Logfile auswerten?

ComboFix 10-05-30.09 - Armin & Sabine 31.05.2010 20:46:13.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.1015.540 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Armin & Sabine\Eigene Dateien\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\avdrn.dat
c:\dokumente und einstellungen\Armin & Sabine\Recent\Thumbs.db
c:\programme\pdfforge Toolbar\SearchSettings.dll
c:\windows\msacm32.drv
c:\windows\sdfinacs.dll
c:\windows\sdfixwcs.dll
c:\windows\system32\2346g.4e
c:\windows\system32\bbri.few
c:\windows\system32\cooper.mine
c:\windows\system32\few46dx.4e
c:\windows\system32\nmklo.dll
c:\windows\system32\Thumbs.db
c:\windows\system32\Vb40032.dll
c:\windows\system32\wef6.gy
c:\windows\wuasirvy.dll

Infizierte Kopie von c:\windows\system32\termsrv.dll wurde gefunden und desinfiziert
Kopie von - c:\windows\ERDNT\cache\termsrv.dll wurde wiederhergestellt

.
((((((((((((((((((((((( Dateien erstellt von 2010-04-28 bis 2010-05-31 ))))))))))))))))))))))))))))))
.

2010-05-29 15:31 . 2010-05-29 15:31 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\54B
2010-05-28 01:00 . 2010-05-28 01:00 -------- d-----w- c:\windows\ie8updates
2010-05-27 05:42 . 2010-02-25 06:15 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-05-27 05:42 . 2010-02-25 06:14 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-05-27 05:42 . 2010-02-25 06:15 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-05-27 05:42 . 2010-02-25 06:15 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-05-27 05:42 . 2010-02-25 06:15 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-05-27 05:38 . 2010-05-27 05:38 -------- d-sh--w- c:\dokumente und einstellungen\Armin & Sabine\IETldCache
2010-05-26 19:02 . 2010-05-26 19:03 -------- dc-h--w- c:\windows\ie8
2010-05-24 08:21 . 2010-05-24 08:21 503808 ----a-w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Sun\Java\Deployment\SystemC ache\6.0\46\f84c6ae-5f9521b2-n\msvcp71.dll
2010-05-24 08:21 . 2010-05-24 08:21 499712 ----a-w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Sun\Java\Deployment\SystemC ache\6.0\46\f84c6ae-5f9521b2-n\jmc.dll
2010-05-24 08:21 . 2010-05-24 08:21 348160 ----a-w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Sun\Java\Deployment\SystemC ache\6.0\46\f84c6ae-5f9521b2-n\msvcr71.dll
2010-05-24 08:20 . 2010-05-24 08:20 -------- d-----w- c:\programme\Gemeinsame Dateien\Java
2010-05-24 08:20 . 2010-05-24 08:20 61440 ----a-w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Sun\Java\Deployment\SystemC ache\6.0\50\5535ab32-72e898bd-n\decora-sse.dll
2010-05-24 08:20 . 2010-05-24 08:20 12800 ----a-w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Sun\Java\Deployment\SystemC ache\6.0\50\5535ab32-72e898bd-n\decora-d3d.dll
2010-05-24 08:20 . 2010-05-24 08:19 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-21 12:50 . 2010-05-21 12:50 503808 ----a-w- c:\dokumente und einstellungen\Lea\Anwendungsdaten\Sun\Java\Deploym ent\SystemCache\6.0\54\1a209876-2b0c6057-n\msvcp71.dll
2010-05-21 12:50 . 2010-05-21 12:50 499712 ----a-w- c:\dokumente und einstellungen\Lea\Anwendungsdaten\Sun\Java\Deploym ent\SystemCache\6.0\54\1a209876-2b0c6057-n\jmc.dll
2010-05-21 12:50 . 2010-05-21 12:50 348160 ----a-w- c:\dokumente und einstellungen\Lea\Anwendungsdaten\Sun\Java\Deploym ent\SystemCache\6.0\54\1a209876-2b0c6057-n\msvcr71.dll
2010-05-21 12:49 . 2010-05-21 12:49 61440 ----a-w- c:\dokumente und einstellungen\Lea\Anwendungsdaten\Sun\Java\Deploym ent\SystemCache\6.0\17\6d0ad391-2699803e-n\decora-sse.dll
2010-05-21 12:49 . 2010-05-21 12:49 12800 ----a-w- c:\dokumente und einstellungen\Lea\Anwendungsdaten\Sun\Java\Deploym ent\SystemCache\6.0\17\6d0ad391-2699803e-n\decora-d3d.dll
2010-05-21 12:44 . 2010-05-21 12:44 -------- d-----w- c:\dokumente und einstellungen\Lea\Anwendungsdaten\Apple Computer
2010-05-12 06:28 . 2010-05-28 01:01 -------- d--h--w- c:\windows\$hf_mig$
2010-05-06 09:32 . 2010-05-06 09:32 -------- d-----w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\BearShareTb
2010-05-06 09:32 . 2010-05-06 09:32 -------- d-----w- c:\programme\BearShareTb
2010-05-06 09:31 . 2010-05-29 15:32 -------- d-----w- c:\dokumente und einstellungen\Armin & Sabine\Lokale Einstellungen\Anwendungsdaten\BearShare
2010-05-04 11:27 . 2010-05-04 11:27 -------- d-----w- c:\programme\BearShare Applications

