Backdoorprogramm BDS/Cycbot.176128.56

kira · 20.12.2011, 12:37

1.
Vor dem nächsten Schritt, also bevor wir weitermachen:
Da jederzeit etwas passieren kann, wenn du wichtige Daten hast die Du sichern möchtest, empfehle ich Dir es jetzt machen (wie Bilder, Musik usw)
►Achte darauf: Die sicherten Daten sollen keine "Ausführbare Dateien" enthalten! - ►Dateiendungen - Dies ist eine Liste von Dateiendungen, die Dateien mit ausführbarem Code bezeichnen können.
Unabhängig von einem Befall (weil ja kann eine Festplatte auch kaputt gehen, oder es gibt andere technische Probleme ), sollte man regelmäßig Sicherung machen und an einem sicheren Ort bewahren, wie CD und DVD, externe Festplatten oder/und USB-Sticks
Mache das jetzt bitte!

2.
Lade Combofix von einem der folgenden Download-Spiegel herunter:

BleepingComputer.com - ForoSpyware.com

und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig!
Beachte die ausführliche Original-Anleitung.

Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:

Windows XP (nur 32-bit)
Windows 2000 (nur 32-bit)
Windows Vista (32-bit/64-bit)
Windows 7 (32-bit/64-bit)

Vorbereitung und wichtige Hinweise

Bitte während des Scans mit Combofix Antiviren- sowie Antispy-Programme, die Firewall und evtl. vorhandenes Skript-Blocking (Norton) deaktivieren.
Liste der zu deaktivierenden Programme.
Bei Unklarheiten bitte vorher fragen.
Bitte während des Laufs von Combofix nicht in das Combofix-Fenster klicken.
Das könnte Dein System einfrieren oder hängen bleiben lassen.
Es kann circa eine Viertelstunde dauern, bis der Scan fertig ist.
ComboFix wird Deine Einstellungen in Bezug auf den Bildschirmschoner zurücksetzen.
Diese Einstellungen kannst Du nach Beendigung unserer Bereinigung wieder ändern.
Mache nichts anderes, wenn es Dir nicht gelungen ist, Combofix laufen zu lassen.
Teile uns das mit und warte auf unsere Anweisungen.

Kurzanleitung zur Installation der Wiederherstellungskonsole unter XP

Doppelklicke auf die ComboFix.exe und folge den Anweisungen.
Akzeptiere die Bedingungen (Disclaimer) mit "Ja".
ComboFix wird schauen, ob die Microsoft-Windows-Wiederherstellungskonsole installiert ist.
Dies ist Teil des Prozesses. Angesichts der Art von Malware Infizierungen, die es heute gibt, wird dringend empfohlen, diese Wiederherstellungskonsole auf dem PC installiert zu haben, bevor jegliche Reinigung von Malware durchgeführt wird.
Folge den Anweisungen, um ComboFix das Herunterladen und Installieren der Wiederherstellungskonsole zu ermöglichen und stimme dem Lizenzvertrag (EULA) zu, sobald Du dazu aufgefordert wirst.

** Zur Information: Sollte die Wiederherstellungskonsole schon installiert sein, so wird ComboFix seine Malware-Entfernungsprozedur normal fortfahren.

Sobald die Wiederherstellungskonsole durch ComboFix installiert wurde, solltest Du folgende Nachricht sehen:

Klicke "Ja", um mit dem Suchlauf nach Malware fortzufahren.

Wenn ComboFix fertig ist, wird es ein Log erstellen (bitte warten, das dauert einen Moment).
Unbedingt warten, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint.
Bitte poste die Log-Dateien C:\ComboFix.txt und C:\Qoobox\Add-Remove Programs.txt in Code-Tags hier in den Thread.

Hinweis: Combofix macht aus verschiedenen Gründen den Internet Explorer zum Standard-Browser und erstellt ein IE-Icon auf dem Desktop.
Das IE-Desktop-Icon kannst Du nach der Bereinigung wieder löschen und Deinen bevorzugten Browser wieder als Standard-Browser einstellen.

Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen!

Rheingold · 20.12.2011, 21:16

Liebe Kira,
vielen Dank für die Anweisungen! Echt, alleine wäre ich aufgeschmissen!
Combofix kann ich erst morgen abend durchführen, u.a. weil ich meine Daten erst mal wieder neu sichern muss.

Ich habe heute auch festgestellt, dass das avira update auf meinem eigenen Account (auch ein Admin Konto) nicht funktioniert. Aber vielleicht kriege ich das mit deiner Hilfe wieder hin.

Viele Grüße und 1.000 Dank,
Jasmina

Rheingold · 21.12.2011, 08:46

:

Code:

ATTFilter

ComboFix 11-12-20.04 - Administrator 21.12.2011   8:27.2.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3990.2146 [GMT 1:00]
ausgeführt von:: c:\users\Administrator\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LP
c:\program files (x86)\LP\A7CB\6FA5.tmp
c:\program files (x86)\LP\A7CB\897.tmp
c:\program files (x86)\LP\A7CB\A7A3.tmp
c:\program files (x86)\LP\A7CB\DE11.tmp
c:\program files (x86)\LP\A7CB\ED79.tmp
c:\program files (x86)\mbam-setup-1.51.2.1300.exe
c:\program files (x86)\PSISetup2003.exe
c:\program files (x86)\RealPlayer_1406666_de.exe
c:\program files (x86)\Setup.exe
c:\users\ADMINI~1\AppData\Local\Temp\SASF93E.tmp
c:\users\Administrator\AppData\Local\Temp\SASF93E.tmp
c:\users\Jasmina\FacebookVideoCallSetup_v1.2.203.0.exe
c:\users\Jasmina\fbookbot.exe
c:\users\Jasmina\mp3DC213.exe
c:\windows\assembly\tmp\U
c:\windows\SysWow64\SWCTL.DLL
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-11-21 bis 2011-12-21  ))))))))))))))))))))))))))))))
.
.
2011-12-21 07:33 . 2011-12-21 07:33	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2011-12-21 07:33 . 2011-12-21 07:33	--------	d-----w-	c:\users\Public\AppData\Local\temp
2011-12-21 07:33 . 2011-12-21 07:33	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Local\temp
2011-12-19 12:21 . 2011-12-19 12:21	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-19 09:30 . 2011-12-19 09:30	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2011-12-19 09:30 . 2011-12-19 09:30	--------	d-----w-	c:\windows\system32\wbem\en-US
2011-12-19 09:13 . 2011-12-19 09:13	--------	d-----w-	c:\program files\Microsoft Silverlight
2011-12-19 09:12 . 2011-12-19 09:12	13072536	----a-w-	c:\windows\Silverlight_x64.exe
2011-12-19 08:00 . 2011-12-19 08:50	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2011-12-19 08:00 . 2011-12-19 08:50	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2011-12-18 12:56 . 2011-12-18 12:56	--------	d-----w-	c:\program files (x86)\ESET
2011-12-18 07:06 . 2011-12-18 07:06	--------	d-----w-	C:\_OTL
2011-12-16 08:08 . 2011-12-16 08:08	--------	d-----w-	c:\users\Administrator\AppData\Roaming\RealNetworks
2011-12-15 10:50 . 2011-12-15 10:50	--------	d-----w-	c:\users\Administrator\AppData\Local\SoftGrid Client
2011-12-15 10:50 . 2011-12-19 09:19	--------	d-----w-	c:\users\Administrator\AppData\Roaming\SoftGrid Client
2011-12-15 10:34 . 2011-12-15 10:34	--------	d-----w-	c:\program files\iPod
2011-12-15 10:34 . 2011-12-15 10:35	--------	d-----w-	c:\program files\iTunes
2011-12-15 10:34 . 2011-12-15 10:35	--------	d-----w-	c:\program files (x86)\iTunes
2011-12-15 10:29 . 2011-12-15 10:29	11776	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nprjplug.dll
2011-12-15 10:29 . 2011-12-15 10:29	--------	d-----w-	c:\program files (x86)\Common Files\xing shared
2011-12-15 10:29 . 2011-12-15 10:29	150696	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppl3260.dll
2011-12-15 10:28 . 2011-12-15 10:28	108544	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
2011-12-15 10:28 . 2011-12-15 10:28	499712	----a-w-	c:\windows\SysWow64\msvcp71.dll
2011-12-15 10:28 . 2011-12-15 10:28	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2011-12-15 10:25 . 2011-12-15 10:25	713472	----a-w-	c:\program files (x86)\RealPlayer.exe
2011-12-15 10:22 . 2011-12-15 10:25	--------	d-sh--w-	c:\users\Administrator\AppData\Local\4d0d2e25
2011-12-15 09:41 . 2011-12-15 09:41	--------	d-----w-	c:\program files\CCleaner
2011-12-15 09:39 . 2011-12-15 09:39	3552208	----a-w-	c:\program files (x86)\ccsetup313.exe
2011-12-14 22:09 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2011-12-14 22:09 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2011-12-14 22:09 . 2011-10-26 05:21	43520	----a-w-	c:\windows\system32\csrsrv.dll
2011-12-14 22:09 . 2011-11-24 04:52	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-12-14 21:58 . 2011-11-05 05:32	2048	----a-w-	c:\windows\system32\tzres.dll
2011-12-14 21:58 . 2011-11-05 04:26	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-12-14 18:58 . 2011-12-14 18:58	163	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl593131_64.bat
2011-12-14 07:38 . 2011-12-14 07:38	--------	d-sh--w-	c:\users\Jasmina\AppData\Local\4d0d2e25
2011-12-14 07:35 . 2011-12-15 20:45	--------	d-----w-	c:\users\Jasmina\AppData\Roaming\57168
2011-12-14 07:34 . 2011-12-15 20:45	--------	d-----w-	c:\users\Jasmina\AppData\Roaming\B8457
2011-12-13 19:19 . 2011-12-13 19:19	181	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl1265152_64.bat
2011-12-13 19:18 . 2011-12-13 19:18	163	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl1246260_64.bat
2011-12-13 19:18 . 2011-12-13 19:18	163	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl1208336_64.bat
2011-12-13 19:17 . 2011-12-16 08:57	--------	d-sh--w-	c:\users\Nico.dell-PC.000\AppData\Local\4d0d2e25
2011-12-13 19:17 . 2011-12-13 19:17	165	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl1172004_64.bat
2011-12-13 19:14 . 2011-12-15 20:45	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Roaming\57168
2011-12-13 19:14 . 2011-12-15 07:04	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Roaming\B8457
2011-12-08 18:59 . 2011-12-08 18:59	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Local\Apple
2011-12-02 15:28 . 2011-12-02 15:28	--------	d-----w-	c:\programdata\Nexon
2011-12-02 14:45 . 2011-12-02 15:22	--------	d-----w-	C:\Download
2011-12-02 14:45 . 2011-12-02 15:22	--------	d-----w-	C:\Nexon
2011-12-02 14:45 . 2011-12-02 14:45	235	----a-w-	c:\windows\SysWow64\nxEuUninstall.bat
2011-12-02 14:45 . 2011-12-02 14:45	446464	----a-w-	c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-11-28 19:37 . 2011-11-29 08:07	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Local\Windows Live
2011-11-24 08:40 . 2011-06-16 16:53	232960	----a-w-	c:\windows\system32\Spool\prtprocs\x64\EKIJ5000PPR.dll
2011-11-24 08:36 . 2011-11-24 08:36	--------	d-----w-	c:\windows\SysWow64\spool
2011-11-24 08:23 . 2011-11-24 08:23	12713136	----a-w-	c:\program files (x86)\aio_install.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-19 08:53 . 2011-05-23 11:19	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-12-19 08:53 . 2011-05-23 11:19	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-12-17 08:14 . 2011-05-21 18:35	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-12-17 08:14 . 2011-05-21 18:35	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-12-14 07:38 . 2011-05-19 13:13	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-29 10:50 . 2011-10-29 10:49	39401336	----a-w-	c:\program files (x86)\QuickTimeInstaller.exe
2011-10-29 09:21 . 2011-05-15 03:21	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-10-29 09:17 . 2011-10-29 09:10	910624	----a-w-	c:\program files (x86)\jxpiinstall.exe
2011-10-29 08:54 . 2011-10-29 08:54	1019816	----a-w-	c:\program files\DELL_DELL-DIGITAL-DELIVERY_A05_R313622.exe
2011-10-25 11:17 . 2011-10-25 11:17	9756672	----a-w-	c:\program files\L502X_A__06.exe
2011-10-24 12:29 . 2011-10-24 12:29	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2011-10-17 07:05 . 2011-10-17 07:05	13885360	----a-w-	c:\program files (x86)\Firefox Setup 7.0.1.exe
2011-10-17 06:07 . 2011-10-17 06:07	1739400	----a-w-	c:\users\Jasmina\PSISetup2003.exe
2011-10-13 06:08 . 2011-10-13 06:08	292184	----a-w-	c:\users\Jasmina\dxwebsetup.exe
2011-10-07 15:06 . 2011-10-07 14:58	384512408	----a-w-	c:\users\Jasmina\Nero-11.0.10700_trial.exe
2011-10-04 18:36 . 2011-10-04 18:36	10308272	----a-w-	c:\users\Jasmina\Opera_1151_int_Setup.exe
2011-10-03 12:40 . 2011-10-03 12:41	247053	----a-w-	c:\program files (x86)\mp3DC213.exe
2011-10-01 07:43 . 2011-10-01 07:43	6727840	----a-w-	c:\users\Jasmina\SkypeClicktoCall.exe
2011-09-29 16:29 . 2011-11-09 07:00	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-09-29 06:55 . 2011-09-29 06:55	3103511	----a-w-	c:\program files (x86)\kcsetup8.exe
2011-09-24 16:12 . 2011-09-24 16:12	1291624	----a-w-	c:\program files\wlsetup-web__1_.exe
2011-09-23 13:20 . 2011-05-15 03:22	525544	----a-w-	c:\windows\system32\deployJava1.dll
2011-09-23 13:06 . 2011-09-23 13:05	21073936	----a-w-	c:\program files (x86)\vlc-1.1.11-win32.exe
2011-09-23 11:41 . 2011-09-23 11:40	23773184	----a-w-	c:\program files (x86)\PXCViewer98_x64.msi
2011-09-23 11:31 . 2011-09-22 09:34	3089056	----a-w-	c:\program files (x86)\install_flash_player.exe
2011-09-23 11:27 . 2011-09-23 11:27	1376768	----a-w-	c:\program files (x86)\7z920-x64.msi
2011-09-16 05:47 . 2011-09-16 05:44	168166968	----a-w-	c:\program files (x86)\OOo_3.3.0_Win_x86_install-wJRE_de.exe
