Virus?? Brauche Hilfe!

[Mc Kniffizen]

Ein Fenster mit folgendem Text:

Your system is infected with dangerous virus.
Note: strongly recommend to install antispyware program to clean your system and avoid total crash of your computer!
Click OK to download the antispyware (Recommended)

kommt irgendwie immer in gewissen Abständen, manchmal auch mehrmals hintereinander, egal ob ich online bin oder nicht!!

Wenn ich auf OK klicke, dann kommt so ne komische exe-Datei, was Norton Antivirus aber gleich abblockt! Kommt wenn ich irgendwas anklicke. Die Datei die man runterladen soll heißt ieav.exe
Ein Virus? Lasse gerade Kaspersky drüberlaufen, Bericht kommt später.
Hier der erste Bericht von Kaspersky:
------------------------------------------------------------------------------
PROTOKOLL FÜR KASPERSKY ONLINE SCANNER
Montag, 12. Mai 2008 23:00:15
Betriebssystem: Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Version von Kaspersky Online Scanner: 5.0.98.1
Letztes Update der Antiviren-Datenbanken: 12/05/2008
Anzahl der Einträge in den Antiviren-Datenbanken: 765113
-------------------------------------------------------------------------------

Scan-Einstellungen:
Folgende Antiviren-Datenbanken zur Untersuchung verwenden: Erweiterte
Archive untersuchen: ja
Mail-Datenbanken untersuchen: ja

Untersuchungsobjekt - Kritische Objekte:
C:\WINDOWS
C:\DOKUME~1\ZUHAUS~1\LOKALE~1\Temp\

Untersuchungsergebnisse:
Untersuchte Objekte insgesamt: 27650
Viren gefunden: 0
Infizierte Objekte gefunden: 0
Verdächtige Objekte gefunden: 0
Untersuchungszeit: 00:22:33

Name des infizierten Objekts / Virusname / Letzte Aktion
C:\WINDOWS\Debug\PASSWD.LOG Das Objekt ist gesperrt übersprungen
C:\WINDOWS\SchedLgU.Txt Das Objekt ist gesperrt übersprungen
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Das Objekt ist gesperrt übersprungen
C:\WINDOWS\Sti_Trace.log Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\CatRoot2\edb.log Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\CatRoot2\tmp.edb Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\AppEvent.Evt Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\default Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\default.LOG Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\Internet.evt Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\ODiag.evt Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\OSession.evt Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\SAM Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\SAM.LOG Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\SecEvent.Evt Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\SECURITY Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\SECURITY.LOG Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\software Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\software.LOG Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\SysEvent.Evt Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\system Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\config\system.LOG Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\drivers\sptd.sys Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\h323log.txt Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Das Objekt ist gesperrt übersprungen
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Das Objekt ist gesperrt übersprungen
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt Das Objekt ist gesperrt übersprungen
C:\WINDOWS\Temp\JET9923.tmp Das Objekt ist gesperrt übersprungen
C:\WINDOWS\Temp\sqlite_CqW6Pjqh92aRWFx Das Objekt ist gesperrt übersprungen
C:\WINDOWS\wiadebug.log Das Objekt ist gesperrt übersprungen
C:\WINDOWS\wiaservc.log Das Objekt ist gesperrt übersprungen
C:\WINDOWS\WindowsUpdate.log Das Objekt ist gesperrt übersprungen
C:\DOKUME~1\ZUHAUS~1\LOKALE~1\Temp\Perflib_Perfdata_e98.dat Das Objekt ist gesperrt übersprungen

[Nikita]

Hallo Mc Kniffizen

1. wende ccleaner an + lösche die temp-Dateien
http://virus-protect.org/ccleaner.html

2. wende smitfraudfix an (Option 2) + poste den report
http://virus-protect.org/artikel/tools/ ... utfix.html

3. wende rvaxo an + oposte den report
http://virus-protect.org/artikel/tools/rvaxo.html

4. wende combofix an (Warnmeldung bitte ewegklicken) + poste den Report
http://virus-protect.org/artikel/tools/combofix.html

[Mc Kniffizen]

Hier der Bericht von Smaudfix:
mitFraudFix v2.320

Scan done at 23:33:31,03, 12.05.2008
Run from C:\Dokumente und Einstellungen\Zu Hause\Eigene Dateien\E-Mail\Mario\NEU\Virenbekämpfung\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
Error while deleting C:\WINDOWS\iebho.dll.


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139-Familie-PCI-Fast Ethernet-NIC - Paketplaner-Miniport
DNS Server Search Order: 192.168.2.1

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 217.237.150.51
DNS Server Search Order: 217.237.148.22

HKLM\SYSTEM\CCS\Services\Tcpip\..\{31602674-FA0B-4C19-AE73-9799D5F20530}: NameServer=217.237.150.51 217.237.148.22
HKLM\SYSTEM\CCS\Services\Tcpip\..\{4D28D15E-8A31-4560-9D19-DFB48C9DD9DD}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{31602674-FA0B-4C19-AE73-9799D5F20530}: NameServer=217.237.150.51 217.237.148.22
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4D28D15E-8A31-4560-9D19-DFB48C9DD9DD}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{4D28D15E-8A31-4560-9D19-DFB48C9DD9DD}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4D28D15E-8A31-4560-9D19-DFB48C9DD9DD}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"="kdnyd.exe"

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Reboot

C:\WINDOWS\system32\kdnyd.exe Deleted

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» End

Von RVaxo:
--RVAXO.exe Updated: 2008-05-10---first run---
Uninstallers:

Files found:

Folders Found:

Hosts-file was reset, If you use a custom hosts file please replace it...

--------------RVAXO.exe last run---------------
Not deleted items:

--------------RVAXO.exe finished----------------

und von Combofix:
ComboFix 08-05-11.1 - Zu Hause 2008-05-12 23:56:05.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1031.18.1447 [GMT 2:00]
ausgeführt von:: C:\Dokumente und Einstellungen\Zu Hause\Eigene Dateien\E-Mail\Mario\NEU\Virenbekämpfung\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\smp.bat
C:\WINDOWS\Downloaded Program Files\setup.inf

.
((((((((((((((((((((((( Dateien erstellt von 2008-04-12 bis 2008-05-12 ))))))))))))))))))))))))))))))
.

