TechSpot

Sirefef ruined my internet connection.

By cschrille
Jun 23, 2012
  1. Hey, some weeks ago Broni helped me getting rid of Sirefef. Today I got it again and removed it myself with the steps he gave me before. Now it is completely out of my system but I cant get online. It finds my local network but it cant connect to it. I checked internet settings and its all blank so it should work.

    How do I fix this?
     
  2. cschrille

    cschrille TS Enthusiast Topic Starter Posts: 177

    Also, I cant even connect in safe mode...
     
  3. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    It's never a good idea to try fixing rootkit issue by yourself.
    You should know better.

    Please download Farbar Service Scanner Download Link and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center/Action Center
      • Windows Update
      • Windows Defender
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.
     
  4. cschrille

    cschrille TS Enthusiast Topic Starter Posts: 177

    Yeah I know, but I was in such a hurry I did not really think about making another thread, guess I should have.

    Farbar Service Scanner Version: 22-06-2012 01
    Ran by Ägaren (administrator) on 23-06-2012 at 22:03:19
    Running from "G:\"
    Microsoft Windows 7 Ultimate Service Pack 1 (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============
    Dnscache Service is not running. Checking service configuration:
    The start type of Dnscache service is OK.
    The ImagePath of Dnscache service is OK.
    The ServiceDll of Dnscache service is OK.

    Dhcp Service is not running. Checking service configuration:
    The start type of Dhcp service is OK.
    The ImagePath of Dhcp service is OK.
    The ServiceDll of Dhcp service is OK.

    tdx Service is not running. Checking service configuration:
    Checking Start type: ATTENTION!=====> Unable to open tdx registry key. The service key does not exist.
    Checking ImagePath: ATTENTION!=====> Unable to open tdx registry key. The service key does not exist.


    Connection Status:
    ==============
    Localhost is accessible.
    There is no connection to network.
    Google IP is accessible.
    Attempt to access Google.com returned error: Other errors
    Yahoo IP is accessible.
    Attempt to access Yahoo.com returned error: Other errors


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Action Center:
    ============

    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============

    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => MD5 is legit
    C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
    C:\Windows\System32\dhcpcore.dll => MD5 is legit
    C:\Windows\System32\drivers\afd.sys => MD5 is legit
    C:\Windows\System32\drivers\tdx.sys => MD5 is legit
    C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
    C:\Windows\System32\dnsrslvr.dll => MD5 is legit
    C:\Windows\System32\mpssvc.dll => MD5 is legit
    C:\Windows\System32\bfe.dll => MD5 is legit
    C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
    C:\Windows\System32\SDRSVC.dll => MD5 is legit
    C:\Windows\System32\vssvc.exe => MD5 is legit
    C:\Windows\System32\wscsvc.dll => MD5 is legit
    C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
    C:\Windows\System32\wuaueng.dll => MD5 is legit
    C:\Windows\System32\qmgr.dll => MD5 is legit
    C:\Windows\System32\es.dll => MD5 is legit
    C:\Windows\System32\cryptsvc.dll => MD5 is legit
    C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit


    **** End of log ****
     
  5. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    When dealing with computer problems "hurry" is the worst approach you can make.

    Following steps involve registry editing. Please create new restore point before proceeding!!!
    How to:
    XP - http://support.microsoft.com/kb/948247
    Vista and Seven - http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/


    Download Seven.zip file from here: http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/
    Unzip the file.
    You'll find several files inside.
    Double click on tdx.reg file and confirm the prompt.
    Restart computer.
    Post new FSS log.
     
  6. cschrille

    cschrille TS Enthusiast Topic Starter Posts: 177

    Farbar Service Scanner Version: 22-06-2012 01
    Ran by Ägaren (administrator) on 23-06-2012 at 22:17:10
    Running from "G:\"
    Microsoft Windows 7 Ultimate Service Pack 1 (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo IP is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Action Center:
    ============

    Windows Update:
    ============
    wuauserv Service is not running. Checking service configuration:
    The start type of wuauserv service is OK.
    The ImagePath of wuauserv service is OK.
    The ServiceDll of wuauserv service is OK.


    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============

    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => MD5 is legit
    C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
    C:\Windows\System32\dhcpcore.dll => MD5 is legit
    C:\Windows\System32\drivers\afd.sys => MD5 is legit
    C:\Windows\System32\drivers\tdx.sys => MD5 is legit
    C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
    C:\Windows\System32\dnsrslvr.dll => MD5 is legit
    C:\Windows\System32\mpssvc.dll => MD5 is legit
    C:\Windows\System32\bfe.dll => MD5 is legit
    C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
    C:\Windows\System32\SDRSVC.dll => MD5 is legit
    C:\Windows\System32\vssvc.exe => MD5 is legit
    C:\Windows\System32\wscsvc.dll => MD5 is legit
    C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
    C:\Windows\System32\wuaueng.dll => MD5 is legit
    C:\Windows\System32\qmgr.dll => MD5 is legit
    C:\Windows\System32\es.dll => MD5 is legit
    C:\Windows\System32\cryptsvc.dll => MD5 is legit
    C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit


    **** End of log ****

    Now my connection is working again :)

    I think my system is clean now, I have run ComboFix and Nod32 is not blocking Sirefef, so I guess its gone.

    Thank you! And I wont try to remove stuff like this on my own again ;)
     
  7. cschrille

    cschrille TS Enthusiast Topic Starter Posts: 177

    Also, if you dont mind me asking, what is the meaning of Sirefef? Does it steal passwords? Does it collect info? And why the sudden outbreak of this virus, I keep seeing it everywhere!
     
  8. Broni

    Broni Malware Annihilator Posts: 52,892   +344

  9. cschrille

    cschrille TS Enthusiast Topic Starter Posts: 177

    Yeah I can access Windows Update, both search and install updates.
    You want me to run some scan or anything?
     
  10. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Let's see Combofix log....

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
    There are 4 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click Rkill and choose Run as Administrator
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    * Rkill.com
    * Rkill.scr
    * Rkill.exe
    • Double-click on the Rkill icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.
    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
  11. cschrille