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))) ))))
.
2010-05-31 18:50 . 2010-04-18 15:00 -------- d-----w- c:\programme\pdfforge Toolbar
2010-05-31 18:49 . 2008-12-27 22:44 580096 ----a-w- c:\windows\system32\user32.dll
2010-05-21 12:46 . 2009-10-27 18:22 -------- d-----w- c:\dokumente und einstellungen\Lea\Anwendungsdaten\bearsharetb
2010-05-21 12:45 . 2009-12-25 15:52 -------- d-----w- c:\dokumente und einstellungen\Lea\Anwendungsdaten\Search Settings
2010-05-20 07:22 . 2010-01-18 13:38 -------- d-----w- c:\programme\Spybot - Search & Destroy
2010-05-19 19:55 . 2010-01-25 15:57 -------- d-----w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\SoftGrid Client
2010-04-29 17:19 . 2010-04-29 17:19 -------- d-----w- c:\programme\Opera
2010-04-29 17:13 . 2009-04-02 13:26 117712 ----a-w- c:\dokumente und einstellungen\Armin & Sabine\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-04-27 16:59 . 2009-01-02 12:50 -------- d--h--w- c:\programme\InstallShield Installation Information
2010-04-27 16:59 . 2009-01-12 13:40 -------- d-----w- c:\programme\Ulead Systems
2010-04-27 16:59 . 2009-01-12 13:40 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Ulead Systems
2010-04-27 16:56 . 2009-04-30 11:15 -------- d-----w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Sony
2010-04-19 06:35 . 2010-04-19 06:35 -------- d-----w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Search Settings
2010-04-19 06:35 . 2010-04-19 06:35 -------- d-----w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\pdfforge
2010-04-18 15:00 . 2010-04-18 15:00 -------- d-----w- c:\programme\Application Updater
2010-04-17 16:57 . 2010-04-17 16:56 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-04-17 16:57 . 2009-12-21 11:28 -------- d-----w- c:\programme\iTunes
2010-04-17 16:56 . 2010-04-17 16:56 -------- d-----w- c:\programme\iPod
2010-04-17 16:56 . 2009-11-27 09:24 -------- d-----w- c:\programme\Gemeinsame Dateien\Apple
2010-04-17 16:52 . 2010-04-17 16:51 -------- d-----w- c:\programme\QuickTime
2010-04-17 16:49 . 2010-04-17 16:49 -------- d-----w- c:\programme\Apple Software Update
2010-04-17 16:46 . 2010-04-17 16:46 -------- d-----w- c:\programme\Bonjour
2010-04-15 10:05 . 2009-01-12 13:38 -------- d-----w- c:\programme\Gemeinsame Dateien\Adobe
2010-04-14 11:54 . 2009-11-27 09:51 82644 ---ha-w- c:\windows\system32\mlfcache.dat
2010-04-06 12:56 . 2009-06-23 13:46 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft Help
2010-03-28 07:45 . 2008-12-27 22:44 81304 ----a-w- c:\windows\system32\perfc007.dat
2010-03-28 07:45 . 2008-12-27 22:44 452754 ----a-w- c:\windows\system32\perfh007.dat
2010-03-25 23:48 . 2010-03-25 23:48 73000 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer\Installer Cache\iTunes 9.1.0.79\SetupAdmin.exe
2010-03-12 14:52 . 2010-03-12 14:52 1336 ----a-w- c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\dp 3jnb8r.default\extensions\toolbar@ask.com\chrome\t emp\askToolbar.exe
2010-03-10 06:15 . 2008-12-27 22:44 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-01-17 13:03 . 2010-01-17 13:03 155 ----a-w- c:\programme\00H4QGRK.bat
.
Infected c:\windows\system32\user32.dll hex repaired