2008-05-12 23:56 . 2008-05-12 23:56 6,736 --a------ C:\WINDOWS\system32\drivers\PROCEXP90.SYS
2008-05-12 23:49 . 2008-05-12 23:50 <DIR> d-------- C:\RVAXO
2008-05-12 23:45 . 2008-05-10 12:18 818,420 --a------ C:\WINDOWS\system32\RVAXO.bat
2008-05-12 23:45 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\system32\remove.exe
2008-05-12 23:24 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-05-12 23:24 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-05-12 23:24 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-05-12 23:16 . 2008-05-12 23:16 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Yahoo! Companion
2008-05-12 23:15 . 2008-05-12 23:15 <DIR> d-------- C:\Programme\Yahoo!
2008-05-12 13:52 . 2008-05-12 13:52 212,480 --a------ C:\WINDOWS\iebho.dll
2008-05-04 12:11 . 2008-05-04 12:17 <DIR> d-------- C:\Programme\Sun
2008-05-03 00:25 . 2008-04-14 07:52 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-05-03 00:25 . 2008-04-14 07:52 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll
2008-05-03 00:25 . 2008-04-14 07:27 93,184 --------- C:\WINDOWS\system32\msxml6r.dll
2008-05-03 00:25 . 2008-04-14 07:27 93,184 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll
2008-05-03 00:21 . 2008-05-03 00:25 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-05-03 00:17 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\002838_.tmp
2008-05-03 00:12 . 2008-05-03 00:12 <DIR> d-------- C:\WINDOWS\EHome
2008-04-14 07:53 . 2008-04-14 07:53 20,992 --------- C:\WINDOWS\system32\spupdwxp.exe
2008-04-14 07:53 . 2008-04-14 07:53 7,680 --a------ C:\WINDOWS\system32\spdwnwxp.exe
2008-04-14 07:52 . 2008-04-14 07:52 20,992 --------- C:\WINDOWS\system32\faxpatch.exe
2008-04-14 07:33 . 2008-04-14 07:33 2,524 --------- C:\WINDOWS\system32\pid.inf