    cschrille TS Enthusiast Topic Starter Posts: 177

    ComboFix 12-06-23.05 - Ägaren 2012-06-24 1:24.8.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.46.1053.18.8173.5446 [GMT 2:00]
    Körs från: c:\users\-garen\Desktop\ComboFix.exe
    AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\SysWow64\tmp194C.tmp
    c:\windows\SysWow64\tmp195D.tmp
    c:\windows\SysWow64\tmpD230.tmp
    c:\windows\SysWow64\tmpD231.tmp
    .
    .
    (((((((((((((((((((((((( Filer skapade från 2012-05-23 till 2012-06-23 ))))))))))))))))))))))))))))))
    .
    .
    2012-06-23 23:30 . 2012-06-23 23:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2012-06-23 23:30 . 2012-06-23 23:30 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-06-23 23:30 . 2012-06-23 23:30 -------- d-----w- c:\users\Chrilles\AppData\Local\temp
    2012-06-23 23:14 . 2012-06-23 23:14 -------- d-----w- c:\windows\SysWow64\drivers\sk-SK
    2012-06-23 23:14 . 2012-06-23 23:14 -------- d-----w- c:\windows\SysWow64\wbem\sk-SK
    2012-06-23 23:14 . 2012-06-23 23:14 -------- d-----w- c:\windows\sk-SK
    2012-06-23 23:14 . 2012-06-23 23:14 -------- d-----w- c:\windows\system32\drivers\sk-SK
    2012-06-23 23:14 . 2012-06-23 23:14 -------- d-----w- c:\windows\system32\wbem\sk-SK
    2012-06-23 23:11 . 2010-11-20 03:11 6144 ----a-w- c:\windows\system32\drivers\en-US\IPMIDrv.sys.mui
    2012-06-23 23:11 . 2010-11-20 03:10 4608 ----a-w- c:\windows\system32\drivers\en-US\kbdclass.sys.mui
    2012-06-23 23:11 . 2009-07-13 15:24 2560 ----a-w- c:\windows\system32\drivers\en-US\kbdhid.sys.mui
    2012-06-23 23:11 . 2010-11-20 03:13 6144 ----a-w- c:\windows\system32\drivers\en-US\rdvgkmd.sys.mui
    2012-06-23 23:11 . 2010-11-20 03:11 4096 ----a-w- c:\windows\system32\drivers\en-US\tsusbhub.sys.mui
    2012-06-23 23:11 . 2010-11-20 03:01 2560 ----a-w- c:\windows\system32\drivers\en-US\rdpwd.sys.mui
    2012-06-23 23:11 . 2010-11-20 02:57 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
    2012-06-23 23:11 . 2009-07-13 15:26 24576 ----a-w- c:\windows\system32\drivers\en-US\usbport.sys.mui
    2012-06-23 23:11 . 2009-07-13 15:24 7680 ----a-w- c:\windows\system32\drivers\en-US\tunnel.sys.mui
    2012-06-23 23:11 . 2009-07-13 15:27 7168 ----a-w- c:\windows\system32\drivers\en-US\battc.sys.mui
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\de-DE
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\de-DE
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\SysWow64\drivers\de-DE
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\SysWow64\de
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\SysWow64\0407
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\SysWow64\wbem\de-DE
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\system32\0407
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\system32\drivers\de-DE
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\system32\de
    2012-06-23 23:09 . 2012-06-23 23:09 -------- d-----w- c:\windows\system32\wbem\de-DE
    2012-06-23 23:03 . 2009-07-13 17:05 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\de-DE\LXKPTPRC.DLL.mui
    2012-06-23 18:38 . 2009-07-13 14:12 338944 ----a-w- c:\windows\SysWow64\drivers\afd.sys
    2012-06-23 18:17 . 2012-06-23 18:17 -------- d-----w- c:\users\Ägaren\AppData\Local\ElevatedDiagnostics
    2012-06-23 17:59 . 2012-06-18 01:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CDFF74A7-4D9F-4DD9-8EFB-3029241E0382}\mpengine.dll
    2012-06-22 21:36 . 2012-06-22 21:36 -------- d-----w- c:\users\Ägaren\AppData\Local\Rockstar Games
    2012-06-22 11:52 . 2012-06-22 11:52 -------- d-----w- c:\users\Ägaren\AppData\Roaming\InstallShield
    2012-06-22 11:52 . 2012-06-22 11:52 -------- d-----w- c:\programdata\InstallShield
    2012-06-22 11:16 . 2012-06-22 11:16 -------- d-----w- c:\program files\Microsoft SDKs
    2012-06-22 11:16 . 2012-06-22 11:16 -------- d-----w- c:\programdata\Microsoft Help
    2012-06-22 10:56 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
    2012-06-22 10:56 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
    2012-06-22 10:41 . 2012-06-22 10:41 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
    2012-06-21 17:42 . 2012-06-21 17:42 -------- d-----w-aren c:\users\GAREN~3
    2012-06-21 04:54 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-21 04:54 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
    2012-06-21 04:54 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-21 04:54 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
    2012-06-21 04:54 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
    2012-06-21 04:54 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-21 04:54 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
    2012-06-21 04:54 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
    2012-06-21 04:54 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
    2012-06-19 23:18 . 2012-06-19 23:18 -------- d-----w- c:\windows\DA909E623B454BA18B58FCAEBA4BCEC9.TMP
    2012-06-19 19:52 . 2012-06-19 19:52 -------- d-----w- c:\program files (x86)\AccentSoft Utilities
    2012-06-19 05:32 . 2012-06-19 05:32 -------- d-----w- c:\users\Ägaren\AppData\Local\fontconfig
    2012-06-19 05:31 . 2012-06-19 05:34 -------- d-----w- c:\users\Ägaren\.gimp-2.8
    2012-06-19 05:31 . 2012-06-19 05:31 -------- d-----w- c:\users\Ägaren\AppData\Local\gegl-0.2
    2012-06-19 05:30 . 2012-06-19 05:31 -------- d-----w- c:\program files\GIMP 2
    2012-06-19 03:44 . 2012-06-19 03:45 -------- d-----w- c:\programdata\DriverGenius
    2012-06-19 03:42 . 2012-06-19 03:42 -------- d-----w- c:\program files (x86)\Driver-Soft
    2012-06-19 03:03 . 2012-06-19 03:03 -------- d-----w- c:\program files (x86)\RG Packers
    2012-06-18 18:25 . 2012-06-18 18:25 -------- d-----w- c:\users\Ägaren\AppData\Local\Macromedia
    2012-06-18 18:06 . 2012-06-18 18:06 -------- d-----w- c:\users\Ägaren\AppData\Roaming\Milestone
    2012-06-18 00:22 . 2012-06-18 00:22 -------- d--h--w- c:\windows\msdownld.tmp
    2012-06-17 17:49 . 2012-06-17 17:49 -------- d-----w- c:\programdata\TamoSoft
    2012-06-17 17:49 . 2012-06-17 17:50 -------- d-----w- c:\program files (x86)\CommView
    2012-06-17 17:44 . 2012-06-17 17:44 -------- d-----w- c:\program files (x86)\Oracle
    2012-06-16 22:11 . 2012-06-17 14:26 -------- d-----w- c:\programdata\eMule
    2012-06-16 03:58 . 2012-06-16 03:58 -------- d-----w- c:\users\Ägaren\AppData\Local\ESN Sonar
    2012-06-15 21:58 . 2012-06-15 21:58 -------- d-----w- c:\program files (x86)\Tunngle
    2012-06-13 20:51 . 2012-06-14 14:32 -------- d-----w- c:\users\Ägaren\AppData\Roaming\DigitalCute
    2012-06-13 20:51 . 2012-06-14 14:31 -------- d-----w- c:\program files (x86)\DigitalCute
    2012-06-12 21:03 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
    2012-06-12 19:25 . 2012-06-12 19:25 -------- d-----w- c:\programdata\Synetic
    2012-06-11 17:29 . 2012-06-16 23:26 -------- d-----w- c:\programdata\Tunngle
    2012-06-11 17:29 . 2012-06-16 23:26 -------- d-----w- c:\users\Ägaren\AppData\Roaming\Tunngle
    2012-06-11 17:29 . 2009-09-16 06:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
    2012-06-11 16:49 . 2012-06-23 20:14 -------- d-----w- c:\users\Ägaren\AppData\Local\Eraser 6
    2012-06-11 13:26 . 2012-06-11 13:27 -------- d-----w- c:\program files (x86)\Zoku Zoku Otouto Gui
    2012-06-09 22:10 . 2012-06-09 22:10 -------- d-----w- c:\program files\Microsoft Synchronization Services
    2012-06-09 22:10 . 2012-06-09 22:10 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
    2012-06-09 22:10 . 2012-06-09 22:10 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
    2012-06-09 22:10 . 2012-06-09 22:10 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
    2012-06-09 22:09 . 2012-06-10 11:59 112832 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
    2012-06-09 22:08 . 2012-06-09 22:08 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
    2012-06-09 22:08 . 2012-06-09 22:08 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
    2012-06-09 22:07 . 2012-06-09 22:07 -------- d-----w- c:\windows\symbols
    2012-06-09 22:07 . 2012-06-09 22:07 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
    2012-06-09 22:07 . 2012-06-09 22:07 -------- d-----w- c:\program files\Microsoft Help Viewer
    2012-06-09 22:07 . 2012-06-09 22:07 -------- d-----w- c:\program files (x86)\Microsoft SDKs
    2012-06-09 22:04 . 2012-06-09 22:04 -------- d-----w- c:\windows\PCHEALTH
    2012-06-08 19:51 . 2012-06-08 19:51 -------- d-----w- C:\Perfect World Entertainment
    2012-06-08 19:47 . 2012-06-08 19:41 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
    2012-06-08 17:05 . 2012-06-11 17:31 -------- d-----w- c:\users\Ägaren\AppData\Local\PMB Files
    2012-06-08 17:05 . 2012-06-08 19:45 -------- d-----w- c:\programdata\PMB Files
    2012-06-08 17:04 . 2012-06-08 17:04 -------- d-----w- c:\program files (x86)\Pando Networks
    2012-06-08 02:04 . 2012-06-08 02:04 -------- d-----w- C:\found.000
    2012-06-07 18:23 . 2012-06-07 22:20 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
    2012-06-07 16:16 . 2012-06-07 16:16 -------- d-----w- c:\program files\Alex Feinman
    2012-06-06 00:01 . 2012-06-06 00:01 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
    2012-06-06 00:01 . 2012-06-06 00:01 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
    2012-06-03 18:42 . 2012-06-03 18:42 -------- d-----w- c:\program files (x86)\ESET
    2012-06-03 15:50 . 2012-06-03 15:50 -------- d-----w- c:\programdata\Sophos
    2012-06-03 15:50 . 2012-06-03 15:50 73728 ----a-r- c:\users\Ägaren\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
    2012-06-03 15:50 . 2012-06-03 15:50 73728 ----a-r- c:\users\Ägaren\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
    2012-06-03 15:50 . 2012-06-03 15:50 73728 ----a-r- c:\users\Ägaren\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
    2012-06-03 15:50 . 2012-06-03 15:50 -------- d-----w- c:\program files (x86)\Sophos
    2012-06-03 12:49 . 2012-06-03 12:49 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
