-13 11:28 . 2011-04-13 11:28 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2011-08-11 12:35 . 2011-08-11 12:35 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2011-04-13 11:28 . 2011-04-13 11:28 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2011-08-11 12:35 . 2011-08-11 12:35 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2011-04-13 11:28 . 2011-04-13 11:28 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2011-08-11 12:35 . 2011-08-11 12:35 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2011-08-11 12:35 . 2011-08-11 12:35 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2011-04-13 11:28 . 2011-04-13 11:28 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2011-04-13 11:28 . 2011-04-13 11:28 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2011-08-11 12:35 . 2011-08-11 12:35 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2011-08-11 12:35 . 2011-08-11 12:35 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2011-04-13 11:28 . 2011-04-13 11:28 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2011-08-11 12:35 . 2011-08-11 12:35 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2011-04-13 11:28 . 2011-04-13 11:28 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2011-08-11 12:35 . 2011-08-11 12:35 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2011-04-13 11:28 . 2011-04-13 11:28 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2011-04-13 11:28 . 2011-04-13 11:28 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2011-08-11 12:35 . 2011-08-11 12:35 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2011-04-13 11:28 . 2011-04-13 11:28 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2011-08-11 12:35 . 2011-08-11 12:35 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2011-08-11 12:35 . 2011-08-11 12:35 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2011-04-13 11:28 . 2011-04-13 11:28 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2011-04-13 11:28 . 2011-04-13 11:28 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2011-08-11 12:35 . 2011-08-11 12:35 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2011-08-11 12:35 . 2011-08-11 12:35 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2011-04-13 11:28 . 2011-04-13 11:28 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2011-04-13 11:28 . 2011-04-13 11:28 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2011-08-11 12:35 . 2011-08-11 12:35 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2011-08-11 12:35 . 2011-08-11 12:35 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2011-04-13 11:28 . 2011-04-13 11:28 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2011-04-13 11:28 . 2011-04-13 11:28 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2011-08-11 12:35 . 2011-08-11 12:35 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2011-07-13 18:20 . 2010-07-05 13:14 388984 c:\windows\$NtUninstallKB2555917$\spuninst\updspapi.dll + 2011-07-13 18:20 . 2010-07-05 13:14 234872 c:\windows\$NtUninstallKB2555917$\spuninst\spuninst.exe + 2011-06-16 17:49 . 2010-07-05 13:14 388984 c:\windows\$NtUninstallKB2544893$\spuninst\updspapi.dll + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\$NtUninstallKB2544893$\spuninst\spuninst.exe + 2011-06-16 17:49 . 2011-03-07 05:33 692736 c:\windows\$NtUninstallKB2544893$\inetcomm.dll + 2011-06-29 08:26 . 2010-07-05 13:14 388984 c:\windows\$NtUninstallKB2541763$\spuninst\updspapi.dll + 2011-06-29 08:26 . 2010-07-05 13:14 234872 c:\windows\$NtUninstallKB2541763$\spuninst\spuninst.exe + 2011-06-29 08:26 . 2010-06-30 12:28 149504 c:\windows\$NtUninstallKB2541763$\schannel.dll + 2011-06-16 17:49 . 2010-07-05 13:14 388984 c:\windows\$NtUninstallKB2536276$\spuninst\updspapi.dll + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\$NtUninstallKB2536276$\spuninst\spuninst.exe + 2011-06-16 17:49 . 2011-02-17 13:18 455936 c:\windows\$NtUninstallKB2536276$\mrxsmb.sys + 2011-06-16 17:49 . 2010-07-05 13:14 388984 c:\windows\$NtUninstallKB2535512$\spuninst\updspapi.dll + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\$NtUninstallKB2535512$\spuninst\spuninst.exe + 2011-06-16 17:49 . 2008-04-13 19:17 105344 c:\windows\$NtUninstallKB2535512$\mup.sys + 2011-07-13 18:21 . 