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-12 21:58 --------- d-----w C:\Programme\Gemeinsame Dateien\Symantec Shared
2008-05-12 21:35 4,590 ----a-w C:\WINDOWS\system32\tmp.reg
2008-05-12 20:02 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec
2008-05-06 07:00 --------- d-----w C:\Programme\TuneUp Utilities 2006
2008-05-04 10:11 --------- d-----w C:\Programme\Java
2008-04-14 06:06 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 05:55 333,312 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 05:52 99,840 ----a-w C:\WINDOWS\system32\loadperf.dll
2008-04-14 05:51 762,368 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-14 05:51 76,288 ----a-w C:\WINDOWS\system32\uniime.dll
2008-04-14 05:51 731,648 ----a-w C:\WINDOWS\system32\ntdll.dll
2008-04-14 05:51 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 05:51 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-14 05:51 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 05:32 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 05:32 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 05:32 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 05:32 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 05:30 2,026,496 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 05:29 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 05:29 2,147,840 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 05:28 800,384 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 05:28 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 05:28 154,112 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 05:28 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-14 05:27 40,448 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 05:26 81,408 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 05:26 51,712 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 05:26 40,832 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 05:25 65,536 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 05:25 572,928 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 05:25 52,992 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 05:24 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 05:24 10,752 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 05:23 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 05:22 68,096 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 05:22 57,728 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 05:22 53,760 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 05:22 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 05:22 273,920 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 05:21 701,952 ------w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-04-14 05:21 39,936 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 05:21 327,168 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-04-14 05:20 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 05:20 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 05:20 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 05:19 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 05:19 23,552 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 05:19 188,800 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 22:58 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 22:51 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 22:50 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 22:50 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 22:50 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 22:49 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 22:49 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 22:49 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 22:49 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 22:47 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 22:47 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 22:47 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 22:46 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 22:45 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 22:45 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 22:44 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 22:44 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 22:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 22:30 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 22:27 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 22:27 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 22:27 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 22:27 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 22:27 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 22:27 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 22:27 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 22:26 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 22:26 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 22:26 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 22:26 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 22:26 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 22:26 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 22:26 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 22:26 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 22:26 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 22:26 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 22:25 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 22:24 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 22:23 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 22:23 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 22:23 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 22:23 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 22:21 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 22:21 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 22:21 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
2008-04-13 22:21 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
2008-04-13 22:21 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys
2008-04-13 22:17 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-13 22:15 6,272 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
2008-04-13 22:15 36,864 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys
2008-04-13 22:15 32,128 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys
2005-10-09 10:25 8 --sh--r C:\WINDOWS\system32\A3DA537E26.sys
2005-10-09 10:25 4,704 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2004-08-04 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
2004-08-04 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-17_19.03.18.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-10-14 18:34:38 8,704 ----a-w C:\WINDOWS\$hf_mig$\KB890175\spmsg.dll
+ 2004-10-14 18:36:07 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB890175\spuninst.exe
+ 2004-10-14 18:36:06 21,504 ----a-w C:\WINDOWS\$hf_mig$\KB890175\update\spcustom.dll
+ 2004-10-14 18:21:49 663,552 ----a-w C:\WINDOWS\$hf_mig$\KB890175\update\update.exe
+ 2007-10-29 22:35:36 1,293,312 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
+ 2008-03-20 07:56:37 1,846,016 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
+ 2007-10-10 23:20:34 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
+ 2007-10-10 23:20:34 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
+ 2007-10-10 23:20:34 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
+ 2007-10-10 23:20:34 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
+ 2007-10-10 08:16:47 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2007-10-10 23:20:34 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
+ 2007-10-10 23:20:34 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
+ 2007-10-10 05:47:20 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
+ 2007-10-10 23:20:34 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
+ 2007-10-10 23:20:35 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
+ 2007-10-10 23:20:37 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
+ 2007-10-10 23:20:37 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
+ 2007-10-10 23:20:37 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
+ 2007-10-10 08:16:47 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2007-10-10 08:16:56 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2007-10-10 23:20:37 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
+ 2007-10-10 23:20:37 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
+ 2007-10-10 23:20:37 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
+ 2007-10-30 23:39:03 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
+ 2007-10-10 23:20:40 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
+ 2007-10-10 23:20:40 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
+ 2007-10-10 23:20:41 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
+ 2007-10-10 23:20:41 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
+ 2007-10-10 23:20:41 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
+ 2007-10-10 23:20:41 1,162,240 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
+ 2007-10-10 23:20:42 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
+ 2007-10-10 23:20:42 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:14:08 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:14:13 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:14:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
+ 2007-06-30 18:44:13 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
+ 2007-06-30 20:21:41 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-12-04 18:29:30 551,936 ----a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
+ 2007-11-07 09:49:17 734,720 ----a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
+ 2007-12-07 01:41:41 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
+ 2007-12-19 22:18:03 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
+ 2007-12-07 01:41:42 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
+ 2007-12-07 01:41:42 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
+ 2007-12-07 01:41:42 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
+ 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2007-12-07 01:41:42 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
+ 2007-12-07 01:41:42 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
+ 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
+ 2007-12-07 01:41:42 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
+ 2007-12-07 01:41:42 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
+ 2007-12-07 01:41:44 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
+ 2007-12-07 01:41:44 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
+ 2007-12-07 01:41:44 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
+ 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2007-12-07 01:41:44 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
+ 2007-12-07 01:41:44 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
+ 2007-12-07 01:41:44 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
+ 2007-12-07 01:41:46 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
+ 2007-12-07 01:41:47 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
+ 2007-12-07 01:41:47 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
+ 2007-12-07 01:41:47 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
+ 2007-12-07 01:41:47 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
+ 2008-01-11 05:49:55 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
+ 2007-12-07 01:41:48 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
+ 2007-12-07 01:41:48 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