    2012-06-03 11:03 . 2012-06-03 11:03 -------- d-----w- c:\users\Ägaren\AppData\Roaming\Need for Speed World
    2012-06-03 10:48 . 2012-06-03 10:48 -------- d-----w- c:\users\Ägaren\AppData\Local\Electronic_Arts_Inc
    2012-06-03 08:12 . 2012-06-07 00:39 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2012-06-03 08:12 . 2012-06-03 08:13 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
    2012-06-02 20:17 . 2012-06-02 20:17 -------- d-----w- c:\programdata\Kaspersky Lab
    2012-06-02 20:17 . 2012-06-02 20:17 460888 ----a-w- c:\windows\system32\drivers\39377219.sys
    2012-06-02 17:35 . 2012-06-02 17:35 -------- d-----w- c:\users\Ägaren\AppData\Roaming\Malwarebytes
    2012-06-02 17:35 . 2012-06-02 17:35 -------- d-----w- c:\programdata\Malwarebytes
    2012-06-02 17:35 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-02 17:35 . 2012-06-02 17:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-06-02 16:39 . 2012-06-02 16:39 -------- d-----w- c:\programdata\Rockstar Games
    2012-06-02 11:28 . 2012-06-02 11:28 -------- d-----w- c:\users\Ägaren\AppData\Local\Chromium
    2012-06-02 11:28 . 2012-06-07 22:57 -------- d-----w-aren c:\users\GAREN~2
    2012-06-02 11:14 . 2012-06-22 11:47 -------- d-----w- c:\program files (x86)\Rockstar Games
    2012-06-01 12:28 . 2012-06-01 12:28 -------- d-----w- c:\users\Ägaren\AppData\Local\European Bus Simulator 2012
    2012-05-29 14:31 . 2012-05-29 14:31 -------- d-----w- c:\users\Ägaren\AppData\Roaming\Roaming
    2012-05-29 14:31 . 2012-05-29 14:31 -------- d-----w- c:\users\Ägaren\AppData\Roaming\Quest3D
    2012-05-26 16:39 . 2012-05-26 16:39 -------- d-----w- c:\users\Ägaren\AppData\Local\FLT
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-06-23 23:23 . 2012-05-15 14:54 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-23 23:23 . 2012-05-15 14:54 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-06-18 04:33 . 2012-05-20 09:53 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
    2012-06-18 04:33 . 2012-05-18 21:51 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
    2012-06-18 04:32 . 2012-05-18 21:51 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
    2012-06-09 16:36 . 2012-05-18 21:51 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
    2012-05-28 15:51 . 2012-05-26 16:35 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
    2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr
    2012-05-23 11:58 . 2012-05-23 11:58 283200 ------w- c:\windows\system32\drivers\dtsoftbus01.sys
    2012-05-17 22:35 . 2012-06-13 01:00 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
    2012-05-15 18:42 . 2012-05-15 18:43 839112 ----a-w- c:\windows\system32\deployJava1.dll
    2012-05-15 18:42 . 2012-05-15 18:43 955848 ----a-w- c:\windows\system32\npDeployJava1.dll
    2012-05-15 13:55 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
    2012-05-15 13:55 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
    2012-05-15 12:55 . 2012-05-15 12:55 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2012-05-15 12:55 . 2012-05-15 12:55 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2012-05-15 12:55 . 2012-05-15 12:55 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2012-05-15 12:55 . 2012-05-15 12:55 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
    2012-05-15 12:55 . 2012-05-15 12:55 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
    2012-05-15 12:55 . 2012-05-15 12:55 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
    2012-05-15 12:55 . 2012-05-15 12:55 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
    2012-05-15 12:55 . 2012-05-15 12:55 367104 ----a-w- c:\windows\SysWow64\html.iec
    2012-05-15 12:55 . 2012-05-15 12:55 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2012-05-15 12:55 . 2012-05-15 12:55 161792 ----a-w- c:\windows\SysWow64\msls31.dll
    2012-05-15 12:55 . 2012-05-15 12:55 152064 ----a-w- c:\windows\SysWow64\wextract.exe
    2012-05-15 12:55 . 2012-05-15 12:55 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
    2012-05-15 12:55 . 2012-05-15 12:55 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
    2012-05-15 12:55 . 2012-05-15 12:55 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2012-05-15 12:55 . 2012-05-15 12:55 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2012-05-15 12:55 . 2012-05-15 12:55 85504 ----a-w- c:\windows\system32\iesetup.dll
    2012-05-15 12:55 . 2012-05-15 12:55 76800 ----a-w- c:\windows\system32\tdc.ocx
    2012-05-15 12:55 . 2012-05-15 12:55 49664 ----a-w- c:\windows\system32\imgutil.dll
    2012-05-15 12:55 . 2012-05-15 12:55 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2012-05-15 12:55 . 2012-05-15 12:55 448512 ----a-w- c:\windows\system32\html.iec
    2012-05-15 12:55 . 2012-05-15 12:55 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
    2012-05-15 12:55 . 2012-05-15 12:55 222208 ----a-w- c:\windows\system32\msls31.dll
    2012-05-15 12:55 . 2012-05-15 12:55 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
    2012-05-15 12:55 . 2012-05-15 12:55 12288 ----a-w- c:\windows\system32\mshta.exe
    2012-05-15 12:55 . 2012-05-15 12:55 11776 ----a-w- c:\windows\SysWow64\mshta.exe
    2012-05-15 12:55 . 2012-05-15 12:55 114176 ----a-w- c:\windows\system32\admparse.dll
    2012-05-15 12:55 . 2012-05-15 12:55 111616 ----a-w- c:\windows\system32\iesysprep.dll
    2012-05-15 12:55 . 2012-05-15 12:55 101888 ----a-w- c:\windows\SysWow64\admparse.dll
    2012-05-15 12:55 . 2012-05-15 12:55 603648 ----a-w- c:\windows\system32\vbscript.dll
    2012-05-15 12:55 . 2012-05-15 12:55 30720 ----a-w- c:\windows\system32\licmgr10.dll
    2012-05-15 12:55 . 2012-05-15 12:55 165888 ----a-w- c:\windows\system32\iexpress.exe
    2012-05-15 12:55 . 2012-05-15 12:55 160256 ----a-w- c:\windows\system32\wextract.exe
    2012-05-15 11:11 . 2012-05-15 11:11 16896 ----a-w- c:\windows\AsTaskSched.dll
    2012-05-15 10:48 . 2012-05-22 19:11 818496 ----a-w- c:\windows\SysWow64\nvumdshim.dll
    2012-05-15 10:48 . 2012-05-22 19:11 8139072 ----a-w- c:\windows\system32\nvcuda.dll
    2012-05-15 10:48 . 2012-05-22 19:11 8105280 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
    2012-05-15 10:48 . 2012-05-22 19:11 5982528 ----a-w- c:\windows\SysWow64\nvcuda.dll
    2012-05-15 10:48 . 2012-05-22 19:11 364352 ----a-w- c:\windows\system32\nvdecodemft.dll
    2012-05-15 10:48 . 2012-05-22 19:11 301376 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
    2012-05-15 10:48 . 2012-05-22 19:11 2881856 ----a-w- c:\windows\system32\nvcuvenc.dll
    2012-05-15 10:48 . 2012-05-22 19:11 2681664 ----a-w- c:\windows\system32\nvcuvid.dll
    2012-05-15 10:48 . 2012-05-22 19:11 25743168 ----a-w- c:\windows\system32\nvoglv64.dll
    2012-05-15 10:48 . 2012-05-22 19:11 2524992 ----a-w- c:\windows\SysWow64\nvcuvid.dll
    2012-05-15 10:48 . 2012-05-22 19:11 25248064 ----a-w- c:\windows\system32\nvcompiler.dll
    2012-05-15 10:48 . 2012-05-22 19:11 246592 ----a-w- c:\windows\system32\nvinitx.dll
    2012-05-15 10:48 . 2012-05-22 19:11 2445120 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
    2012-05-15 10:48 . 2012-05-22 19:11 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll
    2012-05-15 10:48 . 2012-05-22 19:11 202048 ----a-w- c:\windows\SysWow64\nvinit.dll
    2012-05-15 10:48 . 2012-05-22 19:11 19607872 ----a-w- c:\windows\SysWow64\nvoglv32.dll
    2012-05-15 10:48 . 2012-05-22 19:11 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll
    2012-05-15 10:48 . 2012-05-22 19:11 17551680 ----a-w- c:\windows\SysWow64\nvcompiler.dll
    2012-05-15 10:48 . 2012-05-22 19:11 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll
    2012-05-15 10:48 . 2012-05-22 19:11 14298944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
    2012-05-15 10:48 . 2012-05-15 18:46 949056 ----a-w- c:\windows\system32\nvumdshimx.dll
    2012-05-15 10:48 . 2012-05-15 18:46 68928 ----a-w- c:\windows\system32\OpenCL.dll
    2012-05-15 10:48 . 2012-05-15 18:46 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
    2012-05-15 10:48 . 2012-05-15 18:46 2741568 ----a-w- c:\windows\system32\nvapi64.dll
    2012-05-15 10:48 . 2012-02-09 20:43 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
    2012-05-15 10:48 . 2012-02-09 20:43 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
    2012-05-15 10:48 . 2012-02-09 20:43 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll
    2012-05-15 09:29 . 2012-05-15 18:48 889664 ----a-w- c:\windows\system32\nvvsvc.exe
    2012-05-15 09:29 . 2012-05-22 19:12 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
    2012-05-15 09:29 . 2012-05-15 18:48 63296 ----a-w- c:\windows\system32\nvshext.dll
    2012-05-15 09:29 . 2012-05-15 18:48 118080 ----a-w- c:\windows\system32\nvmctray.dll
    2012-05-15 09:29 . 2012-05-15 18:48 2621723 ----a-w- c:\windows\system32\nvcoproc.bin
    2012-05-15 09:29 . 2012-05-15 18:48 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
    2012-05-15 09:28 . 2012-05-15 18:48 6151488 ----a-w- c:\windows\system32\nvcpl.dll
    2012-05-15 00:21 . 2012-05-15 00:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
    2012-05-04 17:29 . 2012-05-22 19:15 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2012-05-04 17:29 . 2012-05-22 19:15 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-04-18 17:08 . 2012-05-22 19:11 31040 ----a-w- c:\windows\system32\nvhdap64.dll
    2012-04-18 17:08 . 2012-05-22 19:11 188736 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
    2012-04-18 17:08 . 2012-05-15 18:46 1451840 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
    2012-03-30 11:35 . 2012-05-15 12:37 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
    .
    .
    ((((((((((((((((((((((((((((( SnapShot_2012-06-23_18.05.01 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2012-06-23 23:11 . 2009-07-13 16:07 51462 c:\windows\SysWOW64\Printing_Admin_Scripts\en-US\prnqctl.vbs
    + 2012-06-23 23:11 . 2009-07-13 16:09 56756 c:\windows\SysWOW64\Printing_Admin_Scripts\en-US\prnport.vbs