2011-08-30 14:06 . 2011-05-28 12:11	14563768	----a-w-	c:\program files (x86)\FreeYouTubeToMP3Converter.exe
2011-08-30 14:04 . 2011-05-28 12:13	14212584	----a-w-	c:\program files (x86)\FreeYouTubeToiPodConverter.exe
2011-08-28 10:12 . 2011-08-28 10:11	51975388	----a-w-	c:\program files (x86)\VSX4_Pro_TBYB.exe.part
2011-08-28 08:56 . 2011-08-28 08:55	2466704	----a-w-	c:\program files (x86)\AdobeDownloadAssistant.exe
2011-08-27 10:56 . 2011-08-27 10:56	1228384	----a-w-	c:\program files (x86)\PremiereElements_9_LS15.exe
2011-08-27 10:23 . 2011-08-27 10:23	8353800	----a-w-	c:\program files (x86)\Adobe_Premiere_Elements_9-AkamaiDLM.exe
2011-08-25 16:58 . 2011-08-25 16:58	6716353	----a-w-	c:\program files (x86)\Sunbird_Setup_1.0_Beta_1.exe
2011-07-18 14:59 . 2011-07-18 14:59	13522064	----a-w-	c:\program files (x86)\Firefox Setup 5.0.1.exe
2011-05-22 08:35 . 2011-05-22 08:35	21255560	----a-w-	c:\program files (x86)\SkypeSetupFull.exe
2011-05-19 13:44 . 2011-05-19 13:44	1663693	----a-w-	c:\program files (x86)\winrar-x64-400d.exe
2011-05-19 13:39 . 2011-05-19 13:37	81797928	----a-w-	c:\program files (x86)\iTunes64Setup.exe
2011-05-19 13:18 . 2011-05-19 13:17	20240744	----a-w-	c:\program files (x86)\gimp-2.6.11-i686-setup.exe
2011-05-19 13:17 . 2011-05-19 13:17	19735256	----a-w-	c:\program files (x86)\gimp-2.6.8-x64-setup.exe
2011-05-19 13:10 . 2011-05-19 13:10	14166016	----a-w-	c:\program files (x86)\wz150gev.msi
2011-05-19 13:06 . 2011-05-19 13:06	767064	----a-w-	c:\program files (x86)\wpsetup4.57.exe
2011-05-19 11:34 . 2011-05-19 11:34	568648	----a-w-	c:\program files (x86)\GoogleEarthSetup.exe
2011-05-19 11:28 . 2011-05-19 11:28	52718176	----a-w-	c:\program files (x86)\avira_antivir_personal_de.exe
2011-05-19 11:26 . 2011-05-19 11:26	9326056	----a-w-	c:\program files (x86)\Thunderbird Setup 3.1.10.exe
2011-05-19 11:25 . 2011-05-19 11:25	12362480	----a-w-	c:\program files (x86)\Firefox Setup 4.0.1.exe
2011-01-19 11:34 . 2011-01-19 11:34	3003392	----a-w-	c:\program files (x86)\openofficeorg33.msi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"SMSTray"="c:\program files (x86)\Samsung\EmoDio\SMSTray.exe" [2009-04-16 479232]
"NBAgent"="c:\program files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]
"ChicoSys"="c:\windows\SysWOW64\cc32\webtmr.exe" [2009-07-13 5635736]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-12-15 296056]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"EKIJ5000StatusMonitor"="c:\windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe" [2011-06-16 2922496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-11 163040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CCWinTray"="c:\windows\tray\wintmr.exe" [2009-07-13 5975704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2011-09-05 2232752]
.
c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\users\Jasmina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"HideFastUserSwitching"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)
"EnableLUA"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-19 136176]
R2 ksupmgr;File-/Update Service;c:\windows\SysWOW64\ksupmgr.exe [2010-08-25 765592]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-19 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [x]
R3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184]
S2 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2010-05-28 2650112]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-09-05 393648]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-11-30 1997416]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]
S3 AVer7231_x64;AVerMedia 7231 capture service;c:\windows\system32\DRIVERS\AVer7231_x64.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);c:\windows\system32\DRIVERS\HPMo4DE3.sys [x]
S3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);c:\windows\system32\Drivers\HPub4DE3.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - avipbb
*Deregistered* - Chico
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3230886925-126132133-2629391164-1025UA.job
- c:\users\Nico.dell-PC.000\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-10 19:23]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-12-14 6561384]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-11 2186856]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-11-29 312936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 418328]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-01-24 10355200]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-05-30 2055816]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2011-06-16 2922496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to iPod Converter - c:\users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
IE: Free YouTube to MP3 Converter - c:\users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\3cers2zs.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_b427739.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ce,9e,47,77,90,b8,f8,4f,8e,46,72,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ce,9e,47,77,90,b8,f8,4f,8e,46,72,\
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.123\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dbf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hwp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.log\UserChoice]
@Denied: (2) (Administrator)
"Progid"="txtfile"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarMathDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpdp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="NCH.MixPad.mpdp"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odb\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.DatabaseDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.MathDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.DrawDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.WriterDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.ImpressDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.CalcDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.WriterDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.DrawDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.oth\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.WriterDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.ImpressDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ott\UserChoice]
@Denied: (2) (Administrator)
"Progid"="opendocument.WriterDocument.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.oxt\UserChoice]
@Denied: (2) (Administrator)
"Progid"="office.Extension.1"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarImpressTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarImpressTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarImpressTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pps\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarImpressDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarImpressDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarImpressDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarImpressDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.slk\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.std\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarDrawTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sti\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarImpressDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sxc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sxd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarDrawDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sxi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarImpressDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sxm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarMathDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sxw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.URL"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdseml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wk1\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wks\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="NCH.WavePad.wpp"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcTemplate.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarCalcDocument.6"
.
[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="soffice.StarWriterDocument.6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-12-21  08:36:50
ComboFix-quarantined-files.txt  2011-12-21 07:36
.
Vor Suchlauf: 17 Verzeichnis(se), 118.534.037.504 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 118.229.495.808 Bytes frei
.
- - End Of File - - 349A187C0E2F5F539931BA904FBE7AB5:

Rheingold · 21.12.2011, 08:50

Code:

ATTFilter

AccelerometerP11
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Premiere Elements 9
Adobe Premiere Elements 9 Content
Adobe Premiere Elements 9 Content 1
Adobe Premiere Elements 9 Content 2
Adobe Premiere Elements 9 Content 3
Adobe Premiere Elements 9 HD Content 1
Adobe Premiere Elements 9 HD Content 2
Adobe Premiere Elements 9 HD Content 3
Advanced Audio FX Engine
aioscnnr
Akamai NetSession Interface Service
Apple Application Support
Apple Software Update
AVerMedia H339 Hybrid TV Tuner 2.2.64.64
bpd_scan
center
Cobra 11 - Burning Wheels (remove only)
Combat Arms EU
ContentSAFER for Wizmax
D3DX10
DATA BECKER BewerbungsGenie 7
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell VideoStage
Dell Webcam Central
DirectX 9 Runtime
Elements 9 Organizer
Elements STI Installer
EmoDio
ESET Online Scanner v3
essentials
Express Burn Disc Burning Software
Express Rip
Facebook Video Calling 1.0.0.8177
Facebook Video Calling 1.0.0.8953
FIFA 11
Free YouTube to iPod Converter version 3.10.8.815
Free YouTube to MP3 Converter version 3.10.8.815
FUSSBALL MANAGER 07
Google Earth
Google Update Helper
High-Definition Video Playback
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Internet-TV für Windows Media Center
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
Kindersicherung 2011
KODAK All-in-One Software
Malwarebytes' Anti-Malware Version 1.51.2.1300
Mesh Runtime
Microsoft Office 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
MixPad Audio Mixer
Mozilla Firefox 8.0 (x86 de)
Mozilla Thunderbird (8.0)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NBA 2K11
Nero 11
Nero 11 Disc Menus Basic
Nero 11 Effects Basic
Nero 11 Image Samples
Nero 11 Kwik Themes Basic
Nero 11 PiP Effects Basic
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero ControlCenter 11
Nero ControlCenter 11 Help (CHM)
Nero Core Components 11
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Express 11
Nero Express 11 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
Nexon Game Manager
NVIDIA Stereoscopic 3D Driver
ocr
OpenOffice.org 3.3
PhotoShowExpress
PreReq
ProtectDisc Driver, Version 11
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
Realtek High Definition Audio Driver
RealUpgrade 1.1
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Secunia PSI (2.0.0.3003)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Skype Click to Call
Skype™ 5.5
SmartSound Common Data
SmartSound Quicktracks 5
SmartSound Quicktracks for Premiere Elements 9.0
Sonic CinePlayer Decoder Pack
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
VLC media player 1.1.11
WavePad Sound Editor
welcome
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX control for remote connections
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series

Rheingold · 21.12.2011, 08:53

Liebe Kira,
1. ich habe die combo-fix.exe mit "als Adminstrator ausführen" gestartet. Ist das schlimm bzw. soll ich den scan wiederholen?

2. avira und antispyware musste ich deinstallieren, da von combofix die nachricht kam, die programm seien noch aktiv, obwohl ich sie geschlossen hatte.

3. während des scans waren skype und dell stage aktiv, hatte ich vergessen zu schließen.

Viele Grüße
Jasmina

kira · 22.12.2011, 07:08

Zitat:

Zitat von Rheingold

2. avira und antispyware musste ich deinstallieren,

stehst Du jetzt ohne Antivirenlösung da?

Rheingold · 22.12.2011, 08:14

nein, ich habe mir nach combofix avira premium testversion runtergeladen und ausgeführt. avira hat keinen fund angezeigt.
jasmina

Rheingold · 22.12.2011, 08:28

Dann habe ich noch mal mit Anti-Malware gescannt und dort wurde immer noch ein Infizierung in der Registrierung gefunden. Was soll ich da machen?