+ 2007-12-07 01:41:48 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
+ 2007-12-07 01:41:49 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:14:08 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
+ 2007-03-06 01:14:13 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
+ 2007-03-06 01:14:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
+ 2007-11-13 08:47:44 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
+ 2008-02-20 05:20:09 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
+ 2008-02-20 18:50:10 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
+ 2007-12-18 09:38:59 179,712 ----a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
+ 2008-03-01 12:33:31 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
+ 2008-03-01 12:33:31 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
+ 2008-03-01 12:33:31 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
+ 2008-03-01 12:33:31 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
+ 2008-03-01 12:33:31 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
+ 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2008-03-01 12:33:32 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
+ 2008-03-01 12:33:32 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
+ 2008-03-01 12:33:32 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
+ 2008-03-01 12:33:32 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
+ 2008-03-01 12:33:34 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
+ 2008-03-01 12:33:34 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
+ 2008-03-01 12:33:35 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
+ 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2008-03-01 12:33:35 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
+ 2008-03-01 12:33:36 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
+ 2008-03-01 12:33:36 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
+ 2008-03-01 12:33:37 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
+ 2008-03-01 12:33:37 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
+ 2008-03-01 12:33:38 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
+ 2008-03-01 12:33:38 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
+ 2008-03-01 12:33:38 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
+ 2008-03-01 12:33:38 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
+ 2008-03-01 12:33:38 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
+ 2008-03-01 12:33:41 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
+ 2008-03-01 12:33:41 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
+ 2008-03-01 12:33:41 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:14:08 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
+ 2007-03-06 01:14:13 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
+ 2007-03-06 01:14:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
+ 2008-02-20 06:52:36 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
+ 2007-03-06 01:14:12 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
+ 2007-03-06 01:14:17 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
+ 2007-03-06 01:14:11 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
+ 2007-03-06 01:14:35 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
+ 2007-03-06 01:15:25 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
+ 2007-03-06 01:14:08 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
+ 2007-03-06 01:14:13 217,312 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
+ 2007-03-06 01:14:07 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
+ 2007-03-06 01:14:30 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
+ 2007-03-06 01:15:22 377,568 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
+ 2005-08-30 03:55:35 1,292,800 -c----w C:\WINDOWS\$NtUninstallKB941568$\quartz.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB941568$\spuninst\updspapi.dll
+ 2005-06-28 09:23:44 217,312 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe
+ 2005-06-28 09:23:54 371,424 -c----w C:\WINDOWS\$NtUninstallKB941569$\spuninst\updspapi.dll
+ 2006-10-18 19:47:18 222,208 -c----w C:\WINDOWS\$NtUninstallKB941569$\wmasf.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB941644$\spuninst\updspapi.dll
+ 2006-04-20 11:51:50 359,808 -c----w C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB941693$\spuninst\updspapi.dll
+ 2007-03-08 15:32:24 1,843,712 -c----w C:\WINDOWS\$NtUninstallKB941693$\win32k.sys
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB942763$\spuninst\updspapi.dll
+ 2007-07-18 12:42:22 60,416 -c----w C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe
+ 2007-05-17 11:28:50 549,376 -c----w C:\WINDOWS\$NtUninstallKB943055$\oleaut32.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB943055$\spuninst\updspapi.dll
+ 2006-08-17 12:28:44 729,600 -c----w C:\WINDOWS\$NtUninstallKB943485$\lsasrv.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB943485$\spuninst\updspapi.dll
+ 2006-05-30 13:32:29 163,644 -c----w C:\WINDOWS\$NtUninstallKB944653$\secdrv.sys
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB944653$\spuninst\updspapi.dll
+ 2006-06-26 17:40:34 148,480 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsapi.dll
+ 2004-08-04 12:00:00 45,568 -c----w C:\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB945553$\spuninst\updspapi.dll
+ 2004-08-04 12:00:00 181,248 -c----w C:\WINDOWS\$NtUninstallKB946026$\mrxdav.sys
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB946026$\spuninst\updspapi.dll
+ 2007-06-19 13:31:19 282,112 -c----w C:\WINDOWS\$NtUninstallKB948590$\gdi32.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\$NtUninstallKB948590$\spuninst\updspapi.dll
+ 2007-03-06 01:14:13 217,312 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe
+ 2007-03-06 01:15:22 377,568 -c----w C:\WINDOWS\$NtUninstallKB948881$\spuninst\updspapi.dll
- 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-04-14 05:52:08 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll
- 2004-08-04 12:00:00 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
+ 2008-04-14 05:52:08 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll
- 2004-08-04 12:00:00 450,048 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll
+ 2008-04-14 05:52:08 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll
- 2004-08-04 12:00:00 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll
+ 2008-04-14 05:52:08 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll
- 2004-08-04 12:00:00 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
+ 2008-04-14 05:52:08 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll
- 2004-08-04 12:00:00 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll
+ 2008-04-14 05:52:08 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll
+ 2007-12-10 14:25:01 110,592 ----a-w C:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2007-12-10 14:25:01 4,608 ----a-w C:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2007-12-10 14:25:01 1,215,328 ----a-w C:\WINDOWS\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll
+ 2007-12-10 14:25:01 82,784 ----a-w C:\WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
+ 2007-12-10 14:24:33 80,696 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2007-12-10 14:24:47 1,276,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2007-12-10 14:24:47 150,320 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2007-12-10 14:24:56 17,208 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll
+ 2007-12-10 14:24:47 248,632 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2007-12-10 14:24:47 20,280 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2007-12-10 14:24:47 781,104 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2007-12-10 14:25:01 13,312 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2007-12-10 14:24:47 371,496 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2007-12-10 14:24:47 64,288 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2007-12-10 14:25:01 229,376 ----a-w C:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
+ 2007-12-10 14:25:01 4,096 ----a-w C:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2007-12-10 14:24:47 416,544 ----a-w C:\WINDOWS\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2007-12-10 14:24:33 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2007-12-10 14:24:51 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2007-12-10 14:24:56 12,112 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2007-12-10 14:24:52 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2007-12-10 14:24:58 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2007-12-10 14:24:53 12,080 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2007-12-10 14:24:53 11,544 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2007-12-10 14:25:01 16,384 ----a-w C:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2008-05-12 21:49:23 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2002-07-31 09:10:52 61,440 ------w C:\WINDOWS\Corel\MCSetup.dll
+ 2001-06-19 09:32:48 471,040 ------w C:\WINDOWS\Corel\MSI\swcusten.dll
+ 2007-11-20 14:04:32 1,523,536 ----a-w C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2006-08-29 13:17:22 161,976 ----a-w C:\WINDOWS\Downloaded Program Files\zylomgamesplayer.dll
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
- 2007-06-13 13:21:45 1,036,288 ----a-w C:\WINDOWS\explorer.exe
+ 2008-04-14 05:52:46 1,036,800 ----a-w C:\WINDOWS\explorer.exe
+ 2000-08-31 06:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
- 2004-08-04 12:00:00 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
+ 2008-04-14 05:52:26 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll
- 2004-08-04 12:00:00 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
+ 2008-04-14 05:52:32 33,280 ----a-w C:\WINDOWS\Help\sstub.dll
- 2004-08-04 12:00:00 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
+ 2008-04-14 05:52:32 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll
- 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2008-04-14 05:52:48 10,752 ----a-w C:\WINDOWS\hh.exe
+ 2004-08-04 12:00:00 2,589 ------w C:\WINDOWS\I386\RUNW32.BAT
- 2006-11-17 17:55:08 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2007-09-26 16:06:42 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-11-07 02:26:24 123,904 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2006-10-17 10:57:50 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2006-11-07 20:03:36 131,584 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2006-10-17 10:58:20 61,952 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2006-11-07 02:26:28 54,784 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2006-11-07 02:26:56 152,064 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2006-11-07 02:27:02 229,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2006-11-07 02:25:14 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2006-09-05 22:01:26 2,451,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dat
+ 2006-10-17 10:27:56 380,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2006-11-07 02:27:10 382,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2006-11-07 20:03:36 6,049,280 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2006-11-07 02:26:28 43,008 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2006-10-17 10:57:20 266,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2006-11-07 02:26:32 13,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2006-10-17 11:04:40 622,080 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2006-11-07 20:03:36 27,136 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2006-11-07 20:03:36 458,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2006-11-07 20:03:36 50,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2006-11-07 20:03:36 3,577,856 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2006-11-07 20:03:36 475,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2006-10-17 11:05:10 192,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2006-11-07 20:03:36 670,720 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2006-10-17 11:04:46 101,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:14:11 22,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spcustom.dll