((((((((((((((((((((((((((((( SnapShot@2010-01-18_11.49.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-31 18:54 . 2010-05-31 18:54 16384 c:\windows\Temp\Perflib_Perfdata_7fc.dat
+ 2008-12-27 22:44 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
- 2008-12-27 22:44 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
+ 2009-04-30 09:37 . 2009-01-07 16:20 26144 c:\windows\system32\spupdsvc.exe
+ 2009-12-04 09:47 . 2009-01-07 16:20 18464 c:\windows\system32\spmsg.dll
+ 2009-05-26 10:30 . 2009-05-26 10:30 73728 c:\windows\system32\RTNUninst32.dll
+ 2009-03-03 11:18 . 2009-03-03 11:18 73728 c:\windows\system32\RtNicProp32.dll
+ 2009-01-02 12:53 . 2009-12-25 17:50 51232 c:\windows\system32\RtkCoInstXP.dll
+ 2010-02-11 10:10 . 2008-04-13 23:15 59520 c:\windows\system32\ReinstallBackups\0017\DriverFi les\i386\usbhub.sys
+ 2010-02-11 10:10 . 2008-04-13 23:15 59520 c:\windows\system32\ReinstallBackups\0016\DriverFi les\i386\usbhub.sys
+ 2010-02-11 10:10 . 2008-04-13 23:15 59520 c:\windows\system32\ReinstallBackups\0015\DriverFi les\i386\usbhub.sys
+ 2010-02-11 10:09 . 2008-04-13 23:15 59520 c:\windows\system32\ReinstallBackups\0014\DriverFi les\i386\usbhub.sys
+ 2010-02-11 10:09 . 2008-04-13 23:15 59520 c:\windows\system32\ReinstallBackups\0013\DriverFi les\i386\usbhub.sys
+ 2008-12-27 22:44 . 2009-03-08 02:31 46592 c:\windows\system32\pngfilt.dll
+ 2008-12-27 22:44 . 2010-03-28 07:45 68478 c:\windows\system32\perfc009.dat
+ 2009-01-07 16:20 . 2009-01-07 16:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 24576 c:\windows\system32\nlsdl.dll
+ 2008-04-14 07:52 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll
+ 2008-12-27 22:43 . 2009-11-27 16:08 28672 c:\windows\system32\msvidc32.dll
- 2008-12-27 22:43 . 2008-04-14 12:00 11264 c:\windows\system32\msrle32.dll
+ 2008-12-27 22:43 . 2009-11-27 16:08 11264 c:\windows\system32\msrle32.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 48128 c:\windows\system32\mshtmler.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 66560 c:\windows\system32\mshtmled.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 02:31 . 2009-03-08 02:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 02:31 . 2010-02-25 06:15 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-12-21 07:59 . 2010-05-27 06:23 84661 c:\windows\system32\Macromed\Flash\uninstall_plugi n.exe
- 2009-12-21 07:59 . 2009-12-21 07:59 84661 c:\windows\system32\Macromed\Flash\uninstall_plugi n.exe
+ 2010-05-24 08:24 . 2010-05-24 08:24 84507 c:\windows\system32\Macromed\Flash\uninstall_activ eX.exe
+ 2008-12-27 22:43 . 2009-03-08 02:34 43008 c:\windows\system32\licmgr10.dll
+ 2008-12-27 22:43 . 2010-02-25 06:15 25600 c:\windows\system32\jsproxy.dll
+ 2008-04-14 07:52 . 2009-11-27 16:08 48128 c:\windows\system32\iyuv_32.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 94720 c:\windows\system32\inseng.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 02:32 . 2009-03-08 02:32 36864 c:\windows\system32\ieudinit.exe
+ 2008-12-27 22:43 . 2009-03-08 02:32 71680 c:\windows\system32\iesetup.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 26112 c:\windows\system32\idndl.dll
+ 2009-03-08 02:31 . 2009-03-08 02:31 59904 c:\windows\system32\icardie.dll
+ 2010-02-11 10:10 . 2010-02-11 10:09 12160 c:\windows\system32\DRVSTORE\zebrser2_0A2847C94D1E E4DD06CE7DF36614D531DE0478E2\i386\zebrcmnt.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 91264 c:\windows\system32\DRVSTORE\zebrscep_43CE4CE9917F 4AB857191C8AF519514326FED3EB\i386\zebrsce.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 12160 c:\windows\system32\DRVSTORE\zebrscep_43CE4CE9917F 4AB857191C8AF519514326FED3EB\i386\zebrcmnt.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 99712 c:\windows\system32\DRVSTORE\zebrobx2_5EC96C36227E 872B2B260D203965ADA2987E0B39\i386\zebrobex.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 12160 c:\windows\system32\DRVSTORE\zebrobx2_5EC96C36227E 872B2B260D203965ADA2987E0B39\i386\zebrcmnt.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 12160 c:\windows\system32\DRVSTORE\zebrmsc2_42356B4F0BD7 9AC6F18744A1833E5FF4F32976BD\i386\zebrcmnt.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 14848 c:\windows\system32\DRVSTORE\zebrmdm2_0A2847C94D1E E4DD06CE7DF36614D531DE0478E2\i386\zebrmdfl.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 12160 c:\windows\system32\DRVSTORE\zebrmdm2_0A2847C94D1E E4DD06CE7DF36614D531DE0478E2\i386\zebrcmnt.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 12160 c:\windows\system32\DRVSTORE\zebrfse2_0A2847C94D1E E4DD06CE7DF36614D531DE0478E2\i386\zebrcmnt.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 12160 c:\windows\system32\DRVSTORE\zebrceb_5D3759B0FA968 0671ED8714BBB53A24D3DD6D83E\i386\zebrwhnt.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 63360 c:\windows\system32\DRVSTORE\zebrceb_5D3759B0FA968 0671ED8714BBB53A24D3DD6D83E\i386\zebrceb.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 12160 c:\windows\system32\DRVSTORE\zebrbus_36ECD4F36FFD1 C8D7775CBB1D3C4EDC32416D158\i386\zebrwhnt.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 83200 c:\windows\system32\DRVSTORE\zebrbus_36ECD4F36FFD1 C8D7775CBB1D3C4EDC32416D158\i386\zebrbus.sys
+ 2010-04-17 16:46 . 2009-10-16 00:33 41472 c:\windows\system32\DRVSTORE\usbaapl_E0F497D6C8B1C 59AEB6422181BF0AFABD8356D47\usbaapl.sys
+ 2010-02-11 10:09 . 2010-02-11 10:09 35880 c:\windows\system32\DRVSTORE\semis06_951EEEC364126 02D8ACC8E4FBFB724AC1ED1A5BF\semis06.sys
+ 2010-02-11 10:09 . 2010-02-11 10:09 27632 c:\windows\system32\DRVSTORE\seehcri_83581F0E1122D D79BF9CC54502EB659FE9A0E57B\i386\seehcri.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 25512 c:\windows\system32\DRVSTORE\ggsemc_978D03B6E152B3 469C240DF96316F7602BCF0471\x86\ggsemc.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 13224 c:\windows\system32\DRVSTORE\ggsemc_978D03B6E152B3 469C240DF96316F7602BCF0471\x86\ggflt.sys
+ 2009-11-27 09:25 . 2009-10-16 00:33 41472 c:\windows\system32\drivers\usbaapl.sys
+ 2009-09-23 14:05 . 2009-09-23 14:05 21864 c:\windows\system32\drivers\Sftredirxp.sys
+ 2010-02-11 10:09 . 2010-02-11 10:09 27632 c:\windows\system32\drivers\seehcri.sys
+ 2007-11-02 12:22 . 2007-11-02 12:22 12200 c:\windows\system32\drivers\s217whnt.sys
+ 2007-11-02 12:22 . 2007-11-02 12:22 12200 c:\windows\system32\drivers\s217wh.sys
+ 2007-11-02 12:22 . 2007-11-02 12:22 83496 c:\windows\system32\drivers\s217bus.sys
+ 2010-02-12 09:46 . 2010-02-12 09:46 91424 c:\windows\system32\dnssd.dll
+ 2008-12-27 22:44 . 2009-03-08 02:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-04-14 07:52 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2008-12-27 22:43 . 2009-11-27 16:08 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2008-12-27 22:43 . 2009-11-27 16:08 11264 c:\windows\system32\dllcache\msrle32.dll
- 2008-12-27 22:43 . 2008-04-14 12:00 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2008-12-27 22:43 . 2009-03-08 02:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2008-12-27 22:43 . 2010-02-25 06:15 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 07:52 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2008-12-27 14:57 . 2009-03-08 02:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2008-12-27 22:43 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-12-27 22:43 . 2009-03-08 02:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2008-12-27 22:43 . 2010-01-13 14:00 86528 c:\windows\system32\dllcache\cabview.dll
+ 2008-12-27 22:43 . 2009-11-27 16:08 85504 c:\windows\system32\dllcache\avifil32.dll
- 2008-12-27 22:43 . 2009-06-10 14:13 85504 c:\windows\system32\dllcache\avifil32.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2008-12-27 22:43 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll
+ 2008-12-27 22:43 . 2009-03-08 02:33 18944 c:\windows\system32\corpol.dll
+ 2008-12-27 22:43 . 2010-01-13 14:00 86528 c:\windows\system32\cabview.dll
+ 2008-12-27 22:43 . 2009-11-27 16:08 85504 c:\windows\system32\avifil32.dll
- 2008-12-27 22:43 . 2009-06-10 14:13 85504 c:\windows\system32\avifil32.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 72704 c:\windows\system32\admparse.dll
+ 2010-01-19 12:39 . 2009-12-25 17:50 84512 c:\windows\SOUNDMAN.EXE
+ 2010-04-17 16:50 . 2010-04-17 16:50 27136 c:\windows\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
+ 2010-04-18 15:00 . 2010-04-18 15:00 10134 c:\windows\Installer\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}\ARPPRODUCTICON.exe
+ 2010-01-25 15:51 . 2010-01-25 15:51 90448 c:\windows\Installer\{20140000-006D-0407-0000-0000000FF1CE}\cvhicon.exe
+ 2010-05-28 01:00 . 2009-03-08 02:33 12288 c:\windows\ie8updates\KB980182-IE8\xpshims.dll
+ 2010-05-28 01:00 . 2009-03-08 02:31 55296 c:\windows\ie8updates\KB980182-IE8\msfeedsbs.dll
+ 2010-05-28 01:00 . 2009-03-08 02:33 25600 c:\windows\ie8updates\KB980182-IE8\jsproxy.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 37888 c:\windows\ie8\url.dll
+ 2010-05-26 19:03 . 2009-03-08 17:18 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 39424 c:\windows\ie8\pngfilt.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 97792 c:\windows\ie8\occache.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 57344 c:\windows\ie8\mshtmler.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 29184 c:\windows\ie8\mshta.exe
+ 2010-05-26 19:02 . 2008-04-14 12:00 22016 c:\windows\ie8\licmgr10.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 15872 c:\windows\ie8\jsproxy.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 96768 c:\windows\ie8\inseng.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 35840 c:\windows\ie8\imgutil.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 93184 c:\windows\ie8\iexplore.exe
+ 2010-05-26 19:02 . 2008-04-14 12:00 64000 c:\windows\ie8\iesetup.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 49152 c:\windows\ie8\iernonce.dll
+ 2010-05-26 19:02 . 2010-02-26 05:41 81920 c:\windows\ie8\ieencode.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 34304 c:\windows\ie8\ie4uinit.exe
+ 2010-05-26 19:02 . 2008-04-14 12:00 38912 c:\windows\ie8\hmmapi.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 35328 c:\windows\ie8\corpol.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 61440 c:\windows\ie8\admparse.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-01-19 12:38 . 2009-12-25 17:49 64032 c:\windows\ALCMTR.EXE
+ 2001-08-18 04:54 . 2009-11-27 16:08 8704 c:\windows\system32\tsbyuv.dll
+ 2010-02-11 10:10 . 2001-08-17 13:03 4736 c:\windows\system32\ReinstallBackups\0017\DriverFi les\i386\usbd.sys
+ 2010-02-11 10:10 . 2001-08-17 13:03 4736 c:\windows\system32\ReinstallBackups\0016\DriverFi les\i386\usbd.sys
+ 2010-02-11 10:10 . 2001-08-17 13:03 4736 c:\windows\system32\ReinstallBackups\0015\DriverFi les\i386\usbd.sys
+ 2010-02-11 10:09 . 2001-08-17 13:03 4736 c:\windows\system32\ReinstallBackups\0014\DriverFi les\i386\usbd.sys
+ 2010-02-11 10:09 . 2008-04-14 12:00 4736 c:\windows\system32\ReinstallBackups\0013\DriverFi les\i386\usbd.sys
+ 2001-08-17 14:03 . 2001-08-17 13:03 4736 c:\windows\system32\drivers\usbd.sys
- 2001-08-17 14:03 . 2008-04-14 12:00 4736 c:\windows\system32\drivers\usbd.sys
+ 2001-08-17 14:03 . 2001-08-17 13:03 4736 c:\windows\system32\dllcache\usbd.sys
+ 2001-08-18 04:54 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a 1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2010-01-19 12:39 . 2009-12-25 17:50 358944 c:\windows\vncutil.exe
+ 2010-03-10 14:41 . 2010-03-10 14:41 417792 c:\windows\uninstall\Audiograbber\setup.exe
- 2008-12-27 22:44 . 2008-04-14 12:00 121856 c:\windows\system32\xmllite.dll
+ 2008-12-27 22:44 . 2009-01-07 16:21 121856 c:\windows\system32\xmllite.dll
+ 2004-08-04 05:56 . 2004-08-04 05:56 293376 c:\windows\system32\WISPTIS.EXE
+ 2008-12-27 22:44 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
+ 2008-12-27 22:44 . 2010-02-25 06:15 916480 c:\windows\system32\wininet.dll
+ 2009-03-08 02:34 . 2009-03-08 02:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2008-12-27 22:44 . 2009-03-08 02:34 236544 c:\windows\system32\webcheck.dll
+ 2008-12-27 22:44 . 2009-03-08 02:34 105984 c:\windows\system32\url.dll
+ 2008-12-27 22:44 . 2009-12-08 09:23 474624 c:\windows\system32\shlwapi.dll
- 2008-12-27 22:44 . 2008-04-14 12:00 474624 c:\windows\system32\shlwapi.dll
+ 2009-09-23 14:04 . 2009-09-23 14:04 975208 c:\windows\system32\sftldr.dll
+ 2010-01-19 12:39 . 2009-12-25 17:50 137760 c:\windows\system32\RTCOM\RTLCPAPI.dll
+ 2010-01-19 12:38 . 2009-12-25 17:50 277024 c:\windows\system32\RTCOM\RTCOMDLL.dll
+ 2010-01-19 20:10 . 2008-05-07 18:31 106368 c:\windows\system32\ReinstallBackups\0012\DriverFi les\Rtenicxp.sys
+ 2008-12-27 22:44 . 2010-03-28 07:45 435840 c:\windows\system32\perfh009.dat
+ 2008-12-27 22:43 . 2010-02-25 06:15 206848 c:\windows\system32\occache.dll
+ 2008-12-27 22:43 . 2010-02-25 06:15 611840 c:\windows\system32\mstime.dll
+ 2008-12-27 22:43 . 2009-03-08 02:34 193536 c:\windows\system32\msrating.dll
- 2008-12-27 14:55 . 2008-04-14 12:00 346624 c:\windows\system32\mspaint.exe
+ 2008-12-27 14:55 . 2009-12-17 07:40 346624 c:\windows\system32\mspaint.exe
+ 2008-12-27 22:43 . 2009-03-08 02:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 02:32 . 2010-02-25 06:15 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 265720 c:\windows\system32\msdbg2.dll
+ 2010-01-27 01:07 . 2010-01-27 01:07 256280 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUt il.exe
+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 c:\windows\system32\Macromed\Flash\FlashUtil10e.ex e
+ 2008-12-27 22:43 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
+ 2010-05-24 08:20 . 2010-05-24 08:19 153376 c:\windows\system32\javaws.exe
- 2009-09-30 12:10 . 2009-07-31 13:23 145184 c:\windows\system32\javaw.exe
+ 2010-05-24 08:20 . 2010-05-24 08:19 145184 c:\windows\system32\javaw.exe
- 2009-09-30 12:10 . 2009-07-31 13:23 145184 c:\windows\system32\java.exe
+ 2010-05-24 08:20 . 2010-05-24 08:19 145184 c:\windows\system32\java.exe
+ 2004-08-04 05:56 . 2004-08-04 05:56 207360 c:\windows\system32\INKED.DLL
- 2008-12-27 14:57 . 2008-04-11 19:04 691712 c:\windows\system32\inetcomm.dll
+ 2008-12-27 14:57 . 2010-01-29 14:59 691712 c:\windows\system32\inetcomm.dll
+ 2009-03-08 02:22 . 2009-03-08 02:22 164352 c:\windows\system32\ieui.dll
+ 2008-12-27 22:43 . 2010-02-25 06:14 184320 c:\windows\system32\iepeers.dll
+ 2008-12-27 22:43 . 2010-02-25 06:14 387584 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 02:11 . 2009-03-08 02:11 445952 c:\windows\system32\ieapfltr.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 163840 c:\windows\system32\ieakui.dll
+ 2008-12-27 22:43 . 2009-03-08 02:33 229376 c:\windows\system32\ieaksie.dll
+ 2008-12-27 22:43 . 2009-03-08 02:33 125952 c:\windows\system32\ieakeng.dll
+ 2008-12-27 22:43 . 2010-02-24 09:53 173056 c:\windows\system32\ie4uinit.exe
+ 2008-12-27 14:50 . 2010-05-04 12:39 364120 c:\windows\system32\FNTCACHE.DAT
+ 2008-12-27 22:43 . 2009-03-08 02:31 216064 c:\windows\system32\dxtrans.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 348160 c:\windows\system32\dxtmsft.dll