    + 2012-06-23 23:11 . 2009-07-13 16:04 81048 c:\windows\SysWOW64\Printing_Admin_Scripts\en-US\prnmngr.vbs
    + 2012-06-23 23:11 . 2009-07-13 16:08 69882 c:\windows\SysWOW64\Printing_Admin_Scripts\en-US\prnjobs.vbs
    + 2012-06-23 23:11 . 2009-07-13 16:01 51312 c:\windows\SysWOW64\Printing_Admin_Scripts\en-US\prndrvr.vbs
    + 2012-06-23 23:03 . 2009-07-13 16:42 51806 c:\windows\SysWOW64\Printing_Admin_Scripts\de-DE\prnqctl.vbs
    + 2012-06-23 23:03 . 2009-07-13 16:48 57556 c:\windows\SysWOW64\Printing_Admin_Scripts\de-DE\prnport.vbs
    + 2012-06-23 23:03 . 2009-07-13 16:36 82080 c:\windows\SysWOW64\Printing_Admin_Scripts\de-DE\prnmngr.vbs
    + 2012-06-23 23:03 . 2009-07-13 16:36 70574 c:\windows\SysWOW64\Printing_Admin_Scripts\de-DE\prnjobs.vbs
    + 2012-06-23 23:03 . 2009-07-13 16:35 51986 c:\windows\SysWOW64\Printing_Admin_Scripts\de-DE\prndrvr.vbs
    + 2012-06-23 23:04 . 2010-11-04 15:59 12624 c:\windows\SysWOW64\MUI\0407\mscorees.dll
    + 2012-06-23 23:11 . 2010-11-20 02:19 69632 c:\windows\SysWOW64\en\AuthFWWizFwk.Resources.dll
    + 2012-06-23 23:04 . 2009-07-13 15:51 69632 c:\windows\SysWOW64\de\AuthFWWizFwk.Resources.dll
    - 2012-06-14 14:25 . 2012-06-14 14:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2012-06-14 14:25 . 2012-06-23 23:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2009-07-14 04:54 . 2012-06-23 23:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-07-14 04:54 . 2012-06-14 14:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2012-06-14 14:25 . 2012-06-23 23:23 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2012-06-14 14:25 . 2012-06-14 14:26 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2012-06-14 14:26 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2012-06-23 23:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2012-05-15 12:27 . 2012-06-23 23:35 38016 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2012-06-23 23:35 30610 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2012-06-23 23:10 . 2009-07-13 16:29 51462 c:\windows\system32\Printing_Admin_Scripts\en-US\prnqctl.vbs
    + 2012-06-23 23:10 . 2009-07-13 16:25 56756 c:\windows\system32\Printing_Admin_Scripts\en-US\prnport.vbs
    + 2012-06-23 23:10 . 2009-07-13 16:24 81048 c:\windows\system32\Printing_Admin_Scripts\en-US\prnmngr.vbs
    + 2012-06-23 23:10 . 2009-07-13 16:28 69882 c:\windows\system32\Printing_Admin_Scripts\en-US\prnjobs.vbs
    + 2012-06-23 23:10 . 2009-07-13 16:26 51312 c:\windows\system32\Printing_Admin_Scripts\en-US\prndrvr.vbs
    + 2012-06-23 23:03 . 2009-07-13 17:01 51806 c:\windows\system32\Printing_Admin_Scripts\de-DE\prnqctl.vbs
    + 2012-06-23 23:03 . 2009-07-13 17:01 57556 c:\windows\system32\Printing_Admin_Scripts\de-DE\prnport.vbs
    + 2012-06-23 23:03 . 2009-07-13 16:56 82080 c:\windows\system32\Printing_Admin_Scripts\de-DE\prnmngr.vbs
    + 2012-06-23 23:03 . 2009-07-13 17:03 70574 c:\windows\system32\Printing_Admin_Scripts\de-DE\prnjobs.vbs
    + 2012-06-23 23:03 . 2009-07-13 17:02 51986 c:\windows\system32\Printing_Admin_Scripts\de-DE\prndrvr.vbs
    + 2012-06-23 23:10 . 2012-06-23 23:08 38104 c:\windows\system32\perfd007.dat
    + 2012-06-23 23:04 . 2010-11-04 15:58 12624 c:\windows\system32\MUI\0407\mscorees.dll
    + 2012-06-23 23:11 . 2009-07-13 15:32 69632 c:\windows\system32\en\AuthFWWizFwk.Resources.dll
    + 2012-06-23 23:04 . 2009-07-13 16:11 69632 c:\windows\system32\de\AuthFWWizFwk.Resources.dll
    - 2012-05-15 10:46 . 2012-06-19 19:52 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2012-05-15 10:46 . 2012-06-23 23:23 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2012-06-03 19:26 . 2012-06-19 19:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2012-06-03 19:26 . 2012-06-23 23:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2012-06-19 19:52 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2012-06-23 23:23 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2012-06-23 23:03 . 2009-06-10 11:52 43192 c:\windows\Speech\Engines\SR\de-DE\wp1031.bin
    + 2009-07-14 04:46 . 2012-06-23 19:32 97784 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
    + 2012-06-23 23:04 . 2010-11-04 15:58 42848 c:\windows\Microsoft.NET\Framework64\v3.5\de\MSBuild.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 17760 c:\windows\Microsoft.NET\Framework64\v3.5\de\EdmGen.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 14696 c:\windows\Microsoft.NET\Framework64\v3.5\de\DataSvcUtil.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 38760 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\de\WsatConfig.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 36864 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\de\System.ServiceModel.Install.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 16744 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\de\SMSvcHost.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 25456 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\de\ServiceModelReg.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 28672 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\de\Microsoft.Transactions.Bridge.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 42856 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\de\ComSvcConfig.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 29008 c:\windows\Microsoft.NET\Framework64\v2.0.50727\MUI\0407\mscorsecr.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 81920 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Web.Services.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 81920 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Web.Mobile.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 28672 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Transactions.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 40960 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.ServiceProcess.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 28672 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Security.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 11776 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Runtime.Serialization.Formatters.Soap.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 32768 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Runtime.Remoting.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 77824 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Messaging.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 13824 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Management.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 32768 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.EnterpriseServices.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 24576 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Drawing.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 40960 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.DirectoryServices.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 28672 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.DirectoryServices.Protocols.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 36864 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\system.data.sqlxml.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 49152 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Configuration.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 28672 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Configuration.Install.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 10752 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\sysglobl.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 93520 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\ShFusRes.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 11264 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\Regasm.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 13312 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\MSBuild.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 61440 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\Microsoft.VisualBasic.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 45056 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\Microsoft.JScript.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 10752 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\Microsoft.Build.Utilities.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 53248 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\Microsoft.Build.Engine.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 36864 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\caspol.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 40960 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\aspnet_regsql.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 90448 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\aspnet_rc.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 10576 c:\windows\Microsoft.NET\Framework64\v2.0.50727\1031\CvtResUI.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 27472 c:\windows\Microsoft.NET\Framework64\v2.0.50727\1031\alinkui.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 42848 c:\windows\Microsoft.NET\Framework\v3.5\de\MSBuild.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 17760 c:\windows\Microsoft.NET\Framework\v3.5\de\EdmGen.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 14696 c:\windows\Microsoft.NET\Framework\v3.5\de\DataSvcUtil.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 38760 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\de\WsatConfig.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 36864 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\de\System.ServiceModel.Install.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 16744 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\de\SMSvcHost.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 25456 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\de\ServiceModelReg.