+ 2007-03-06 01:14:12 15,584 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spmsg.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst.exe
+ 2007-03-06 01:14:13 217,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-06-30 20:21:41 377,568 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-03-06 01:14:35 725,728 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\update.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\updspapi.dll
+ 2006-10-17 11:05:22 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2006-11-07 20:03:36 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2006-11-07 20:03:36 231,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2006-11-07 20:03:36 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
+ 2007-10-10 23:46:47 124,928 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\advpack.dll
+ 2007-08-13 17:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtmsft.dll
+ 2007-10-10 23:46:47 214,528 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\dxtrans.dll
+ 2007-10-10 23:46:47 132,608 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\extmgr.dll
+ 2007-10-10 23:46:47 63,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\icardie.dll
+ 2007-10-10 10:59:01 70,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2007-10-10 23:46:47 153,088 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakeng.dll
+ 2007-10-10 23:46:47 230,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieaksie.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieakui.dll
+ 2007-10-10 23:46:47 383,488 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieapfltr.dll
+ 2007-10-10 23:46:47 384,512 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll
+ 2007-10-10 23:46:49 6,065,664 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieframe.dll
+ 2007-10-10 23:46:49 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iernonce.dll
+ 2007-10-10 23:46:49 267,776 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe
+ 2007-10-10 10:59:13 625,152 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe
+ 2007-10-10 23:46:49 27,648 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\jsproxy.dll
+ 2007-10-10 23:46:49 459,264 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeeds.dll
+ 2007-10-10 23:46:49 52,224 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msfeedsbs.dll
+ 2007-10-30 23:19:46 3,590,656 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtml.dll
+ 2007-10-10 23:46:50 478,208 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mshtmled.dll
+ 2007-10-10 23:46:50 193,024 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll
+ 2007-10-10 23:46:51 671,232 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\mstime.dll
+ 2007-10-10 23:46:51 102,400 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\occache.dll
+ 2007-08-13 17:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\pngfilt.dll
+ 2007-03-06 01:14:17 217,312 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\updspapi.dll
+ 2007-10-10 23:46:51 105,984 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\url.dll
+ 2007-10-10 23:46:52 1,159,680 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\urlmon.dll
+ 2007-10-10 23:46:52 232,960 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\webcheck.dll
+ 2007-10-10 23:46:52 824,832 -c----w C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
+ 2007-12-07 02:04:44 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
+ 2007-12-19 22:48:07 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
+ 2007-12-07 02:04:44 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
+ 2007-12-07 02:04:44 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
+ 2007-12-07 02:04:44 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
+ 2007-12-06 11:00:26 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2007-12-07 02:04:44 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
+ 2007-12-07 02:04:44 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
+ 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
+ 2007-10-10 23:46:47 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
+ 2007-12-07 02:04:45 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
+ 2007-12-07 02:04:46 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
+ 2007-12-07 02:04:46 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
+ 2007-12-07 02:04:46 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
+ 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
+ 2007-12-06 11:00:51 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
+ 2007-12-07 02:04:47 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
+ 2007-12-07 02:04:47 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
+ 2007-12-07 02:04:47 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
+ 2007-12-08 09:34:50 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
+ 2007-12-07 02:04:48 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
+ 2007-12-07 02:04:48 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
+ 2007-12-07 02:04:49 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
+ 2007-12-07 02:04:49 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
+ 2008-01-11 05:32:59 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
+ 2007-03-06 01:14:13 217,312 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:15:25 377,568 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
+ 2007-12-07 02:04:49 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
+ 2007-12-07 02:04:49 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
+ 2007-12-07 02:04:49 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
+ 2007-12-07 02:04:49 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
- 2004-08-04 12:00:00 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSA.DLL
+ 2008-04-14 05:51:18 175,104 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsa.dll
- 2004-08-04 12:00:00 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\PINTLCSD.DLL
+ 2008-04-14 05:51:18 53,760 ----a-w C:\WINDOWS\ime\chsime\applets\pintlcsd.dll
- 2004-08-04 12:00:00 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTMBX.DLL
+ 2008-04-14 05:50:20 97,792 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtmbx.dll
- 2004-08-04 12:00:00 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKDIC.DLL
+ 2008-04-14 05:50:20 56,320 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskdic.dll
- 2004-08-04 12:00:00 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\CHTSKF.DLL
+ 2008-04-14 05:50:20 173,568 ----a-w C:\WINDOWS\ime\CHTIME\Applets\chtskf.dll
- 2004-08-04 12:00:00 13,463,552 ----a-w C:\WINDOWS\ime\imjp8_1\applets\hwxjpn.dll
+ 2008-04-14 05:50:42 13,463,552 ----a-w C:\WINDOWS\ime\imjp8_1\applets\hwxjpn.dll
- 2004-08-04 12:00:00 315,452 ----a-w C:\WINDOWS\ime\imjp8_1\applets\imskf.dll
+ 2008-04-14 05:50:46 315,455 ----a-w C:\WINDOWS\ime\imjp8_1\applets\imskf.dll
- 2004-08-04 12:00:00 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll
+ 2008-04-14 05:51:40 426,041 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicepad.dll
- 2004-08-04 12:00:00 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll
+ 2008-04-14 05:51:40 86,073 ----a-w C:\WINDOWS\ime\imjp8_1\applets\voicesub.dll
- 2004-08-04 12:00:00 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll
+ 2008-04-14 05:50:46 368,696 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcic.dll
- 2004-08-04 12:00:00 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll
+ 2008-04-14 05:50:46 716,856 ----a-w C:\WINDOWS\ime\imjp8_1\imjpcus.dll
- 2004-08-04 12:00:00 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll
+ 2008-04-14 05:50:46 81,976 ----a-w C:\WINDOWS\ime\imjp8_1\imjpdct.dll
- 2004-08-04 12:00:00 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll
+ 2008-04-14 05:50:46 274,489 ----a-w C:\WINDOWS\ime\imjp8_1\imjputyc.dll
- 2004-08-04 12:00:00 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll
+ 2008-04-14 05:50:44 86,016 ----a-w C:\WINDOWS\ime\imkr6_1\applets\imekrmbx.dll
- 2004-08-04 12:00:00 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll
+ 2008-04-14 05:50:44 106,496 ----a-w C:\WINDOWS\ime\imkr6_1\imekrcic.dll
- 2004-08-04 12:00:00 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
+ 2008-04-14 05:52:18 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll
- 2004-08-04 12:00:00 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll
+ 2008-04-14 05:50:46 102,456 ----a-w C:\WINDOWS\ime\shared\imlang.dll
- 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\ime\shared\res\PADRS404.DLL
+ 2008-04-14 05:51:18 15,872 ----a-w C:\WINDOWS\ime\shared\res\padrs404.dll
- 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll
+ 2008-04-14 05:51:18 15,360 ----a-w C:\WINDOWS\ime\shared\res\padrs804.dll
- 2004-08-04 12:00:00 130,048 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL
+ 2008-04-14 05:52:26 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll
- 2004-08-04 12:00:00 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll
+ 2008-04-13 20:13:20 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll
- 2004-08-04 12:00:00 272,384 ----a-w C:\WINDOWS\ime\SPTIP.dll
+ 2008-04-14 05:52:32 272,384 ----a-w C:\WINDOWS\ime\sptip.dll
+ 2006-10-26 18:48:14 434,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\DWTRIG20.EXE
+ 2006-10-27 14:07:36 17,891,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2006-10-27 14:26:40 16,870,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-26 19:42:36 8,423,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-26 22:00:12 1,841,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\VVIEWDWG.DLL
+ 2006-10-27 14:11:38 4,235,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\WRD12CNV.DLL
+ 2006-10-27 14:11:36 21,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\WRD12EXE.EXE
+ 2006-10-27 14:23:08 17,483,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-26 20:13:08 14,674,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2006-10-26 20:17:08 11,072 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2007-08-23 20:35:32 243,064 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\FF26F08EC3D591A4489079122F292860\3.4.0\AluSchedulerSvc.exe
+ 2008-01-11 15:39:54 65,536 ----a-r C:\WINDOWS\Installer\{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}\ARPPRODUCTICON.exe
+ 2008-01-11 15:39:54 61,440 ----a-r C:\WINDOWS\Installer\{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}\CorelCapture11.exe
+ 2008-01-11 15:39:54 61,440 ----a-r C:\WINDOWS\Installer\{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}\CorelDRAW11.exe
+ 2008-01-11 15:39:54 61,440 ----a-r C:\WINDOWS\Installer\{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}\CorelPP11_1.exe
+ 2008-01-11 15:39:54 61,440 ----a-r C:\WINDOWS\Installer\{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}\CorelRAVE2.exe
+ 2008-01-11 15:39:54 61,440 ----a-r C:\WINDOWS\Installer\{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}\CorelTRACE11.exe
+ 2008-01-11 15:39:54 61,440 ----a-r C:\WINDOWS\Installer\{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}\DuplexWizard.exe