+ 2010-02-11 10:10 . 2010-02-11 10:09 109568 c:\windows\system32\DRVSTORE\zebrser2_0A2847C94D1E E4DD06CE7DF36614D531DE0478E2\i386\zebrmdm.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 109568 c:\windows\system32\DRVSTORE\zebrmsc2_42356B4F0BD7 9AC6F18744A1833E5FF4F32976BD\i386\zebrmdmc.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 109568 c:\windows\system32\DRVSTORE\zebrmdm2_0A2847C94D1E E4DD06CE7DF36614D531DE0478E2\i386\zebrmdm.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 109568 c:\windows\system32\DRVSTORE\zebrfse2_0A2847C94D1E E4DD06CE7DF36614D531DE0478E2\i386\zebrmdm.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 113008 c:\windows\system32\DRVSTORE\seser_BCFAC537964EFAE A0286CE9B17BC804B8114201F\seusbser.sys
+ 2010-02-11 10:10 . 2010-02-11 10:09 113008 c:\windows\system32\DRVSTORE\semdm_BCFAC537964EFAE A0286CE9B17BC804B8114201F\seusbser.sys
+ 2008-12-27 22:44 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2008-12-27 22:44 . 2009-12-31 16:50 353792 c:\windows\system32\drivers\srv.sys
+ 2009-01-02 12:51 . 2009-11-27 06:20 177152 c:\windows\system32\drivers\Rtenicxp.sys
+ 2008-12-27 22:43 . 2010-02-24 13:11 455680 c:\windows\system32\drivers\mrxsmb.sys
+ 2010-02-12 09:46 . 2010-02-12 09:46 107808 c:\windows\system32\dns-sd.exe
+ 2008-12-27 22:44 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2008-12-27 22:44 . 2010-02-25 06:15 916480 c:\windows\system32\dllcache\wininet.dll
+ 2008-12-27 22:44 . 2009-03-08 02:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2008-12-27 14:57 . 2009-03-08 02:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2008-12-27 22:44 . 2010-03-10 06:15 420352 c:\windows\system32\dllcache\vbscript.dll
- 2008-12-27 22:44 . 2008-04-14 12:00 580096 c:\windows\system32\dllcache\user32.dll
+ 2008-12-27 22:44 . 2010-05-31 18:49 580096 c:\windows\system32\dllcache\user32.dll
+ 2008-12-27 22:44 . 2009-03-08 02:34 105984 c:\windows\system32\dllcache\url.dll
+ 2008-12-27 22:44 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2008-12-27 22:44 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys
+ 2009-01-07 16:20 . 2009-01-07 16:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2008-12-27 22:44 . 2009-12-08 09:23 474624 c:\windows\system32\dllcache\shlwapi.dll
- 2008-12-27 22:44 . 2008-04-14 12:00 474624 c:\windows\system32\dllcache\shlwapi.dll
+ 2008-12-27 22:43 . 2010-02-25 06:15 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-12-27 22:43 . 2010-02-25 06:15 611840 c:\windows\system32\dllcache\mstime.dll
+ 2008-12-27 22:43 . 2009-03-08 02:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2008-12-27 14:55 . 2009-12-17 07:40 346624 c:\windows\system32\dllcache\mspaint.exe
- 2008-12-27 14:55 . 2008-04-14 12:00 346624 c:\windows\system32\dllcache\mspaint.exe
+ 2008-12-27 22:43 . 2009-03-08 02:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2009-12-04 10:02 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-12-27 22:43 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
- 2008-12-27 14:57 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-12-27 14:57 . 2010-01-29 14:59 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-12-27 14:57 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2008-12-27 22:43 . 2010-02-25 06:14 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2008-12-27 22:43 . 2010-02-25 06:14 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2008-12-27 22:43 . 2009-03-08 02:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-12-27 22:43 . 2009-03-08 02:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-12-27 22:43 . 2010-02-24 09:53 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-12-27 22:43 . 2009-03-08 02:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2008-12-27 22:43 . 2009-03-08 02:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-12-27 22:43 . 2009-03-08 02:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2008-12-27 22:43 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2010-03-06 04:40 . 2010-02-12 10:03 293376 c:\windows\system32\browserchoice.exe
+ 2008-12-27 22:43 . 2009-03-08 02:32 128512 c:\windows\system32\advpack.dll
+ 2008-12-27 22:43 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll
+ 2010-01-19 12:38 . 2009-11-24 16:40 838176 c:\windows\RtlExUpd.dll
+ 2010-01-19 12:39 . 2009-12-25 17:50 129568 c:\windows\RtkAudioService.exe
+ 2010-04-18 15:00 . 2010-04-18 15:00 840704 c:\windows\Installer\b3ac602.msi
+ 2010-05-24 08:20 . 2010-05-24 08:20 180224 c:\windows\Installer\688297.msi
+ 2010-05-24 08:19 . 2010-05-24 08:19 576000 c:\windows\Installer\688285.msi
+ 2010-04-17 16:44 . 2010-04-17 16:44 791552 c:\windows\Installer\6746c78.msi
+ 2010-04-15 10:05 . 2010-04-15 10:05 295606 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
+ 2010-04-17 16:58 . 2010-04-17 16:58 372736 c:\windows\Installer\{996A2FAA-7514-4628-9D12-A8FC34A0016E}\iTunesIco.exe
+ 2010-03-10 14:54 . 2010-03-12 19:01 102400 c:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe
+ 2010-05-28 01:00 . 2009-03-08 02:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-05-28 01:00 . 2009-05-26 11:40 388984 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2010-05-28 01:00 . 2009-05-26 11:40 234872 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2010-05-28 01:00 . 2009-03-08 02:34 914944 c:\windows\ie8updates\KB980182-IE8\wininet.dll
+ 2010-05-28 01:00 . 2009-05-26 11:40 388984 c:\windows\ie8updates\KB980182-IE8\spuninst\updspapi.dll
+ 2010-05-28 01:00 . 2009-05-26 11:40 234872 c:\windows\ie8updates\KB980182-IE8\spuninst\spuninst.exe
+ 2010-05-28 01:00 . 2009-03-08 02:34 109568 c:\windows\ie8updates\KB980182-IE8\occache.dll
+ 2010-05-28 01:00 . 2009-03-08 02:32 611840 c:\windows\ie8updates\KB980182-IE8\mstime.dll
+ 2010-05-28 01:00 . 2009-03-08 02:32 594432 c:\windows\ie8updates\KB980182-IE8\msfeeds.dll
+ 2010-05-28 01:00 . 2009-03-08 02:33 246784 c:\windows\ie8updates\KB980182-IE8\ieproxy.dll
+ 2010-05-28 01:00 . 2009-03-08 02:31 183808 c:\windows\ie8updates\KB980182-IE8\iepeers.dll
+ 2010-05-28 01:00 . 2009-03-08 12:09 391536 c:\windows\ie8updates\KB980182-IE8\iedkcs32.dll
+ 2010-05-28 01:00 . 2009-03-08 02:32 173056 c:\windows\ie8updates\KB980182-IE8\ie4uinit.exe
+ 2010-05-28 01:01 . 2008-07-08 13:00 388984 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-05-28 01:01 . 2008-07-08 13:00 234872 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-05-28 01:01 . 2009-06-22 06:45 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2010-05-28 01:00 . 2008-07-08 13:00 388984 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2010-05-28 01:00 . 2008-07-08 13:00 234872 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2010-05-28 01:00 . 2009-03-08 02:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2010-05-26 19:02 . 2010-02-26 05:41 672768 c:\windows\ie8\wininet.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 281088 c:\windows\ie8\webcheck.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 851968 c:\windows\ie8\vgx.dll
+ 2010-05-26 19:02 . 2010-03-09 11:09 430080 c:\windows\ie8\vbscript.dll
+ 2010-05-26 19:02 . 2010-02-26 05:41 628736 c:\windows\ie8\urlmon.dll
+ 2010-05-26 19:03 . 2009-01-07 16:20 388640 c:\windows\ie8\spuninst\updspapi.dll
+ 2010-05-26 19:03 . 2009-01-07 16:20 235040 c:\windows\ie8\spuninst\spuninst.exe
+ 2010-05-26 19:02 . 2008-04-14 12:00 532480 c:\windows\ie8\mstime.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 146432 c:\windows\ie8\msrating.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 146432 c:\windows\ie8\msls31.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 449024 c:\windows\ie8\mshtmled.dll
+ 2010-05-26 19:02 . 2009-08-13 15:15 512000 c:\windows\ie8\jscript.dll