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 28672 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\de\Microsoft.Transactions.Bridge.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 42856 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\de\ComSvcConfig.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 29520 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0407\mscorsecr.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Web.Services.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Web.Mobile.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Transactions.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.ServiceProcess.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Security.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 11776 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Runtime.Serialization.Formatters.Soap.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Runtime.Remoting.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Messaging.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Management.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.EnterpriseServices.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Drawing.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.DirectoryServices.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.DirectoryServices.Protocols.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\system.data.sqlxml.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 49152 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Configuration.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Configuration.Install.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\sysglobl.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 93008 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\ShFusRes.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 11264 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\Regasm.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\MSBuild.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 61440 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\Microsoft.VisualBasic.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 45056 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\Microsoft.JScript.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\Microsoft.Build.Utilities.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\Microsoft.Build.Engine.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\caspol.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\aspnet_regsql.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 90960 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\aspnet_rc.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 11088 c:\windows\Microsoft.NET\Framework\v2.0.50727\1031\CvtResUI.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 27984 c:\windows\Microsoft.NET\Framework\v2.0.50727\1031\alinkui.dll
    + 2012-06-23 23:14 . 2012-06-23 23:14 31548 c:\windows\inf\PERFLIB\0409\perfd.dat
    + 2012-06-23 23:14 . 2012-06-23 23:14 31548 c:\windows\inf\PERFLIB\0409\perfc.dat
    + 2012-06-23 23:09 . 2012-06-23 23:08 38104 c:\windows\inf\PERFLIB\0407\perfd.dat
    + 2012-06-23 23:09 . 2012-06-23 23:08 38104 c:\windows\inf\PERFLIB\0407\perfc.dat
    + 2012-06-23 23:03 . 2009-06-08 07:58 90112 c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_de_31bf3856ad364e35\WindowsBase.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 36864 c:\windows\assembly\GAC_MSIL\system.workflow.runtime.resources\3.0.0.0_de_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 81920 c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Web.Services.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 81920 c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 49152 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_de_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 15360 c:\windows\assembly\GAC_MSIL\System.Web.Entity.resources\3.5.0.0_de_b77a5c561934e089\System.Web.Entity.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 11264 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design.resources\3.5.0.0_de_b77a5c561934e089\System.Web.Entity.Design.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 16896 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.resources\3.5.0.0_de_31bf3856ad364e35\System.Web.DynamicData.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 28672 c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_de_b77a5c561934e089\System.Transactions.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 65536 c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_de_31bf3856ad364e35\System.Speech.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 40960 c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 69632 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_de_31bf3856ad364e35\System.ServiceModel.Web.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 36864 c:\windows\assembly\GAC_MSIL\system.servicemodel.install.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 28672 c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Security.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 98304 c:\windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_de_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 11776 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 32768 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 16896 c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_de_31bf3856ad364e35\System.Printing.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 77824 c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Messaging.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 13824 c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Management.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 11776 c:\windows\assembly\GAC_MSIL\system.io.log.resources\3.0.0.0_de_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 53248 c:\windows\assembly\GAC_MSIL\system.identitymodel.selectors.resources\3.0.0.0_de_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 65536 c:\windows\assembly\GAC_MSIL\system.identitymodel.resources\3.0.0.0_de_b77a5c561934e089\System.IdentityModel.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 32768 c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Drawing.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 40960 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 28672 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 36864 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_de_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 36864 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_de_b77a5c561934e089\system.data.sqlxml.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 98304 c:\windows\assembly\GAC_MSIL\System.Data.Services.resources\3.5.0.0_de_b77a5c561934e089\System.Data.Services.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 11776 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design.resources\3.5.0.0_de_b77a5c561934e089\System.Data.Services.Design.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 53248 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client.resources\3.5.0.0_de_b77a5c561934e089\System.Data.Services.Client.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 57344 c:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_de_b77a5c561934e089\System.Data.Linq.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 15360 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design.resources\3.5.0.0_de_b77a5c561934e089\System.Data.Entity.Design.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 61440 c:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_de_b77a5c561934e089\System.Core.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 49152 c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Configuration.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 28672 c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 10752 c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_de_b03f5f7f11d50a3a\sysglobl.resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:32 11776 c:\windows\assembly\GAC_MSIL\SecurityAuditPoliciesSnapIn.resources\6.1.0.0_en_31bf3856ad364e35\SecurityAuditPoliciesSnapIn.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:12 13312 c:\windows\assembly\GAC_MSIL\SecurityAuditPoliciesSnapIn.resources\6.1.0.0_de_31bf3856ad364e35\SecurityAuditPoliciesSnapIn.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 36864 c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_de_31bf3856ad364e35\ReachFramework.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 53248 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_de_31bf3856ad364e35\PresentationBuildTasks.resources.dll
    + 2012-06-23 23:11 . 2009-07-13 15:32 49152 c:\windows\assembly\GAC_MSIL\napinit.resources\6.1.0.0_en_31bf3856ad364e35\napinit.Resources.dll
    + 2012-06-23 23:04 . 2009-07-13 16:11 49152 c:\windows\assembly\GAC_MSIL\napinit.resources\6.1.0.0_de_31bf3856ad364e35\napinit.Resources.dll
    + 2012-06-23 23:11 . 2010-11-20 02:19 36864 c:\windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_en_31bf3856ad364e35\MMCEx.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 16:52 36864 c:\windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_de_31bf3856ad364e35\MMCEx.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 15360 c:\windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 61440 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 28672 c:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_de_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:33 73728 c:\windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.1.0.0_en_31bf3856ad364e35\microsoft.tpm.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.1.0.0_de_31bf3856ad364e35\microsoft.tpm.resources.dll
    + 2012-06-23 23:04 . 2009-07-13 16:13 10240 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.PowerShell.Security.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 28672 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.Resources.dll
     