Viele Grüße
Jasmina

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 911122103

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

21.12.2011 19:37:28
mbam-log-2011-12-21 (19-37-09).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 490908
Laufzeit: 1 Stunde(n), 11 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\DisableConfig (Windows.Tool.Disabled) -> Bad: (1) Good: (0) -> No action taken.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Rheingold · 22.12.2011, 09:50

P.s.: Auch die Windows Firewall lässt sich nicht aktivieren.
Firewall ein- oder ausschalten - Empfohlene Einstellungen: Einige der Einstellungen können von der Windows Firewall nicht geändert werden. Fehlercode: 0x80070424

Erweiterte Einstellungen: Das Snap-in Windows Firewall mit Erweiterten Einstellungen konnte nicht geladen werden. Fehlercode: 0x6D9

kira · 22.12.2011, 15:56

1.
unter Dienste aktiviert/gestartet?:
Windows-Taste + R gleichzeitig
- schreib services.msc rein und klicke auf OK

2.
wenn Du damit kein Erfolg hast..
versuche mit "Fixit von Microsoft:
Firewall reparieren mit "Fixit":-> Automatische Diagnose und Korrektur von Problemen mit dem Windows-Firewalldienst
Firewall reparieren

Rheingold · 22.12.2011, 16:31

Nein, unter Dienste ist sie nicht aufgeführt und bei fixit kommt beim Ladevorgang die rückmeldung, dass der service zurzeit nicht ausgeführt werden kann. ?
J.

kira · 23.12.2011, 04:35

unter Dienste..."Basisfiltermodul" "gestartet"?

versuche die Tipps hier zu befolgen:-> Windows-Firewall per Kommandozeile (cmd) aktivieren und deaktivieren.

Rheingold · 24.12.2011, 14:28

Hi Kira,
1. unter System und Sicherheit - Verwaltung - Dienste, gibt es Basisfiltermodul nicht.
2. bei cmd kommt die meldung:" fehler beim herstellen der verbindugn mit windows-firewall dienst. stellen sie sicher, dass der dienst ausgeführt wird."

Ich wünsche dir / euch schöne Weihnachten ... und viele Geschenke! ;-)
Jasmina

kira · 25.12.2011, 03:08

1.
Die combofix.exe befindet sich noch auf Deinem Desktop?
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als cfscript.txt mit "Speichern unter" auf dem Desktop. Gib an "Alle Dateien" - Speichern:

Code:

ATTFilter

KILLALL::

File::
c:\users\Jasmina\AppData\Roaming\57168
c:\users\Jasmina\AppData\Roaming\B8457
c:\users\Nico.dell-PC.000\AppData\Roaming\57168
c:\users\Nico.dell-PC.000\AppData\Roaming\B8457

solltest Du dann auf dem Desktop diese Datei cfscript.txt finden

in bezug auf das obige bild, ziehe das CFScript in die combofix.exe hinein. wenn CF fertig ist, wird es eine Logdatei unter C:\ComboFix.txt erstellen, poste den inhalt.
Wenn ComboFix fertig ist, wird es ein Log erstellen, C:\ComboFix.txt - Warte, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint!
Bitte füge es hier als nächste Antwort ein.

2.
Mach bitte einen Rechtsklick auf die im folgenden genannten Dateien (mit der Maus), schau dir an, was unter Eigenschaften steht, kopiere diese Angaben (Datei Version, Beschreibung der Datei, Copyright bei wem? FirmenName) hier in deinen Thread von diesen Anwendungen (bebilderte Anleitung *hier*:

Zitat:

2011-12-14 07:38 . 2011-12-14 07:38 -------- d-sh--w- c:\users\Jasmina\AppData\Local\4d0d2e25
2011-12-13 19:17 . 2011-12-16 08:57 -------- d-sh--w- c:\users\Nico.dell-PC.000\AppData\Local\4d0d2e25

► Hast du die Probleme immer noch?

Rheingold · 25.12.2011, 08:50

Hallo Kira,
die log datei ist zu groß, deshalb in zwei Etappen.

Code:

ATTFilter

ComboFix 11-12-20.04 - Administrator 25.12.2011   8:20.3.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3990.2266 [GMT 1:00]
ausgeführt von:: c:\users\Administrator\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Administrator\Desktop\cfscript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
FILE ::
"c:\users\Jasmina\AppData\Roaming\57168"
"c:\users\Jasmina\AppData\Roaming\B8457"
"c:\users\Nico.dell-PC.000\AppData\Roaming\57168"
"c:\users\Nico.dell-PC.000\AppData\Roaming\B8457"
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Default\AppData\Roaming\DPInst.exe
c:\users\Default\AppData\Roaming\gacutil.exe
c:\users\Default\AppData\Roaming\PnPutil.exe
c:\windows\SysWow64\SWCTL.DLL
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-11-25 bis 2011-12-25  ))))))))))))))))))))))))))))))
.
.
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\Public\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\Nico\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\Nico.dell-PC\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\Nico Spiele\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\Jasmina\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\Jasmina 2\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-12-25 07:28 . 2011-12-25 07:28	--------	d-----w-	c:\users\AppData\AppData\Local\temp
2011-12-23 08:51 . 2011-12-23 08:51	41272	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-12-22 08:57 . 2011-12-22 08:57	--------	d-----w-	c:\users\Jasmina\AppData\Roaming\Avira
2011-12-21 09:26 . 2011-12-21 09:26	--------	d-----w-	c:\users\Administrator\AppData\Roaming\Avira
2011-12-21 09:25 . 2011-12-22 07:07	130760	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-12-21 09:25 . 2011-10-11 14:06	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2011-12-21 09:25 . 2011-10-11 14:06	97312	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-12-21 09:25 . 2011-12-21 09:25	--------	d-----w-	c:\programdata\Avira
2011-12-21 09:25 . 2011-12-21 09:25	--------	d-----w-	c:\program files (x86)\Avira
2011-12-21 09:23 . 2011-12-21 09:23	--------	d-sh--w-	c:\windows\SysWow64\%APPDATA%
2011-12-21 08:50 . 2011-12-21 08:52	81313744	----a-w-	c:\program files (x86)\avira_antivirus_premium_de.exe
2011-12-19 12:21 . 2011-12-19 12:21	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-19 09:30 . 2011-12-19 09:30	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2011-12-19 09:30 . 2011-12-19 09:30	--------	d-----w-	c:\windows\system32\wbem\en-US
2011-12-19 09:13 . 2011-12-19 09:13	--------	d-----w-	c:\program files\Microsoft Silverlight
2011-12-19 09:12 . 2011-12-19 09:12	13072536	----a-w-	c:\windows\Silverlight_x64.exe
2011-12-19 08:00 . 2011-12-19 08:50	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2011-12-19 08:00 . 2011-12-19 08:50	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2011-12-18 12:56 . 2011-12-18 12:56	--------	d-----w-	c:\program files (x86)\ESET
2011-12-18 07:06 . 2011-12-18 07:06	--------	d-----w-	C:\_OTL
2011-12-16 08:08 . 2011-12-16 08:08	--------	d-----w-	c:\users\Administrator\AppData\Roaming\RealNetworks
2011-12-15 10:50 . 2011-12-15 10:50	--------	d-----w-	c:\users\Administrator\AppData\Local\SoftGrid Client
2011-12-15 10:50 . 2011-12-19 09:19	--------	d-----w-	c:\users\Administrator\AppData\Roaming\SoftGrid Client
2011-12-15 10:34 . 2011-12-15 10:34	--------	d-----w-	c:\program files\iPod
2011-12-15 10:34 . 2011-12-15 10:35	--------	d-----w-	c:\program files\iTunes
2011-12-15 10:34 . 2011-12-15 10:35	--------	d-----w-	c:\program files (x86)\iTunes
2011-12-15 10:29 . 2011-12-15 10:29	11776	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nprjplug.dll
2011-12-15 10:29 . 2011-12-15 10:29	--------	d-----w-	c:\program files (x86)\Common Files\xing shared
2011-12-15 10:29 . 2011-12-15 10:29	150696	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppl3260.dll
2011-12-15 10:28 . 2011-12-15 10:28	108544	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
2011-12-15 10:28 . 2011-12-15 10:28	499712	----a-w-	c:\windows\SysWow64\msvcp71.dll
2011-12-15 10:28 . 2011-12-15 10:28	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2011-12-15 10:25 . 2011-12-15 10:25	713472	----a-w-	c:\program files (x86)\RealPlayer.exe
2011-12-15 10:22 . 2011-12-15 10:25	--------	d-sh--w-	c:\users\Administrator\AppData\Local\4d0d2e25
2011-12-15 09:41 . 2011-12-15 09:41	--------	d-----w-	c:\program files\CCleaner
2011-12-15 09:39 . 2011-12-15 09:39	3552208	----a-w-	c:\program files (x86)\ccsetup313.exe
2011-12-14 22:09 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2011-12-14 22:09 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2011-12-14 22:09 . 2011-10-26 05:21	43520	----a-w-	c:\windows\system32\csrsrv.dll
2011-12-14 22:09 . 2011-11-24 04:52	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-12-14 21:58 . 2011-11-05 05:32	2048	----a-w-	c:\windows\system32\tzres.dll
2011-12-14 21:58 . 2011-11-05 04:26	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-12-14 18:58 . 2011-12-14 18:58	163	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl593131_64.bat
2011-12-14 07:38 . 2011-12-14 07:38	--------	d-sh--w-	c:\users\Jasmina\AppData\Local\4d0d2e25
2011-12-14 07:35 . 2011-12-15 20:45	--------	d-----w-	c:\users\Jasmina\AppData\Roaming\57168
2011-12-14 07:34 . 2011-12-15 20:45	--------	d-----w-	c:\users\Jasmina\AppData\Roaming\B8457
2011-12-13 19:19 . 2011-12-13 19:19	181	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl1265152_64.bat
2011-12-13 19:18 . 2011-12-13 19:18	163	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl1246260_64.bat
2011-12-13 19:18 . 2011-12-13 19:18	163	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl1208336_64.bat
2011-12-13 19:17 . 2011-12-16 08:57	--------	d-sh--w-	c:\users\Nico.dell-PC.000\AppData\Local\4d0d2e25
2011-12-13 19:17 . 2011-12-13 19:17	165	----a-w-	c:\users\Nico.dell-PC.000\AppData\Roaming\Microsoft\A7CB\bl1172004_64.bat
2011-12-13 19:14 . 2011-12-15 20:45	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Roaming\57168
2011-12-13 19:14 . 2011-12-15 07:04	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Roaming\B8457
2011-12-08 18:59 . 2011-12-08 18:59	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Local\Apple
2011-12-02 15:28 . 2011-12-02 15:28	--------	d-----w-	c:\programdata\Nexon
2011-12-02 14:45 . 2011-12-02 15:22	--------	d-----w-	C:\Download
2011-12-02 14:45 . 2011-12-02 15:22	--------	d-----w-	C:\Nexon
2011-12-02 14:45 . 2011-12-02 14:45	235	----a-w-	c:\windows\SysWow64\nxEuUninstall.bat
2011-12-02 14:45 . 2011-12-02 14:45	446464	----a-w-	c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-11-28 19:37 . 2011-11-29 08:07	--------	d-----w-	c:\users\Nico.dell-PC.000\AppData\Local\Windows Live
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-19 08:53 . 2011-05-23 11:19	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-12-19 08:53 . 2011-05-23 11:19	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-12-17 08:14 . 2011-05-21 18:35	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-12-17 08:14 . 2011-05-21 18:35	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-12-14 07:38 . 2011-05-19 13:13	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-24 08:23 . 2011-11-24 08:23	12713136	----a-w-	c:\program files (x86)\aio_install.exe
2011-10-29 10:50 . 2011-10-29 10:49	39401336	----a-w-	c:\program files (x86)\QuickTimeInstaller.exe
2011-10-29 09:21 . 2011-05-15 03:21	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-10-29 09:17 . 2011-10-29 09:10	910624	----a-w-	c:\program files (x86)\jxpiinstall.exe
2011-10-29 08:54 . 2011-10-29 08:54	1019816	----a-w-	c:\program files\DELL_DELL-DIGITAL-DELIVERY_A05_R313622.exe
2011-10-25 11:17 . 2011-10-25 11:17	9756672	----a-w-	c:\program files\L502X_A__06.exe
2011-10-24 12:29 . 2011-10-24 12:29	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2011-10-17 07:05 . 2011-10-17 07:05	13885360	----a-w-	c:\program files (x86)\Firefox Setup 7.0.1.exe
2011-10-17 06:07 . 2011-10-17 06:07	1739400	----a-w-	c:\users\Jasmina\PSISetup2003.exe
2011-10-13 06:08 . 2011-10-13 06:08	292184	----a-w-	c:\users\Jasmina\dxwebsetup.exe