+ 2010-05-26 19:02 . 2010-02-26 05:41 251904 c:\windows\ie8\iepeers.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 323584 c:\windows\ie8\iedkcs32.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 237568 c:\windows\ie8\ieakui.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 220672 c:\windows\ie8\ieaksie.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 143360 c:\windows\ie8\ieakeng.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 205312 c:\windows\ie8\dxtrans.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 357888 c:\windows\ie8\dxtmsft.dll
+ 2010-05-26 19:02 . 2008-04-14 12:00 102400 c:\windows\ie8\advpack.dll
+ 2009-12-04 10:02 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-12-27 22:44 . 2010-03-19 16:05 4874240 c:\windows\system32\wmp.dll
- 2008-12-27 22:44 . 2009-07-12 11:21 4874240 c:\windows\system32\wmp.dll
+ 2009-11-27 09:25 . 2009-10-16 00:33 3003680 c:\windows\system32\usbaaplrc.dll
+ 2008-12-27 22:44 . 2010-02-25 06:15 1209344 c:\windows\system32\urlmon.dll
+ 2008-12-27 22:44 . 2010-03-10 04:33 1509888 c:\windows\system32\shdocvw.dll
- 2008-12-27 22:44 . 2009-10-29 05:24 1509888 c:\windows\system32\shdocvw.dll
+ 2008-12-27 22:44 . 2009-11-27 17:11 1297408 c:\windows\system32\quartz.dll
+ 2008-04-14 07:29 . 2010-02-16 19:04 2148864 c:\windows\system32\ntoskrnl.exe
+ 2008-04-14 07:30 . 2010-02-16 19:04 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2008-12-27 22:43 . 2010-02-25 06:15 5944832 c:\windows\system32\mshtml.dll
+ 2010-01-27 01:07 . 2010-01-27 01:07 3884312 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-03-08 02:32 . 2010-02-25 06:15 1985536 c:\windows\system32\iertutil.dll
+ 2009-02-06 19:07 . 2009-02-06 19:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2010-04-17 16:46 . 2009-10-16 00:33 3003680 c:\windows\system32\DRVSTORE\usbaapl_E0F497D6C8B1C 59AEB6422181BF0AFABD8356D47\usbaaplrc.dll
+ 2010-02-11 10:10 . 2010-02-11 10:09 1112288 c:\windows\system32\DRVSTORE\ggsemc_978D03B6E152B3 469C240DF96316F7602BCF0471\x86\WdfCoInstaller01007 .dll
+ 2010-01-19 12:39 . 2009-12-25 17:26 6039584 c:\windows\system32\drivers\RtkHDAud.sys
+ 2010-01-19 12:38 . 2009-11-18 06:17 1395800 c:\windows\system32\drivers\Monfilt.sys
+ 2010-01-19 12:38 . 2009-11-18 06:16 1691480 c:\windows\system32\drivers\Ambfilt.sys
- 2008-12-27 22:44 . 2009-07-12 11:21 4874240 c:\windows\system32\dllcache\wmp.dll
+ 2008-12-27 22:44 . 2010-03-19 16:05 4874240 c:\windows\system32\dllcache\wmp.dll
+ 2008-12-27 22:44 . 2010-02-25 06:15 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-27 22:44 . 2010-03-10 04:33 1509888 c:\windows\system32\dllcache\shdocvw.dll
- 2008-12-27 22:44 . 2009-10-29 05:24 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2008-12-27 22:44 . 2009-11-27 17:11 1297408 c:\windows\system32\dllcache\quartz.dll
+ 2009-08-04 21:56 . 2010-02-17 12:04 2192256 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-12-04 09:48 . 2010-02-16 19:04 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-12-04 09:48 . 2010-02-16 19:04 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-12-04 09:48 . 2010-02-16 19:04 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-12-27 14:57 . 2010-01-29 14:59 1315328 c:\windows\system32\dllcache\msoe.dll
- 2008-12-27 14:57 . 2009-07-10 13:26 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-12-27 22:43 . 2010-02-25 06:15 5944832 c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-27 14:57 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2008-12-27 14:57 . 2008-04-14 12:00 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2008-12-27 22:43 . 2008-04-14 12:00 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2008-12-27 22:43 . 2010-03-10 04:33 1025024 c:\windows\system32\dllcache\browseui.dll
+ 2008-12-27 22:43 . 2010-03-10 04:33 1025024 c:\windows\system32\browseui.dll
- 2008-12-27 22:43 . 2008-04-14 12:00 1025024 c:\windows\system32\browseui.dll
+ 2010-01-19 12:39 . 2009-12-25 17:50 1833504 c:\windows\SkyTel.exe
+ 2010-01-19 12:39 . 2009-12-25 17:50 1489440 c:\windows\RtlUpd.exe
+ 2010-01-19 12:39 . 2009-12-25 17:50 9721888 c:\windows\RTLCPL.EXE
+ 2010-01-19 12:38 . 2009-12-25 17:49 2177568 c:\windows\MicCal.exe
+ 2010-04-17 16:58 . 2010-04-17 16:58 4911104 c:\windows\Installer\6747c14.msi
+ 2010-04-17 16:52 . 2010-04-17 16:52 9472000 c:\windows\Installer\6747478.msi
+ 2010-04-17 16:50 . 2010-04-17 16:50 1554944 c:\windows\Installer\67471c5.msi
+ 2010-04-17 16:47 . 2010-04-17 16:47 3165184 c:\windows\Installer\6746cc0.msi
+ 2010-04-17 16:46 . 2010-04-17 16:46 1984000 c:\windows\Installer\6746c84.msi
+ 2010-01-25 15:51 . 2010-01-25 15:51 3392512 c:\windows\Installer\1c3f9ba.msi
+ 2010-04-29 17:19 . 2010-04-29 17:19 2644992 c:\windows\Installer\1bcb385.msi
+ 2010-04-15 10:05 . 2010-04-15 10:05 4192256 c:\windows\Installer\1b3d56.msi
+ 2010-03-12 19:01 . 2010-03-12 19:01 1847808 c:\windows\Installer\15c79136.msi
+ 2010-05-28 01:00 . 2009-03-08 02:34 1206784 c:\windows\ie8updates\KB980182-IE8\urlmon.dll
+ 2010-05-28 01:00 . 2009-03-08 02:41 5937152 c:\windows\ie8updates\KB980182-IE8\mshtml.dll
+ 2010-05-28 01:00 . 2009-03-08 02:32 1985024 c:\windows\ie8updates\KB980182-IE8\iertutil.dll
+ 2010-05-26 19:02 . 2010-02-26 05:41 3094016 c:\windows\ie8\mshtml.dll
+ 2009-08-04 21:56 . 2010-02-17 12:04 2192256 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-12-04 09:48 . 2010-02-16 19:04 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-12-04 09:48 . 2010-02-16 19:04 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-12-04 09:48 . 2010-02-16 19:04 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-01-19 12:38 . 2009-12-25 17:49 2815520 c:\windows\ALCWZRD.EXE
+ 2010-05-26 19:04 . 2010-04-30 09:51 32058312 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2010-02-25 09:45 11070976 c:\windows\system32\ieframe.dll
+ 2010-02-25 09:45 . 2010-02-25 09:45 11070976 c:\windows\system32\dllcache\ieframe.dll
+ 2010-01-19 12:38 . 2009-12-25 17:50 18789408 c:\windows\RTHDCPL.EXE
+ 2010-01-21 07:17 . 2010-01-21 07:17 15710720 c:\windows\Installer\1de4c.msp
+ 2010-05-28 01:00 . 2009-03-08 02:39 11063808 c:\windows\ie8updates\KB980182-IE8\ieframe.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\programme\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-08-10 14:06 91576 ----a-w- c:\programme\BearShareTb\BearShareDx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2010-01-08 01:17 700416 ----a-w- c:\programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 15:50 1197448 ----a-w- c:\programme\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\programme\BearShareTb\BearShareDx.dll" [2009-08-10 91576]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"MsnMsgr"="c:\programme\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"NBJ"="c:\dokumente und einstellungen\Armin & Sabine\Eigene Dateien\Armin\Nero BackItUp\NBJ.exe" [2004-09-07 1871872]
"SpybotSD TeaTimer"="c:\programme\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2007-12-19 131072]
"ISUSPM Startup"="c:\progra~1\GEMEIN~1\INSTAL~1\UPDATE~1\i suspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe " [2007-01-29 30248]
"IndexSearch"="c:\programme\ScanSoft\PaperPort\Ind exSearch.exe" [2007-01-29 46632]
"PPort11reminder"="c:\programme\ScanSoft\PaperPort \Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\programme\Brother\Brmfcmon\BrMfcWnd .exe" [2007-03-12 663552]
"ControlCenter3"="c:\programme\Brother\ControlCent er3\brctrcen.exe" [2007-01-26 65536]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.e xe" [2001-07-09 155648]
"RTHDCPL"="RTHDCPL.EXE" [2009-12-25 18789408]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.e xe" [2010-03-25 142120]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\dokumente und einstellungen\All Users\Startmen�\Programme\Autostart\
msiBacklight.exe.lnk - c:\programme\msi\msiBacklight\msiBacklight.exe [2009-1-12 188495]