  12. cschrille

    cschrille TS Enthusiast Topic Starter Posts: 177

    + 2012-06-23 23:03 . 2009-07-13 17:13 40960 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.PowerShell.Gpowershell.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 69632 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.PowerShell.Editor.Resources.dll
    + 2012-06-23 23:04 . 2010-11-20 03:16 45056 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.Resources.dll
    + 2012-06-23 23:04 . 2010-11-20 03:16 53248 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 36864 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 11776 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:13 16384 c:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_en_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 16:52 28672 c:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_de_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 45056 c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.JScript.Resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:33 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Ink.Resources.dll
    + 2012-06-23 23:04 . 2009-07-13 16:13 40960 c:\windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.Ink.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 10752 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_de_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 53248 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_de_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
    + 2012-06-23 23:11 . 2010-11-20 03:16 12800 c:\windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.ApplicationId.Framework.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:12 24576 c:\windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.ApplicationId.Framework.Resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:32 90112 c:\windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:12 90112 c:\windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll
    + 2012-06-23 23:11 . 2009-07-13 16:12 90112 c:\windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll
    + 2012-06-23 23:04 . 2009-07-13 16:52 90112 c:\windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll
    + 2012-06-23 23:04 . 2010-11-20 02:15 4608 c:\windows\SysWOW64\WindowsPowerShell\v1.0\de-DE\powershell_ise.resources.dll
    + 2012-06-23 23:11 . 2009-07-13 16:08 7418 c:\windows\SysWOW64\Printing_Admin_Scripts\en-US\pubprn.vbs
    + 2012-06-23 23:03 . 2009-07-13 16:48 7518 c:\windows\SysWOW64\Printing_Admin_Scripts\de-DE\pubprn.vbs
    + 2012-06-23 23:03 . 2009-07-13 17:12 4608 c:\windows\system32\WindowsPowerShell\v1.0\de-DE\powershell_ise.resources.dll
    + 2012-05-15 11:06 . 2012-06-23 23:35 8900 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3856055600-2435477386-2425398921-1000_UserData.bin
    + 2012-06-23 23:10 . 2009-07-13 16:30 7418 c:\windows\system32\Printing_Admin_Scripts\en-US\pubprn.vbs
    + 2012-06-23 23:03 . 2009-07-13 17:01 7518 c:\windows\system32\Printing_Admin_Scripts\de-DE\pubprn.vbs
    - 2012-06-23 18:04 . 2012-06-23 18:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2012-06-23 23:32 . 2012-06-23 23:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2012-06-23 23:32 . 2012-06-23 23:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2012-06-23 18:04 . 2012-06-23 18:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2012-06-23 23:04 . 2010-11-04 15:58 4096 c:\windows\Microsoft.NET\Framework64\v3.5\de\Microsoft.Data.Entity.Build.Tasks.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 5120 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\de\SMDiagnostics.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 5120 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\de\Microsoft.Transactions.Bridge.Dtc.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 6144 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Drawing.Design.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 6656 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\JSC.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 4096 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\InstallUtil.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 5632 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\aspnet_regbrowsers.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 8704 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\aspnet_compiler.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 4096 c:\windows\Microsoft.NET\Framework\v3.5\de\Microsoft.Data.Entity.Build.Tasks.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 5120 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\de\SMDiagnostics.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 5120 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\de\Microsoft.Transactions.Bridge.Dtc.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\de\Microsoft.VisualBasic.Compatibility.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\de\Microsoft.VisualBasic.Compatibility.Data.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 6144 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Drawing.Design.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\JSC.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 4096 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\InstallUtil.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\aspnet_regbrowsers.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 8704 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\aspnet_compiler.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 5120 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_de_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 7168 c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_de_31bf3856ad364e35\UIAutomationTypes.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 4096 c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_de_31bf3856ad364e35\UIAutomationProvider.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 8192 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_de_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 4096 c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_de_31bf3856ad364e35\UIAutomationClient.resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:12 7168 c:\windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.1.0.0_en_31bf3856ad364e35\TaskScheduler.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 16:51 7168 c:\windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.1.0.0_de_31bf3856ad364e35\TaskScheduler.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 3584 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation.resources\3.5.0.0_de_b77a5c561934e089\System.Windows.Presentation.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 7168 c:\windows\assembly\GAC_MSIL\System.Web.Routing.resources\3.5.0.0_de_31bf3856ad364e35\System.Web.Routing.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 4096 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design.resources\3.5.0.0_de_31bf3856ad364e35\System.Web.DynamicData.Design.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 3584 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions.resources\3.5.0.0_de_31bf3856ad364e35\System.Web.Abstractions.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 6144 c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 8192 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations.resources\3.5.0.0_de_31bf3856ad364e35\System.ComponentModel.DataAnnotations.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 5120 c:\windows\assembly\GAC_MSIL\smdiagnostics.resources\3.0.0.0_de_b77a5c561934e089\SMDiagnostics.resources.dll
    + 2012-06-23 23:11 . 2010-11-20 02:19 4096 c:\windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_en_31bf3856ad364e35\MMCFxCommon.Resources.dll
    + 2012-06-23 23:04 . 2010-11-20 02:15 4608 c:\windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_de_31bf3856ad364e35\MMCFxCommon.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 12:14 9728 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 12:14 9216 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
    + 2012-06-23 23:04 . 2010-11-20 03:16 7168 c:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.resources.dll
    + 2012-06-23 23:11 . 2010-11-20 03:16 4096 c:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.resources.dll
    + 2012-06-23 23:04 . 2009-07-13 16:13 4096 c:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 4096 c:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 4096 c:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 4096 c:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 4096 c:\windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 5120 c:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_de_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
    + 2012-06-23 23:11 . 2010-11-20 03:16 6656 c:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources.dll