2010-06-18 17:44 293888 c:\windows\$NtUninstallKB2507938$\winsrv.dll + 2011-07-13 18:21 . 2010-07-05 13:14 388984 c:\windows\$NtUninstallKB2507938$\spuninst\updspapi.dll + 2011-07-13 18:21 . 2010-07-05 13:14 234872 c:\windows\$NtUninstallKB2507938$\spuninst\spuninst.exe + 2011-06-16 17:50 . 2010-07-05 13:14 388984 c:\windows\$NtUninstallKB2503665$\spuninst\updspapi.dll + 2011-06-16 17:50 . 2010-07-05 13:14 234872 c:\windows\$NtUninstallKB2503665$\spuninst\spuninst.exe + 2011-06-16 17:50 . 2008-10-16 14:43 138496 c:\windows\$NtUninstallKB2503665$\afd.sys + 2011-06-16 17:50 . 2010-07-05 13:14 388984 c:\windows\$NtUninstallKB2476490$\spuninst\updspapi.dll + 2011-06-16 17:50 . 2010-07-05 13:14 234872 c:\windows\$NtUninstallKB2476490$\spuninst\spuninst.exe + 2011-06-16 17:50 . 2008-04-14 02:22 551936 c:\windows\$NtUninstallKB2476490$\oleaut32.dll + 2011-07-13 18:20 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2555917\update\updspapi.dll + 2011-07-13 18:20 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2555917\update\update.exe + 2011-07-13 18:20 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2555917\spuninst.exe + 2011-06-16 17:49 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2544893\update\updspapi.dll + 2011-06-16 17:49 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2544893\update\update.exe + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2544893\spuninst.exe + 2011-06-16 06:45 . 2011-05-02 15:30 692736 c:\windows\$hf_mig$\KB2544893\SP3QFE\inetcomm.dll + 2011-06-16 17:49 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2544521-IE8\update\updspapi.dll + 2011-06-16 17:49 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2544521-IE8\update\update.exe + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2544521-IE8\spuninst.exe + 2011-06-16 06:45 . 2011-04-30 02:59 758784 c:\windows\$hf_mig$\KB2544521-IE8\SP3QFE\vgx.dll + 2011-06-29 08:26 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2541763\update\updspapi.dll + 2011-06-29 08:26 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2541763\update\update.exe + 2011-06-29 08:26 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2541763\spuninst.exe + 2011-04-29 17:23 . 2011-04-29 17:23 151552 c:\windows\$hf_mig$\KB2541763\SP3QFE\schannel.dll + 2011-06-16 17:49 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2536276\update\updspapi.dll + 2011-06-16 17:49 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2536276\update\update.exe + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2536276\spuninst.exe + 2011-06-16 06:45 . 2011-04-29 16:47 457856 c:\windows\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys + 2011-06-16 17:50 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2535512\update\updspapi.dll + 2011-06-16 17:50 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2535512\update\update.exe + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2535512\spuninst.exe + 2011-06-16 06:45 . 2011-04-21 13:52 105472 c:\windows\$hf_mig$\KB2535512\SP3QFE\mup.sys + 2011-06-16 17:49 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2530548-IE8\update\updspapi.dll + 2011-06-16 17:49 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2530548-IE8\update\update.exe + 2011-06-16 17:49 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2530548-IE8\spuninst.exe + 2011-06-16 06:45 . 2011-04-25 16:04 919552 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll + 2011-06-16 06:45 . 2011-04-25 16:04 206848 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\occache.dll + 2011-06-16 06:45 . 2011-04-25 16:04 611840 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mstime.dll + 2011-06-16 06:45 . 2011-04-25 16:04 602112 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\msfeeds.dll + 2011-06-16 06:45 . 2011-04-25 16:04 247808 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieproxy.dll + 2011-06-16 06:45 . 2011-04-25 16:04 184320 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iepeers.dll + 2011-06-16 06:45 . 2011-04-25 16:04 743424 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedvtool.dll + 2011-06-16 06:45 . 2011-04-25 16:04 387584 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iedkcs32.dll + 2011-06-16 06:45 . 