2011-10-07 15:06 . 2011-10-07 14:58	384512408	----a-w-	c:\users\Jasmina\Nero-11.0.10700_trial.exe
2011-10-03 12:40 . 2011-10-03 12:41	247053	----a-w-	c:\program files (x86)\mp3DC213.exe
2011-10-01 07:43 . 2011-10-01 07:43	6727840	----a-w-	c:\users\Jasmina\SkypeClicktoCall.exe
2011-09-29 16:29 . 2011-11-09 07:00	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-09-29 06:55 . 2011-09-29 06:55	3103511	----a-w-	c:\program files (x86)\kcsetup8.exe
2011-09-24 16:12 . 2011-09-24 16:12	1291624	----a-w-	c:\program files\wlsetup-web__1_.exe
2011-09-23 13:06 . 2011-09-23 13:05	21073936	----a-w-	c:\program files (x86)\vlc-1.1.11-win32.exe
2011-09-23 11:41 . 2011-09-23 11:40	23773184	----a-w-	c:\program files (x86)\PXCViewer98_x64.msi
2011-09-23 11:31 . 2011-09-22 09:34	3089056	----a-w-	c:\program files (x86)\install_flash_player.exe
2011-09-23 11:27 . 2011-09-23 11:27	1376768	----a-w-	c:\program files (x86)\7z920-x64.msi
2011-09-16 05:47 . 2011-09-16 05:44	168166968	----a-w-	c:\program files (x86)\OOo_3.3.0_Win_x86_install-wJRE_de.exe
2011-08-30 14:06 . 2011-05-28 12:11	14563768	----a-w-	c:\program files (x86)\FreeYouTubeToMP3Converter.exe
2011-08-30 14:04 . 2011-05-28 12:13	14212584	----a-w-	c:\program files (x86)\FreeYouTubeToiPodConverter.exe
2011-08-28 10:12 . 2011-08-28 10:11	51975388	----a-w-	c:\program files (x86)\VSX4_Pro_TBYB.exe.part
2011-08-28 08:56 . 2011-08-28 08:55	2466704	----a-w-	c:\program files (x86)\AdobeDownloadAssistant.exe
2011-08-27 10:56 . 2011-08-27 10:56	1228384	----a-w-	c:\program files (x86)\PremiereElements_9_LS15.exe
2011-08-27 10:23 . 2011-08-27 10:23	8353800	----a-w-	c:\program files (x86)\Adobe_Premiere_Elements_9-AkamaiDLM.exe
2011-08-25 16:58 . 2011-08-25 16:58	6716353	----a-w-	c:\program files (x86)\Sunbird_Setup_1.0_Beta_1.exe
2011-07-18 14:59 . 2011-07-18 14:59	13522064	----a-w-	c:\program files (x86)\Firefox Setup 5.0.1.exe
2011-05-22 08:35 . 2011-05-22 08:35	21255560	----a-w-	c:\program files (x86)\SkypeSetupFull.exe
2011-05-19 13:44 . 2011-05-19 13:44	1663693	----a-w-	c:\program files (x86)\winrar-x64-400d.exe
2011-05-19 13:39 . 2011-05-19 13:37	81797928	----a-w-	c:\program files (x86)\iTunes64Setup.exe
2011-05-19 13:18 . 2011-05-19 13:17	20240744	----a-w-	c:\program files (x86)\gimp-2.6.11-i686-setup.exe
2011-05-19 13:17 . 2011-05-19 13:17	19735256	----a-w-	c:\program files (x86)\gimp-2.6.8-x64-setup.exe
2011-05-19 13:10 . 2011-05-19 13:10	14166016	----a-w-	c:\program files (x86)\wz150gev.msi
2011-05-19 13:06 . 2011-05-19 13:06	767064	----a-w-	c:\program files (x86)\wpsetup4.57.exe
2011-05-19 11:34 . 2011-05-19 11:34	568648	----a-w-	c:\program files (x86)\GoogleEarthSetup.exe
2011-05-19 11:26 . 2011-05-19 11:26	9326056	----a-w-	c:\program files (x86)\Thunderbird Setup 3.1.10.exe
2011-05-19 11:25 . 2011-05-19 11:25	12362480	----a-w-	c:\program files (x86)\Firefox Setup 4.0.1.exe
2011-01-19 11:34 . 2011-01-19 11:34	3003392	----a-w-	c:\program files (x86)\openofficeorg33.msi
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-12-21_07.33.48   )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-02 14:52 . 2011-11-02 14:52	98304              c:\windows\twain_32\kodak\kds_aioesp\ksImage.dll
- 2011-01-27 08:59 . 2011-01-27 08:59	98304              c:\windows\twain_32\kodak\kds_aioesp\ksImage.dll
+ 2011-11-02 14:52 . 2011-11-02 14:52	98304              c:\windows\twain_32\kodak\kds_aio5000\ksImage.dll
- 2011-01-27 08:59 . 2011-01-27 08:59	98304              c:\windows\twain_32\kodak\kds_aio5000\ksImage.dll
- 2011-08-19 01:39 . 2011-08-19 01:39	98304              c:\windows\twain_32\kodak\kds_aio2esp\ksImage.dll
+ 2011-07-15 06:50 . 2011-07-15 06:50	98304              c:\windows\twain_32\kodak\kds_aio2esp\ksImage.dll
- 2011-05-23 16:39 . 2011-12-21 07:13	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-05-23 16:39 . 2011-12-25 07:29	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-10-12 18:49 . 2011-12-20 08:19	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat
+ 2011-10-12 18:49 . 2011-12-25 06:47	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat
+ 2009-07-14 04:54 . 2011-12-25 07:29	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-12-21 07:13	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-12 18:49 . 2011-12-20 08:19	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat
+ 2011-10-12 18:49 . 2011-12-25 06:47	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-21 07:13	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-25 07:29	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-10-12 18:49 . 2011-12-20 08:19	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat
+ 2011-10-12 18:49 . 2011-12-25 06:47	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-25 07:29	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-21 07:13	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-21 09:23 . 2011-12-21 09:28	16384              c:\windows\SysWOW64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
+ 2011-05-15 03:26 . 2011-12-25 07:14	81758              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-12-25 07:14	36528              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-20 06:09 . 2011-12-23 20:22	16534              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3230886925-126132133-2629391164-1003_UserData.bin
- 2009-07-14 05:30 . 2011-11-24 08:56	86016              c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-12-21 09:25	86016              c:\windows\system32\DriverStore\infpub.dat
+ 2011-12-10 09:22 . 2011-12-10 09:22	53760              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\sv-se\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	57856              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\pt-BR\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	53248              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\no-no\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	56832              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\nl-NL\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	61952              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\it-IT\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	61952              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fr-FR\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	54272              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fi\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	59904              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\es-ES\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	52736              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-US\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	52736              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-GB\EKAiO2MUI.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	83968              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiOXPST.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	66048              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiOXPRINTABLEAREA.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	40960              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiOXPLPF.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	96256              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiOXNUP.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	40960              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiOXFRAME.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	73216              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiOXBKT.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	14336              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiO2WS.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	61440              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\de-DE\EKAiO2MUI.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	54784              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\da\EKAiO2MUI.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\sv-se\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\pt-BR\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\no-no\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\nl-NL\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\it-IT\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\fr-FR\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\fi\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\es-ES\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\en-US\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\en-GB\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\de-DE\EKaio2WiaCoInstRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	10240              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\da\EKaio2WiaCoInstRes.dll