    + 2012-06-23 23:04 . 2010-11-20 03:16 7168 c:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:33 6656 c:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 7168 c:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:13 5632 c:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:12 7168 c:\windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.Resources\1.0.0.0_de_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll
    + 2012-06-23 23:11 . 2010-11-20 02:19 8192 c:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35\EventViewer.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 16:50 9216 c:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_de_31bf3856ad364e35\EventViewer.resources.dll
    + 2012-06-23 23:11 . 2009-07-13 16:04 105940 c:\windows\SysWOW64\Printing_Admin_Scripts\en-US\prncnfg.vbs
    + 2012-06-23 23:03 . 2009-07-13 16:39 106798 c:\windows\SysWOW64\Printing_Admin_Scripts\de-DE\prncnfg.vbs
    + 2012-06-23 23:23 . 2012-06-23 23:23 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe
    + 2012-05-15 14:54 . 2012-06-23 23:23 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    + 2012-06-23 23:10 . 2009-07-13 16:25 105940 c:\windows\system32\Printing_Admin_Scripts\en-US\prncnfg.vbs
    + 2012-06-23 23:03 . 2009-07-13 16:58 106798 c:\windows\system32\Printing_Admin_Scripts\de-DE\prncnfg.vbs
    + 2012-06-23 23:10 . 2012-06-23 23:08 295922 c:\windows\system32\perfi007.dat
    - 2009-07-14 07:43 . 2012-06-23 10:44 661494 c:\windows\system32\perfh01D.dat
    + 2009-07-14 07:43 . 2012-06-23 23:10 661494 c:\windows\system32\perfh01D.dat
    + 2009-07-14 02:36 . 2012-06-23 23:10 651938 c:\windows\system32\perfh009.dat
    - 2009-07-14 02:36 . 2012-06-23 10:44 651938 c:\windows\system32\perfh009.dat
    + 2012-06-23 23:10 . 2012-06-23 23:10 686330 c:\windows\system32\perfh007.dat
    + 2009-07-14 07:43 . 2012-06-23 23:10 141296 c:\windows\system32\perfc01D.dat
    - 2009-07-14 07:43 . 2012-06-23 10:44 141296 c:\windows\system32\perfc01D.dat
    - 2009-07-14 02:36 . 2012-06-23 10:44 120870 c:\windows\system32\perfc009.dat
    + 2009-07-14 02:36 . 2012-06-23 23:10 120870 c:\windows\system32\perfc009.dat
    + 2012-06-23 23:10 . 2012-06-23 23:10 147458 c:\windows\system32\perfc007.dat
    + 2012-06-23 23:23 . 2012-06-23 23:23 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_262_Plugin.exe
    + 2012-06-23 23:10 . 2009-07-13 16:32 159744 c:\windows\system32\en\Narrator.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:12 163840 c:\windows\system32\de\Narrator.resources.dll
    - 2009-07-14 05:12 . 2009-07-14 05:12 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2009-07-14 05:12 . 2012-06-23 23:23 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2012-06-23 23:03 . 2009-06-10 11:52 533316 c:\windows\Speech\Engines\SR\de-DE\tn1031.bin
    - 2009-07-14 05:01 . 2012-06-23 18:03 277608 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2009-07-14 05:01 . 2012-06-23 23:31 277608 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2012-06-23 23:04 . 2010-11-04 15:58 163840 c:\windows\Microsoft.NET\Framework64\v3.5\de\Microsoft.Build.Tasks.v3.5.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 272712 c:\windows\Microsoft.NET\Framework64\v3.5\1031\vbc7ui.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 198480 c:\windows\Microsoft.NET\Framework64\v3.5\1031\cscompui.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 372736 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\de\PresentationUI.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 921600 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\de\infocard.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 167936 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.xml.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 434176 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Windows.Forms.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 622592 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Web.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 212992 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\system.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 544768 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Design.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 397312 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Deployment.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 352256 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Data.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 110592 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\System.Data.OracleClient.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 421712 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\mscorrc.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 315392 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\mscorlib.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 139264 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\Microsoft.Build.Tasks.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 315392 c:\windows\Microsoft.NET\Framework64\v2.0.50727\DE\aspnetmmcext.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 219464 c:\windows\Microsoft.NET\Framework64\v2.0.50727\1031\vbc7ui.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 165712 c:\windows\Microsoft.NET\Framework64\v2.0.50727\1031\cscompui.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 163840 c:\windows\Microsoft.NET\Framework\v3.5\de\Microsoft.Build.Tasks.v3.5.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 272712 c:\windows\Microsoft.NET\Framework\v3.5\1031\vbc7ui.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 198480 c:\windows\Microsoft.NET\Framework\v3.5\1031\cscompui.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 372736 c:\windows\Microsoft.NET\Framework\v3.0\WPF\de\PresentationUI.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 16:00 864256 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\de\infocard.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 167936 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.xml.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 434176 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Windows.Forms.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 622592 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Web.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 212992 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\system.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 544768 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Design.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 397312 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Deployment.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 352256 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Data.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\System.Data.OracleClient.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 422224 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\mscorrc.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 315392 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\mscorlib.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 139264 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\Microsoft.Build.Tasks.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 315392 c:\windows\Microsoft.NET\Framework\v2.0.50727\DE\aspnetmmcext.resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 252752 c:\windows\Microsoft.NET\Framework\v2.0.50727\1031\Vsavb7rtUI.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 219976 c:\windows\Microsoft.NET\Framework\v2.0.50727\1031\vbc7ui.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 166224 c:\windows\Microsoft.NET\Framework\v2.0.50727\1031\cscompui.dll
    + 2012-06-23 23:14 . 2012-06-23 23:14 291294 c:\windows\inf\PERFLIB\0409\perfi.dat
    + 2012-06-23 23:14 . 2012-06-23 23:14 291294 c:\windows\inf\PERFLIB\0409\perfh.dat
    + 2012-06-23 23:09 . 2012-06-23 23:08 295922 c:\windows\inf\PERFLIB\0407\perfi.dat
    + 2012-06-23 23:09 . 2012-06-23 23:08 295922 c:\windows\inf\PERFLIB\0407\perfh.dat
    + 2012-06-23 23:03 . 2009-06-10 11:41 167936 c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_de_b77a5c561934e089\System.xml.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 102400 c:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_de_31bf3856ad364e35\System.WorkflowServices.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 311296 c:\windows\assembly\GAC_MSIL\system.workflow.componentmodel.resources\3.0.0.0_de_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 188416 c:\windows\assembly\GAC_MSIL\system.workflow.activities.resources\3.0.0.0_de_31bf3856ad364e35\System.Workflow.Activities.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 434176 c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 622592 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Web.Resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 634880 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_de_31bf3856ad364e35\System.Web.Extensions.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:59 491520 c:\windows\assembly\GAC_MSIL\system.servicemodel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.Resources.dll