2011-04-25 11:37 173568 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ie4uinit.exe + 2011-07-13 18:21 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2507938\update\updspapi.dll + 2011-07-13 18:21 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2507938\update\update.exe + 2011-07-13 18:21 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2507938\spuninst.exe + 2011-04-26 11:02 . 2011-04-26 11:02 293888 c:\windows\$hf_mig$\KB2507938\SP3QFE\winsrv.dll + 2011-06-16 17:50 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2503665\update\updspapi.dll + 2011-06-16 17:50 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2503665\update\update.exe + 2011-06-16 17:50 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2503665\spuninst.exe + 2011-06-16 06:45 . 2011-02-16 13:25 138496 c:\windows\$hf_mig$\KB2503665\SP3QFE\afd.sys + 2011-06-16 17:50 . 2010-07-05 13:14 388984 c:\windows\$hf_mig$\KB2476490\update\updspapi.dll + 2011-06-16 17:50 . 2010-07-05 13:14 765304 c:\windows\$hf_mig$\KB2476490\update\update.exe + 2011-06-16 17:50 . 2010-07-05 13:14 234872 c:\windows\$hf_mig$\KB2476490\spuninst.exe + 2010-12-20 17:30 . 2010-12-20 17:30 552448 c:\windows\$hf_mig$\KB2476490\SP3QFE\oleaut32.dll + 2004-08-04 12:00 . 2011-06-23 18:31 1212416 c:\windows\system32\urlmon.dll + 2004-08-04 12:00 . 2011-07-25 15:09 5969920 c:\windows\system32\mshtml.dll - 2007-08-13 17:34 . 2011-02-22 23:05 1991680 c:\windows\system32\iertutil.dll + 2007-08-13 17:34 . 2011-06-23 18:31 1991680 c:\windows\system32\iertutil.dll + 2009-02-17 07:00 . 2011-06-06 11:35 1859072 c:\windows\system32\dllcache\win32k.sys + 2004-08-04 12:00 . 2011-06-23 18:31 1212416 c:\windows\system32\dllcache\urlmon.dll + 2004-08-04 12:00 . 2011-07-25 15:09 5969920 c:\windows\system32\dllcache\mshtml.dll - 2009-02-16 13:46 . 2011-02-22 23:05 1991680 c:\windows\system32\dllcache\iertutil.dll + 2009-02-16 13:46 . 2011-06-23 18:31 1991680 c:\windows\system32\dllcache\iertutil.dll + 2011-03-25 04:15 . 2011-03-25 04:15 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll - 2008-07-25 09:17 . 2008-07-25 09:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll - 2010-03-23 03:32 . 2010-03-23 03:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2011-04-28 19:50 . 2011-04-28 19:50 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2011-03-25 04:15 . 2011-03-25 04:15 5912400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - 2011-01-18 02:39 . 2011-01-18 02:39 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2011-03-25 04:15 . 2011-03-25 04:15 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2011-05-01 22:06 . 2011-05-01 22:06 2705920 c:\windows\Installer\17e233d.msp + 2011-01-18 21:36 . 2011-01-18 21:36 2687488 c:\windows\Installer\1277414.msp + 2011-08-11 12:32 . 2011-04-25 16:05 1211904 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll + 2011-08-11 12:32 . 2011-05-30 22:12 5964800 c:\windows\ie8updates\KB2559049-IE8\mshtml.dll + 2011-08-11 12:32 . 2011-04-25 16:05 1991680 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll + 2011-06-16 17:49 . 2011-02-22 23:05 1210880 c:\windows\ie8updates\KB2530548-IE8\urlmon.dll + 2011-06-16 17:49 . 2011-02-22 23:05 5962240 c:\windows\ie8updates\KB2530548-IE8\mshtml.dll + 2011-06-16 17:49 . 2011-02-22 23:05 1991680 c:\windows\ie8updates\KB2530548-IE8\iertutil.dll + 2011-08-11 15:10 . 2011-08-11 15:10 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd6e0cd6f124a6d041ef1b4c9a5f080b\WindowsBase.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\162600dde59fbaa0c048a949158ecba3\UIAutomationClientsideProviders.ni.dll + 2011-08-11 15:10 . 2011-08-11 15:10 7950848 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\22229a30650a9afbac984e1093898b13\System.WorkflowServices.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\4d6b3cc1fc7a4788612241af7966715a\System.Workflow.Runtime.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\e4c9853af945c9cfede19f3faf18af6e\System.Workflow.ComponentModel.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\ab4b50c7c789e46a485903365765fde8\System.Workflow.Activities.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a2392c995b1bb6b63079091259222357\System.Web.Services.