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programme\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programme\\BearShare Applications\\BearShare\\BearShare.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Opera\\opera.exe"=

R2 Application Updater;Application Updater;c:\programme\Application Updater\ApplicationUpdater.exe [08.01.2010 00:51 380928]
R2 cvhsvc;Client Virtualization Handler;c:\programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [26.09.2009 08:35 819600]
R2 io.sys;IO.DLL Driver;c:\windows\system32\drivers\io.sys [12.01.2009 15:37 5152]
R2 sftlist;Application Virtualization Client;c:\programme\Microsoft Application Virtualization Client\sftlist.exe [23.09.2009 16:04 447832]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [11.02.2010 12:09 27632]
R3 sftfs;sftfs;c:\programme\Microsoft Application Virtualization Client\drivers\SftFSXP.sys [23.09.2009 16:04 543064]
R3 sftplay;sftplay;c:\programme\Microsoft Application Virtualization Client\drivers\sftplayxp.sys [23.09.2009 16:04 190312]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftr edirxp.sys [23.09.2009 16:05 21864]
R3 sftvol;sftvol;c:\programme\Microsoft Application Virtualization Client\drivers\SftVolXP.sys [23.09.2009 16:04 14680]
R3 sftvsa;Application Virtualization Service Agent;c:\programme\Microsoft Application Virtualization Client\sftvsa.exe [23.09.2009 16:04 203608]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfil t.sys [19.01.2010 14:38 1691480]
S3 EraserUtilDrv10910;EraserUtilDrv10910;\??\c:\progr amme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrv10910.sys --> c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrv10910.sys [?]
S3 MSILiveVirtualCamera;MSI Live Virtual Camera;c:\windows\system32\drivers\MSILiveVirtualC amera.sys [29.01.2007 08:40 449408]
S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [26.09.2009 05:28 4639136]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [02.01.2009 14:50 156160]
.
Inhalt des "geplante Tasks" Ordners