    + 2012-06-23 23:04 . 2010-11-04 15:58 212992 c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\system.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:12 278528 c:\windows\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_de_31bf3856ad364e35\System.Management.Automation.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 544768 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Design.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 397312 c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 352256 c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_de_b77a5c561934e089\System.Data.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 110592 c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_de_b77a5c561934e089\System.Data.OracleClient.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 397312 c:\windows\assembly\GAC_MSIL\System.Data.Entity.resources\3.5.0.0_de_b77a5c561934e089\System.Data.Entity.Resources.dll
    + 2012-06-23 23:11 . 2010-11-20 03:16 200704 c:\windows\assembly\GAC_MSIL\SrpUxSnapIn.resources\6.1.0.0_en_31bf3856ad364e35\SrpUxSnapIn.resources.dll
    + 2012-06-23 23:04 . 2010-11-20 03:16 200704 c:\windows\assembly\GAC_MSIL\SrpUxSnapIn.resources\6.1.0.0_de_31bf3856ad364e35\SrpUxSnapIn.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 372736 c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_de_31bf3856ad364e35\PresentationUI.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 249856 c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
    + 2012-06-23 23:03 . 2009-06-08 07:58 110592 c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:32 233472 c:\windows\assembly\GAC_MSIL\napsnap.resources\6.1.0.0_en_31bf3856ad364e35\napsnap.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:12 233472 c:\windows\assembly\GAC_MSIL\napsnap.resources\6.1.0.0_de_31bf3856ad364e35\napsnap.resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 315392 c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:33 159744 c:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources.dll
    + 2012-06-23 23:04 . 2010-11-20 03:16 159744 c:\windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources.dll
    + 2012-06-23 23:11 . 2010-11-20 02:19 471040 c:\windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.Reporting.Resources\2.0.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.Reporting.Resources.dll
    + 2012-06-23 23:04 . 2010-11-20 02:15 487424 c:\windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.Reporting.Resources\2.0.0.0_de_31bf3856ad364e35\Microsoft.GroupPolicy.Reporting.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:41 139264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_de_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
    + 2012-06-23 23:10 . 2009-07-13 16:33 221184 c:\windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.ApplicationId.RuleWizard.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 17:12 221184 c:\windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_de_31bf3856ad364e35\Microsoft.ApplicationId.RuleWizard.Resources.dll
    + 2012-06-23 23:23 . 2012-06-23 23:23 9459912 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
    + 2012-06-23 23:23 . 2012-06-23 23:23 1535176 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
    + 2012-06-23 23:11 . 2009-07-13 15:12 1617920 c:\windows\SysWOW64\en\AuthFWSnapIn.Resources.dll
    + 2012-06-23 23:04 . 2009-07-13 15:50 1613824 c:\windows\SysWOW64\de\AuthFWSnapIn.Resources.dll
    + 2012-06-23 23:03 . 2009-07-13 15:34 7173120 c:\windows\system32\Speech\SpeechUX\de-DE\SpeechUXRes.dll
    + 2012-06-23 23:11 . 2009-07-13 15:32 1617920 c:\windows\system32\en\AuthFWSnapIn.Resources.dll
    + 2012-06-23 23:04 . 2009-07-13 16:12 1613824 c:\windows\system32\de\AuthFWSnapIn.Resources.dll
    + 2012-06-23 23:03 . 2009-06-10 11:52 3651168 c:\windows\Speech\Engines\SR\de-DE\cp1031.bin
    + 2012-06-23 23:10 . 2009-07-13 16:13 1552384 c:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_en_31bf3856ad364e35\MIGUIControls.resources.dll
    + 2012-06-23 23:03 . 2009-07-13 16:52 1560576 c:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_de_31bf3856ad364e35\MIGUIControls.resources.dll
    + 2012-06-23 23:23 . 2012-06-23 23:23 12310216 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll
    + 2012-05-15 15:03 . 2012-06-23 23:31 52732072 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3856055600-2435477386-2425398921-1000-12288.dat
    + 2012-06-23 23:23 . 2012-06-23 23:23 10584064 c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
    .
    -- 'Snapshot' återställt till dagens datum --
    .
    (((((((((((((((((((((((((((((((((( Startpunkter I registret )))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Not* tomma poster & legitima standardposter visas inte.
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
    "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "mixer3"=wdmaud.drv
    .
    R1 1052426drv;1052426drv;c:\windows\system32\DRIVERS\1052426drv.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
    R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
    R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 TsVlb;TsVlb;c:\windows\system32\DRIVERS\tsvlb.sys [x]
    R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-06-01 736104]
    R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 39377219;39377219;c:\windows\system32\DRIVERS\39377219.sys [x]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
    S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
    S1 TsVp;TsVp;c:\windows\system32\DRIVERS\tsvp.sys [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
    S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
    S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
    S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
    S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
    S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
    S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2012-05-14 10568]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
    S3 TSCOMM;CommStudio Virtual Adapter by TamoSoft;c:\windows\system32\DRIVERS\tscomm.sys [x]
    .
    .
    --- Övriga tjänster/drivrutiner I minnet ---
    .
    *NewlyCreated* - RTCORE64
    .
    Innehåll I mappen 'Schemalagda aktiviteter':
    .
    2012-06-23 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-15 23:23]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-28 11905128]
    "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
    "Eraser"="c:\progra~1\Eraser\Eraser.exe" [2012-05-22 980920]
    .
    ------- Extra genomsökning -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = about:blank
    mStart Page = about:blank
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: &Download All with FlashGet - c:\program files (x86)\FlashGet\jc_all.htm
    IE: &Download with FlashGet - c:\program files (x86)\FlashGet\jc_link.htm
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    TCP: DhcpNameServer = 192.168.1.1
    DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91}
    FF - ProfilePath - c:\users\Ägaren\AppData\Roaming\Mozilla\Firefox\Profiles\r3cyqdc7.default\
    FF - prefs.js: network.proxy.http - 186.215.235.68
    FF - prefs.js: network.proxy.http_port - 3128
    FF - prefs.js: network.proxy.type - 0
    .
    .
    --------------------- LÅSTA REGISTERNYCKLAR ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
    89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
    "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
    1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
    "{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}"=hex:51,66,7a,6c,4c,1d,38,12,68,40,25,
    2b,77,e4,db,02,e0,8b,7a,e8,bc,10,3a,e3
    "{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
    57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
    "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
    d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
    "{F156768E-81EF-470C-9057-481BA8380DBA}"=hex:51,66,7a,6c,4c,1d,38,12,e0,75,45,
    f5,dd,cf,62,02,ef,41,0b,5b,ad,66,49,ae
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:5f,b7,7b,f1,c8,44,cd,01
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Andra processer som körs ------------------------
    .
    c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
    c:\windows\SysWOW64\PnkBstrA.exe
    c:\program files (x86)\DAEMON Tools Lite\DTShellHlp.exe
    c:\program files (x86)\Mozilla Firefox\firefox.exe
    .
    **************************************************************************
    .
    Sluttid: 2012-06-24 01:38:25 - datorn startades om.
    ComboFix-quarantined-files.txt 2012-06-23 23:38
    ComboFix2.txt 2012-06-23 18:47
    ComboFix3.txt 2012-06-23 18:09
    .
    Före genomsökningen: 228 864 729 088 byte ledigt
    Efter genomsökningen: 228 817 739 776 byte ledigt
    .
    - - End Of File - - 547AC65FCA98CC9E570252FAB21498F0
     
  13. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Looks good to me.

    Make sure you reset system restore and you should be good to go.
     
  14. cschrille

    cschrille TS Enthusiast Topic Starter Posts: 177

    Thanks man :)
     
  15. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Sure thing :)
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...