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\3da92a0b9b8ac97e11ca8bf4df671a78\System.Web.Mobile.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\01f4d6aa3299a41b8578b7e96afdcfb1\System.Web.Extensions.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e1208f0d981c420fc59f806bfbaa713b\System.Speech.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\27e1b8dfd5e1ccf2c5b9efc51f674c69\System.ServiceModel.Web.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\90b444d02047ef27921153d46967ef0e\System.Printing.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a50e2fc92db32751857fb8d297f9d7bc\System.IdentityModel.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\259ecf480769f4e60514b7ae2abaa6f1\System.DirectoryServices.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\71cf3eb40fc38e6ac8fba09e872d2878\System.Deployment.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0b16305773369cf740c6a2b1f1d785b2\System.Data.SqlXml.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\c1b9b8ce390548dcca661a5e6a908408\System.Data.Services.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\571af34939797a7c1cd05b0b925a45bf\System.Data.Linq.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\2b58cc071d6bf0c741e91f86c09de5d7\System.Data.Entity.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e54e013315849f5e34d8f2a8e7fdb450\System.Core.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\24ab0cacc77e8696ceff3157942a2de4\ReachFramework.ni.dll + 2011-08-11 15:10 . 2011-08-11 15:10 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\fac1ca86f4fea17de40d7fdaba38563e\PresentationUI.ni.dll + 2011-08-11 15:10 . 2011-08-11 15:10 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\b187becbc388c4ce7f33ede4da76e7b1\PresentationBuildTasks.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\08594c4ba9ea0253a836fe1d8d341984\Microsoft.Transactions.Bridge.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\345abd035c9378667b1cac54c1f21c97\Microsoft.JScript.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\906cd5555b79e4e0486dc8ef2a748b13\Microsoft.Build.Tasks.v3.5.ni.dll + 2011-08-11 15:32 . 2011-08-11 15:32 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\7baff7d694394aaba490082c88d48fd2\Microsoft.Build.Tasks.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\235a22e1ae9742bb724d411629dd99d5\Microsoft.Build.Engine.ni.dll + 2011-08-11 12:35 . 2011-08-11 12:35 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2011-04-13 11:28 . 2011-04-13 11:28 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2011-08-11 12:36 . 2011-08-11 12:36 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2011-04-13 11:28 . 2011-04-13 11:28 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2011-04-13 11:28 . 2011-04-13 11:28 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2011-08-11 12:35 . 2011-08-11 12:35 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2011-08-11 12:35 . 2011-08-11 12:35 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2011-04-13 11:28 . 2011-04-13 11:28 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2011-04-13 11:28 . 2011-04-13 11:28 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2011-08-11 12:35 . 2011-08-11 12:35 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2011-08-11 12:35 . 2011-08-11 12:35 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2011-04-13 11:28 . 2011-04-13 11:28 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2011-08-11 12:35 . 2011-08-11 12:35 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2011-04-13 11:28 . 2011-04-13 11:28 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2011-07-13 18:20 . 2011-03-03 13:53 1858048 c:\windows\$NtUninstallKB2555917$\win32k.sys + 2011-06-06 11:36 . 2011-06-06 11:36 1868032 c:\windows\$hf_mig$\KB2555917\SP3QFE\win32k.sys + 2011-06-16 06:45 . 2011-04-25 16:04 1213952 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\urlmon.dll + 2011-06-16 06:45 . 2011-05-30 22:11 5967360 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll + 2011-06-16 06:45 . 2011-04-25 16:04 1992192 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\iertutil.dll + 2009-02-16 13:46 . 2011-08-11 12:33 52390856 c:\windows\system32\MRT.exe + 2007-08-13 17:54 . 