+ 2008-01-11 15:39:54 49,152 ----a-r C:\WINDOWS\Installer\{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}\FontNav_1.exe
+ 2008-01-11 15:39:54 61,440 ----a-r C:\WINDOWS\Installer\{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}\SBProfiler.exe
+ 2007-12-10 14:28:20 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0407-0000-0000000FF1CE}\misc.exe
+ 2005-11-18 15:27:49 2,560 ----a-r C:\WINDOWS\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2008-04-09 00:26:58 20,240 ----a-r C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-04-09 00:26:57 184,080 ----a-r C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-04-09 00:26:58 217,864 ----a-r C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
+ 2008-04-09 00:26:58 18,704 ----a-r C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-04-09 00:26:58 35,088 ----a-r C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-04-09 00:26:58 922,384 ----a-r C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-04-09 00:26:58 888,080 ----a-r C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-04-09 00:26:57 1,172,240 ----a-r C:\WINDOWS\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-02-14 22:24:24 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-A81200000003}\SC_Reader.exe
+ 2007-11-24 10:16:10 7,406 ----a-r C:\WINDOWS\Installer\{E80F62FF-5D3C-4A19-8409-9721F2928206}\IconE80F62FF.exe
+ 2008-01-18 18:43:10 2,247 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscdsbl.bat
+ 2007-12-12 14:03:52 18,917 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscinst.vbs
+ 2007-10-30 13:36:48 13,801 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscuinst.vbs
+ 2008-04-14 05:51:58 25,600 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscupdc.dll
- 2000-05-18 14:26:06 328,704 ----a-w C:\WINDOWS\IsUn0407.exe
+ 1998-11-17 10:44:44 328,704 ----a-w C:\WINDOWS\IsUn0407.exe
- 2004-08-04 12:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
+ 2008-04-14 05:52:08 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll
- 2004-08-04 12:00:00 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
+ 2008-04-14 05:52:08 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll
- 2006-10-12 13:54:21 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
+ 2008-04-14 05:52:08 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll
- 2007-03-09 14:00:40 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
+ 2008-04-14 05:52:08 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll
- 2004-08-04 12:00:00 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
+ 2008-04-14 05:52:08 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll
- 2004-08-04 12:00:00 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
+ 2008-04-14 05:52:08 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll
- 2004-08-04 12:00:00 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
+ 2008-04-14 05:52:08 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll
- 2006-10-12 11:54:07 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
+ 2008-04-14 05:52:36 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2004-08-04 12:00:00 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
+ 2008-04-14 05:52:08 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0404.dll
+ 2007-04-02 21:56:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0404.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
+ 2007-04-02 21:56:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
+ 2007-04-02 21:56:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll
- 2004-08-04 12:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
+ 2007-04-02 21:56:02 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll
- 2004-08-04 12:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
+ 2007-04-02 21:56:02 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
+ 2008-04-13 21:02:30 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
+ 2007-04-02 21:56:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll
- 2004-08-04 12:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
+ 2007-04-02 21:56:02 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll
- 2004-08-04 12:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
+ 2007-04-02 21:56:02 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll
- 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
+ 2007-04-02 21:56:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0411.dll
+ 2007-04-02 21:56:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0411.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0412.dll
+ 2007-04-02 21:56:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0412.dll
- 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
+ 2007-04-02 21:56:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
+ 2007-04-02 21:56:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
+ 2007-04-02 21:56:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll
- 2004-08-04 12:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
+ 2007-04-02 21:56:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
+ 2007-04-02 21:56:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
+ 2007-04-02 21:56:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
+ 2007-04-02 21:56:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll
- 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0804.dll
+ 2007-04-02 21:56:04 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0804.dll
- 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
+ 2007-04-02 21:56:04 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll
- 2004-08-04 12:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
+ 2007-04-02 21:56:04 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll
- 2004-08-04 12:00:00 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
+ 2008-04-14 05:52:18 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll
- 2006-06-02 19:31:05 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
+ 2008-04-14 05:52:10 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll
- 2006-10-10 12:44:50 557,568 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
+ 2008-04-13 22:23:34 558,080 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe
- 2007-06-16 23:11:58 51,200 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\NirCmd.exe
- 2004-08-04 12:00:00 70,144 ----a-w C:\WINDOWS\NOTEPAD.EXE
+ 2008-04-14 05:52:56 70,144 ----a-w C:\WINDOWS\notepad.exe
- 2004-08-04 12:00:00 768,512 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 05:52:48 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
- 2004-08-04 12:00:00 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-04-14 05:52:48 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
- 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 05:52:48 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe
- 2004-08-04 12:00:00 160,768 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 05:52:54 172,544 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
- 2004-08-04 12:00:00 379,904 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
+ 2008-04-14 05:52:18 380,416 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll
- 2004-08-04 12:00:00 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
+ 2008-04-14 05:52:24 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll
- 2004-08-04 12:00:00 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
+ 2008-04-14 05:52:24 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
- 2005-10-08 13:19:44 76,487 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
+ 2008-05-02 22:27:01 76,487 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
+ 2008-05-02 22:27:01 2,978 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-04 12:00:00 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 05:53:04 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe
- 2004-08-04 12:00:00 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
+ 2008-04-14 05:52:32 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll
- 2004-08-04 12:00:00 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
+ 2008-04-14 05:52:32 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll
- 2004-08-04 12:00:00 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
+ 2008-04-14 05:52:32 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll
- 2004-08-04 12:00:00 153,600 ----a-w C:\WINDOWS\regedit.exe
+ 2008-04-14 05:53:00 153,600 ----a-w C:\WINDOWS\regedit.exe
+ 2002-08-28 14:06:26 1,126,912 ----a-w C:\WINDOWS\Resources\Themes\Arysta\Shell\NormalColor\shellstyle.dll
+ 2002-09-10 07:59:36 756,736 ----a-w C:\WINDOWS\Resources\Themes\Aurora\Shell\NormalColor\shellstyle.dll
+ 2003-01-31 23:21:04 742,912 ----a-w C:\WINDOWS\Resources\Themes\Chromium\Shell\NormalColor\shellstyle.dll
+ 2002-11-27 10:05:04 756,736 ----a-w C:\WINDOWS\Resources\Themes\Dazzle\Shell\NormalColor\shellstyle.dll
+ 2002-08-28 11:12:34 756,736 ----a-w C:\WINDOWS\Resources\Themes\ForestGreen\Shell\NormalColor\shellstyle.dll
+ 2002-08-02 09:05:58 752,128 ----a-w C:\WINDOWS\Resources\Themes\Happiness\Shell\NormalColor\shellstyle.dll
+ 2002-12-31 12:30:34 742,912 ----a-w C:\WINDOWS\Resources\Themes\iCandy\Shell\NormalColor\shellstyle.dll
+ 2003-04-27 14:26:20 752,128 ----a-w C:\WINDOWS\Resources\Themes\Luxor\Shell\NormalColor\shellstyle.dll
+ 2002-06-05 07:45:58 756,736 ----a-w C:\WINDOWS\Resources\Themes\MysticDreams\Shell\NormalColor\shellstyle.dll
+ 2002-11-23 13:50:22 752,128 ----a-w C:\WINDOWS\Resources\Themes\NightStorm\Shell\NormalColor\shellstyle.dll
+ 2003-02-20 08:56:02 356,864 ----a-w C:\WINDOWS\Resources\Themes\Nocturnal\Shell\NormalColor\shellstyle.dll
+ 2002-12-03 20:39:48 756,736 ----a-w C:\WINDOWS\Resources\Themes\Obsidian\Shell\NormalColor\shellstyle.dll
+ 2003-05-02 18:22:02 928,256 ----a-w C:\WINDOWS\Resources\Themes\Revel\Shell\NormalColor\shellstyle.dll
+ 2003-03-17 12:16:30 786,944 ----a-w C:\WINDOWS\Resources\Themes\SilverMAX\Shell\NormalColor\shellstyle.dll
+ 2003-02-25 21:42:20 756,736 ----a-w C:\WINDOWS\Resources\Themes\TarsTheme\Shell\NormalColor\shellstyle.dll
+ 2002-03-15 18:58:02 756,736 ----a-w C:\WINDOWS\Resources\Themes\Windows MAX 2003\Shell\NormalColor\shellstyle.dll
+ 2002-03-15 18:58:02 774,656 ----a-w C:\WINDOWS\Resources\Themes\Windows MAX 2003\Shell\WinMAXV45\shellstyle.dll
+ 2000-08-31 06:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 2008-04-13 22:16:20 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\1394bus.sys
+ 2008-04-13 22:10:52 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\4mmdat.sys
+ 2008-04-13 22:16:22 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\61883.sys
+ 2008-04-14 05:52:08 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\6to4svc.dll
+ 2008-04-14 05:52:08 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\aaclient.dll
+ 2008-04-13 20:06:02 231,552 ------w C:\WINDOWS\ServicePackFiles\i386\ac97ali.sys
+ 2008-04-13 20:06:08 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\ac97via.sys
+ 2008-04-14 05:52:08 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\acadproc.dll
+ 2008-04-14 05:52:36 188,928 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 05:52:08 1,852,928 ------w C:\WINDOWS\ServicePackFiles\i386\acgenral.dll
+ 2008-04-14 05:52:08 451,072 ------w C:\WINDOWS\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 05:52:08 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 05:52:08 121,344 ------w C:\WINDOWS\ServicePackFiles\i386\aclui.dll
+ 2008-04-14 05:19:04 188,800 ------w C:\WINDOWS\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 05:52:08 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 05:52:08 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\active