2010-05-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

2010-05-31 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programme\Ask.com\UpdateTask.exe [2010-02-04 15:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.yahoo.de/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\programme\Windows Live Toolbar\msntb.dll/search.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {3CA97BBC-5ADB-4485-B72E-EA4A76E184CE} = 192.168.0.1
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - ProfilePath - c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\dp 3jnb8r.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.bearshare.com/
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p=
FF - prefs.js: network.proxy.type - 2
FF - component: c:\programme\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll
FF - component: c:\programme\pdfforge Toolbar\SSFF\components\SearchSettingsFF.dll
FF - plugin: c:\progra~1\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\programme\Java\jre6\bin\new_plugin\npdeployJava 1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_every where__temporarily_available_pref", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_bro ken", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - c:\programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
BHO-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
HKCU-Run-Inxms - c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Adobe\Update\morimg.exe
HKCU-Run-Msinx - c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Adobe\Update\getset.dat
HKCU-Run-Getdo - c:\dokumente und einstellungen\Armin & Sabine\Anwendungsdaten\Adobe\Update\flacor.dat
HKLM-Run-avgnt - c:\programme\Avira\AntiVir Desktop\avgnt.exe
HKLM-Run-Q-Face agent - c:\programme\MSI\MSI Q-Face\webtest.exe
AddRemove-Free YouTube to MP3 Converter_is1 - c:\programme\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe



************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-05-31 20:55
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

************************************************** ************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'explorer.exe'(2920)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\programme\Brother\ControlCenter3\brccMCtl.exe
c:\programme\Brother\Brmfcmon\BrMfcmon.exe
c:\programme\iPod\bin\iPodService.exe
.
************************************************** ************************
.
Zeit der Fertigstellung: 2010-05-31 21:01:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2010-05-31 19:01
ComboFix2.txt 2010-01-18 11:54

Vor Suchlauf: 1.803.382.784 Bytes frei
Nach Suchlauf: 1.839.489.024 Bytes frei

- - End Of File - - B7BADF4A4F3A174F0F261F0F0A68977E

c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\programme\Brother\ControlCenter3\brccMCtl.exe
c:\programme\Brother\Brmfcmon\BrMfcmon.exe
c:\programme\iPod\bin\iPodService.exe
.
************************************************** ************************