2011-06-23 18:31 11081728 c:\windows\system32\ieframe.dll + 2009-02-16 13:46 . 2011-06-23 18:31 11081728 c:\windows\system32\dllcache\ieframe.dll + 2011-05-12 06:41 . 2011-05-12 06:41 12213760 c:\windows\Installer\22ff95.msi + 2011-03-28 01:27 . 2011-03-28 01:27 15456256 c:\windows\Installer\1277423.msp + 2011-08-11 12:32 . 2011-04-26 08:05 11081728 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll + 2011-06-16 17:49 . 2011-02-22 23:05 11080704 c:\windows\ie8updates\KB2530548-IE8\ieframe.dll + 2011-08-11 15:11 . 2011-08-11 15:11 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll + 2011-08-11 15:33 . 2011-08-11 15:33 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll + 2011-08-11 15:16 . 2011-08-11 15:16 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll + 2011-08-11 15:11 . 2011-08-11 15:11 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\63ad0cd9b5e038c8e2e41415657db8fc\System.Design.ni.dll + 2011-08-11 15:10 . 2011-08-11 15:10 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\704556e34128441ea9f1a81cc89f8a79\PresentationFramework.ni.dll + 2011-08-11 15:10 . 2011-08-11 15:10 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5f332c48d03eca57419c4f0e884092ee\PresentationCore.ni.dll + 2011-06-30 17:34 . 2011-06-30 17:34 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll + 2011-06-16 06:45 . 2011-04-25 16:04 11083776 c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\ieframe.dll . -- Snapshot auf jetziges Datum zurückgesetzt -- . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-01 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432] "Google Quick Search Box"="c:\programme\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2011-04-08 126976] "QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2010-03-18 421888] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-07-11 336584] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ \0 . [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.exe.lnk] path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^hp psc 2000 Series.lnk] path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\hp psc 2000 Series.lnk backup=c:\windows\pss\hp psc 2000 Series.lnkCommon Startup . [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^hpoddt01.exe.lnk] path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\hpoddt01.exe.lnk backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WinZip Quick Pick.lnk] path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\@OnlineArmor GUI] 2009-07-11 03:58 2121416 ----a-w- c:\programme\Tall Emu\Online Armor\oaui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 02:22 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMngr] 2010-10-19 12:53 983480 ----a-w- c:\programme\BearShare Applications\MediaBar\DataMngr\datamngrUI.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit] 2002-08-28 12:43 73728 ----a-w- c:\windows\Dit.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box] 2011-04-08 07:53 126976 ----a-w- c:\programme\Google\Quick Search Box\GoogleQuickSearchBox.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio] 2006-06-07 16:11 9129984 ----a-w- c:\programme\Intel Audio Studio\IntelAudioStudio.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 02:22 1695232 ----a-w- c:\programme\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell] 2008-12-18 22:30 323216 ----a-w- c:\programme\Napster\napster.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 15:40 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2010-07-09 14:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2010-07-09 14:24 110696 ----a-w- c:\windows\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-03-01 09:55 39408 ----a-w- c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-02-28 07:17 185896 ----a-w- c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia] 2010-02-28 03:45 5344807 ----a-w- c:\programme\Vidalia Bundle\Vidalia\vidalia.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\programme\QuickTime\qttask.exe" -atboottime . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programme\\Ipswitch\\WS_FTP Pro\\wsftpgui.exe"= . R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [08.10.2009 16:54 200784] R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [08.10.2009 16:54 24656] R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [08.10.2009 16:54 29776] R2 OAcat;Online Armor Helper Service;c:\programme\Tall Emu\Online Armor\oacat.exe [08.10.2009 16:54 362184] R2 SvcOnlineArmor;Online Armor;c:\programme\Tall Emu\Online Armor\oasrv.exe [08.10.2009 16:54 3142344] S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [07.02.2010 10:59 135664] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [14.07.2009 12:11 16512] S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [07.02.2010 10:59 135664] S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [07.07.2010 16:05 14904] . --- Andere Dienste/Treiber im Speicher --- . *Deregistered* - avgio . Inhalt des "geplante Tasks" Ordners . 2009-06-27 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 2200 series5E771253C1676EBED677BF361FDFC537825E15B8236153915.job - c:\programme\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 23:52] . 2011-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programme\Google\Update\GoogleUpdate.exe [2010-02-07 08:59] . 2011-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programme\Google\Update\GoogleUpdate.exe [2010-02-07 08:59] . 2011-08-21 c:\windows\Tasks\User_Feed_Synchronization-{EFEF8E6C-0BD5-4F24-BC04-E9CC0FC61AAC}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.google.de/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Google Sidewiki... - c:\programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\dokumente und einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542 FF - prefs.js: browser.search.selectedEngine - BearShare Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.bearshare.com/ FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q= FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - c:\programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: kikin plugin (Softonic Edition): {AA994882-F391-4d2e-806F-8908DA4814ED} - %profile%\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} FF - Ext: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - %profile%\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} FF - Ext: MediaBar: {E84D42CA-64EB-11DE-A65F-8C3656D89593} - %profile%\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593} FF - Ext: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - %profile%\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} FF - Ext: Torbutton: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} - %profile%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} FF - Ext: Plasmoo Search Engine: engine@plasmoo.com - %profile%\extensions\engine@plasmoo.com FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\Java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - Entfernte verwaiste Registrierungseinträge - - - - . MSConfigStartUp-avgnt - c:\programme\AntiVir PersonalEdition Classic\avgnt.exe AddRemove-Adobe Photoshop 5.5 - c:\windows\ISUN0407.EXE AddRemove-Macromedia Dreamweaver 3 De - c:\windows\IsUn0407.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-08-21 14:09 Windows 5.1.2600 Service Pack 3 NTFS . Scanne versteckte Prozesse... . Scanne versteckte Autostarteinträge... . Scanne versteckte Dateien... . Scan erfolgreich abgeschlossen versteckte Dateien: 0 . ************************************************************************** . Zeit der Fertigstellung: 2011-08-21 14:13:07 ComboFix-quarantined-files.txt 2011-08-21 12:13 ComboFix2.txt 2011-05-11 15:57 . Vor Suchlauf: 15 Verzeichnis(se), 234.582.900.736 Bytes frei Nach Suchlauf: 16 Verzeichnis(se), 235.497.689.088 Bytes frei . - - End Of File - - 9DF38CF78F3D3B23EB6DFADB858A511D |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
- » Laptop sehr langsam, Virenscanner findet nichts, Internet-Seiten bauen sich lang
- » Internetseiten bauen sich nur sehr langsam auf bzw. gar nicht
- » Internet sehr langsam, Browser leitet auf seltsame Seiten weiter
- » Mein PC ist sehr langsam und auch das Internet ist sehr langsam
- » Bitte Lofile auswerten - Internet sehr sehr langsam
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ich habe das Gefühl das mein Computer überladen ist oder es hat sich etwas eingefangen bitte um Hilfe.