[Nikita]

««
Virustotal http://www.virustotal.com/flash/index_en.html

C:\WINDOWS\sed.exe

Auf Durchsuchen klicken --> Datei aussuchen (oder gleich die Datei mit korrektem Pfad einkopieren mit Strg V) --> Klick auf die zu prüfende Datei und öffnen--> klick auf "Senden der Datei"... jetzt abwarten - dann mit der rechten Maustaste den Text markieren -> HIER kopieren
-----------------------------

poste noch mal das log von Combofix , bitte komplett.

[Mc Kniffizen]

Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.5.10.0 2008.05.13 -
AntiVir 7.8.0.17 2008.05.13 -
Authentium 5.1.0.4 2008.05.13 -
Avast 4.8.1195.0 2008.05.13 -
AVG 7.5.0.516 2008.05.13 -
BitDefender 7.2 2008.05.08 -
CAT-QuickHeal 9.50 2008.05.13 -
ClamAV 0.92.1 2008.05.13 -
DrWeb 4.44.0.09170 2008.05.13 -
eSafe 7.0.15.0 2008.05.13 -
eTrust-Vet 31.4.5784 2008.05.13 -
Ewido 4.0 2008.05.13 -
F-Prot 4.4.2.54 2008.05.13 -
F-Secure 6.70.13260.0 2008.05.13 -
Fortinet 3.14.0.0 2008.05.13 -
GData 2.0.7306.1023 2008.05.13 -
Ikarus T3.1.1.26.0 2008.05.13 -
Kaspersky 7.0.0.125 2008.05.13 -
McAfee 5294 2008.05.13 -
Microsoft 1.3520 2008.05.13 -
NOD32v2 3096 2008.05.13 -
Norman 5.80.02 2008.05.13 -
Panda 9.0.0.4 2008.05.12 -
Prevx1 V2 2008.05.13 -
Rising 20.44.12.00 2008.05.13 -
Sophos 4.29.0 2008.05.13 -
Sunbelt 3.0.1114.0 2008.05.12 -
Symantec 10 2008.05.13 -
TheHacker 6.2.92.309 2008.05.13 -
VirusBuster 4.3.26:9 2008.05.13 -
Webwasher-Gateway 6.6.2 2008.05.13 -
weitere Informationen
File size: 98816 bytes
MD5...: 2b657a67aebb84aea5632c53e61e23bf
SHA1..: 7d723cf82658da76bda85ae00bf20cb01b43edc8
SHA256: 95a2e2cacfb63d095de385a98f1d5d4a21f0e7e8de485cbaf5b872434d43fb73
SHA512: 16a68add6c2f6011c3c69dd3a3bf9496730c712e631c4992c19a83747020e8b5
60e3b93b08e95c536f245508a9c923f18488b2aef300acbe2ecedbe4ff3e5ca2
PEiD..: Dev-C++ 4.9.9.2 -> Bloodshed Software
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401220
timedatestamp.....: 0x420c7c1c (Fri Feb 11 09:34:20 2005)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x12314 0x12400 6.35 ff9ee697a26ae4c26c7fbc9115a3f9c3
.data 0x14000 0x690 0x800 3.06 8ae042bde9f22cd8399b3308f8e505f5
.rdata 0x15000 0x4994 0x4a00 5.14 b57e09b0f83dd8373df5c5d677214bdd
.bss 0x1a000 0x5280 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x20000 0x71c 0x800 4.04 9fd53d4e99a76e42c236775b15e3731c

( 3 imports )
> msvcrt.dll: _fdopen, _fstat, _isatty, _open, _pclose, _popen, _unlink
> msvcrt.dll: __getmainargs, __mb_cur_max, __p__environ, __p__fmode, __set_app_type, _cexit, _errno, _filbuf, _flsbuf, _iob, _isctype, _onexit, _pctype, _setmode, _vsnprintf, abort, atexit, calloc, clearerr, exit, fclose, fflush, fopen, fprintf, fread, free, ftell, fwrite, getenv, malloc, memchr, memcpy, memmove, memset, printf, putchar, puts, realloc, rename, rewind, setlocale, signal, sprintf, strchr, strcmp, strcpy, strerror, strlen, strncmp, strncpy, strrchr, strtoul, tolower, toupper, ungetc, vfprintf
> KERNEL32.dll: AddAtomA, ExitProcess, FindAtomA, GetAtomNameA, SetUnhandledExceptionFilter

( 0 exports )

Hier Combofix hoffentlich komplett

ComboFix 08-05-11.1 - Zu Hause 2008-05-13 18:16:33.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1031.18.1427 [GMT 2:00]
ausgeführt von:: C:\Dokumente und Einstellungen\Zu Hause\Eigene Dateien\E-Mail\Mario\NEU\Virenbekämpfung\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((( Dateien erstellt von 2008-04-13 bis 2008-05-13 ))))))))))))))))))))))))))))))
.

2008-05-12 23:56 . 2008-05-13 18:16 6,736 --a------ C:\WINDOWS\system32\drivers\PROCEXP90.SYS
2008-05-12 23:49 . 2008-05-12 23:50 <DIR> d-------- C:\RVAXO
2008-05-12 23:45 . 2008-05-10 12:18 818,420 --a------ C:\WINDOWS\system32\RVAXO.bat
2008-05-12 23:45 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\system32\remove.exe
2008-05-12 23:24 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-05-12 23:24 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-05-12 23:24 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-05-12 23:16 . 2008-05-12 23:16 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Yahoo! Companion
2008-05-12 23:15 . 2008-05-12 23:15 <DIR> d-------- C:\Programme\Yahoo!
2008-05-12 13:52 . 2008-05-12 13:52 212,480 --a------ C:\WINDOWS\iebho.dll
2008-05-04 12:11 . 2008-05-04 12:17 <DIR> d-------- C:\Programme\Sun
2008-05-03 00:25 . 2008-04-14 07:52 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-05-03 00:25 . 2008-04-14 07:52 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll
2008-05-03 00:25 . 2008-04-14 07:27 93,184 --------- C:\WINDOWS\system32\msxml6r.dll
2008-05-03 00:25 . 2008-04-14 07:27 93,184 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll
2008-05-03 00:21 . 2008-05-03 00:25 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-05-03 00:17 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\002838_.tmp
2008-05-03 00:12 . 2008-05-03 00:12 <DIR> d-------- C:\WINDOWS\EHome
2008-04-14 07:53 . 2008-04-14 07:53 20,992 --------- C:\WINDOWS\system32\spupdwxp.exe
2008-04-14 07:53 . 2008-04-14 07:53 7,680 --a------ C:\WINDOWS\system32\spdwnwxp.exe
2008-04-14 07:52 . 2008-04-14 07:52 20,992 --------- C:\WINDOWS\system32\faxpatch.exe
2008-04-14 07:33 . 2008-04-14 07:33 2,524 --------- C:\WINDOWS\system32\pid.inf

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-13 13:31 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec
2008-05-12 21:58 --------- d-----w C:\Programme\Gemeinsame Dateien\Symantec Shared
2008-05-12 21:35 4,590 ----a-w C:\WINDOWS\system32\tmp.reg
2008-05-06 07:00 --------- d-----w C:\Programme\TuneUp Utilities 2006
2008-05-04 10:11 --------- d-----w C:\Programme\Java
2008-04-14 06:06 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 05:55 333,312 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 05:52 99,840 ----a-w C:\WINDOWS\system32\loadperf.dll
2008-04-14 05:51 762,368 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-14 05:51 76,288 ----a-w C:\WINDOWS\system32\uniime.dll
2008-04-14 05:51 731,648 ----a-w C:\WINDOWS\system32\ntdll.dll
2008-04-14 05:51 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 05:51 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-14 05:51 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 05:32 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 05:32 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 05:32 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 05:32 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 05:30 2,026,496 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 05:29 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 05:29 2,147,840 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 05:28 800,384 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 05:28 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 05:28 154,112 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 05:28 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-14 05:27 40,448 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 05:26 81,408 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 05:26 51,712 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 05:26 40,832 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 05:25 65,536 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 05:25 572,928 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 05:25 52,992 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 05:24 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 05:24 10,752 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 05:23 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 05:22 68,096 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 05:22 57,728 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 05:22 53,760 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 05:22 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 05:22 273,920 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 05:21 701,952 ------w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-04-14 05:21 39,936 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 05:21 327,168 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-04-14 05:20 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 05:20 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 05:20 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 05:19 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 05:19 23,552 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 05:19 188,800 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 22:58 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 22:51 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 22:50 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 22:50 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 22:50 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 22:49 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 22:49 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 22:49 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 22:49 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 22:47 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 22:47 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 22:47 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 22:46 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 22:45 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 22:45 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 22:44 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 22:44 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 22:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 22:30 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 22:27 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 22:27 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 22:27 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 22:27 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 22:27 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 22:27 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 22:27 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 22:26 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 22:26 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 22:26 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 22:26 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 22:26 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 22:26 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 22:26 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 22:26 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 22:26 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 22:26 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 22:25 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 22:24 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 22:23 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 22:23 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 22:23 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 22:23 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 22:21 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 22:21 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 22:21 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
2008-04-13 22:21 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
2008-04-13 22:21 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys
2008-04-13 22:17 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-13 22:15 6,272 ----a-w C:\WINDOWS\system32\drivers\splitter.sys
2008-04-13 22:15 36,864 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys
2008-04-13 22:15 32,128 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys
2005-10-09 10:25 8 --sh--r C:\WINDOWS\system32\A3DA537E26.sys
2005-10-09 10:25 4,704 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2004-08-04 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
2004-08-04 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
.

((((((((((((((((((((((((((((( snapshot_2008-05-12_23.59.30,07 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-12 21:49:23 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-13 16:05:16 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
2007-08-25 05:51 316784 --a------ C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2008-01-31 11:34 116088 --a------ C:\PROGRA~1\GEMEIN~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= "C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll" [2007-08-25 05:51 316784]

[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-25 05:51 316784]

[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 07:52 15360]
"MSMSGS"="C:\Programme\Messenger\msmsgs.exe" [2008-04-14 07:52 1695232]
"T-Online_Software_6\WLAN-Access Finder"="C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe" [2007-07-25 18:50 671796]
"WMPNSCFG"="C:\Programme\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:56 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-09-23 00:21 7282688]
"nwiz"="nwiz.exe" [2005-09-23 00:21 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2005-09-23 00:21 86016 C:\WINDOWS\system32\nvmctray.dll]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 14:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 14:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 14:00 455168]
"RTHDCPL"="RTHDCPL.EXE" [2005-08-18 16:20 14820864 C:\WINDOWS\RTHDCPL.EXE]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"MedionVFD"="C:\Programme\Medion Info Display\MdionLCM.exe" [2005-10-11 18:11 126976]
"CHotkey"="mHotkey.exe" [2004-06-03 21:07 549376 C:\WINDOWS\mHotkey.exe]
"ledpointer"="CNYHKey.exe" [2003-07-21 22:28 5577216 C:\WINDOWS\CNYHKey.exe]
"CmUCRRun"="C:\WINDOWS\system32\CmUCReye.exe" [2005-10-12 14:44 241664]
"RemoteControl"="C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]
"PCMService"="C:\Programme\Home Cinema\PowerCinema\PCMService.exe" [2005-10-21 21:41 139264]
"TkBellExe"="C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2005-10-09 11:25 180269]
"Adobe Photo Downloader"="C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
"ToADiMon.exe"="C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe" [2007-02-15 11:04 282624]
"PCSuiteTrayApplication"="C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 16:10 271360]
"T-Online Dialerschutz-Software"="C:\Programme\T-Online\Dialerschutz-Software\Defender.exe" [2007-08-31 12:48 1063488]
"ccApp"="C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" [2008-01-31 14:15 51048]
"osCheck"="C:\Programme\Norton Internet Security\osCheck.exe" [2007-08-25 06:53 714608]
"Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 07:52 15360]
"InfoCockpit"="C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.exe" [2007-07-30 14:27 176128]
"Nokia.PCSync"="C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 11:17 1241088]
"T-Online_Software_6\WLAN-Access Finder"="C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe" [2007-07-25 18:50 671796]

C:\Dokumente und Einstellungen\Zu Hause\Startmen

[Nikita]

das sieht schon mal gut aus.
mache einen Onlinescan mit Bitdefender + poste hier den report
http://virus-protect.org/onlinescan.html