+ 2011-05-18 14:29 . 2011-12-22 19:50	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-18 14:29 . 2011-12-19 14:11	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-21 07:34 . 2011-12-22 19:50	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-19 14:11	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-22 19:50	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-12-23 07:10	94640              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-12-21 09:26 . 2011-12-21 09:26	53248              c:\windows\Installer\{EF53BFAB-4C10-40DB-A82D-9B07111715C6}\ARPPRODUCTICON.exe
- 2011-11-24 08:37 . 2011-11-24 08:37	53248              c:\windows\Installer\{EF53BFAB-4C10-40DB-A82D-9B07111715C6}\ARPPRODUCTICON.exe
+ 2011-11-24 08:38 . 2011-12-21 09:26	53248              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\ARPPRODUCTICON.exe
- 2011-11-24 08:38 . 2011-11-24 08:38	53248              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\ARPPRODUCTICON.exe
- 2011-11-24 08:39 . 2011-11-24 08:39	53248              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\ARPPRODUCTICON.exe
+ 2011-12-21 09:27 . 2011-12-21 09:27	53248              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\ARPPRODUCTICON.exe
+ 2011-12-21 09:23 . 2011-12-21 09:23	53248              c:\windows\Installer\{48B41C3A-9A92-4B81-B653-C97FEB85C910}\ARPPRODUCTICON.exe
+ 2011-12-21 09:25 . 2011-12-21 09:25	53248              c:\windows\Installer\{376348C2-E372-48BC-A138-E896757BD86A}\ARPPRODUCTICON.exe
- 2011-11-24 08:37 . 2011-11-24 08:37	53248              c:\windows\Installer\{376348C2-E372-48BC-A138-E896757BD86A}\ARPPRODUCTICON.exe
- 2011-11-24 08:36 . 2011-11-24 08:36	53248              c:\windows\Installer\{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}\ARPPRODUCTICON.exe
+ 2011-12-21 09:25 . 2011-12-21 09:25	53248              c:\windows\Installer\{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}\ARPPRODUCTICON.exe
+ 2011-12-21 09:27 . 2011-12-21 09:27	76288              c:\windows\assembly\NativeImages_v2.0.50727_32\ShellLib\1e8834961201cbdf2227ca7750c5456c\ShellLib.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	78336              c:\windows\assembly\NativeImages_v2.0.50727_32\Kodak.Statistics\c71823f1b43f6d98846baaaa8db4a524\Kodak.Statistics.ni.exe
+ 2011-12-21 09:27 . 2011-12-21 09:27	94208              c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WIA\75121519a46bfb301886f5f484cb1b44\Interop.WIA.ni.dll
- 2011-11-24 08:38 . 2011-11-24 08:38	94208              c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WIA\75121519a46bfb301886f5f484cb1b44\Interop.WIA.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	98304              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.DeviceSettin#\f0e6ce5d8da3ee1f1a038e688005d135\Inkjet.DeviceSettings.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	80896              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Configuration\9f929febe825f074285c39800e8e8e62\Inkjet.Configuration.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	52736              c:\windows\assembly\NativeImages_v2.0.50727_32\HRIntp.Interop\579d24976eefa6309b0f380dec1c1221\HRIntp.Interop.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	61440              c:\windows\assembly\NativeImages_v2.0.50727_32\Helper\bdfdf611f220be5d261f6334b587be26\Helper.ni.dll
+ 2011-05-21 11:49 . 2011-12-23 15:29	5594              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-05-15 04:00 . 2011-12-25 07:14	8384              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3230886925-126132133-2629391164-500_UserData.bin
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\sv-se\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\pt-BR\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\no-no\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\nl-NL\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\it-IT\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\fr-FR\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\fi\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\es-ES\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\en-US\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\en-GB\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\de-DE\EKAiO2WiaShellExtRes.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	9728              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\da\EKAiO2WiaShellExtRes.dll
- 2011-05-14 21:14 . 2011-12-20 20:25	1951              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2011-05-14 21:14 . 2011-12-25 07:28	1951              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-12-21 07:08 . 2011-12-21 07:08	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-25 07:29 . 2011-12-25 07:29	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-25 07:29 . 2011-12-25 07:29	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-12-21 07:08 . 2011-12-21 07:08	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-11-02 14:52 . 2011-11-02 14:52	434176              c:\windows\twain_32\kodak\kds_aioesp\lexexe.exe
- 2011-03-11 07:12 . 2011-03-11 07:12	434176              c:\windows\twain_32\kodak\kds_aioesp\lexexe.exe
+ 2011-11-02 14:52 . 2011-11-02 14:52	434176              c:\windows\twain_32\kodak\kds_aio5000\lexexe.exe
- 2011-03-11 07:12 . 2011-03-11 07:12	434176              c:\windows\twain_32\kodak\kds_aio5000\lexexe.exe
+ 2011-12-10 09:20 . 2011-12-10 09:20	434176              c:\windows\twain_32\kodak\kds_aio2esp\lexexe.exe
- 2011-08-19 23:10 . 2011-08-19 23:10	434176              c:\windows\twain_32\kodak\kds_aio2esp\lexexe.exe
+ 2011-10-10 15:52 . 2009-07-13 23:15	842163              c:\windows\SysWOW64\scurl\scurlup.dat
+ 2011-05-19 10:09 . 2011-12-21 18:34	330446              c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:30 . 2011-11-24 08:56	239616              c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-12-21 09:25	239616              c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-11-24 08:36	143360              c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-12-21 09:25	143360              c:\windows\system32\DriverStore\infstor.dat
+ 2011-12-14 11:38 . 2011-12-14 11:38	449536              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\sv-se\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\sv-se\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\sv-se\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	450048              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\pt-BR\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\pt-BR\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\pt-BR\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	449536              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\no-no\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\no-no\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\no-no\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	450048              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\nl-NL\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\nl-NL\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\nl-NL\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	450048              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\it-IT\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\it-IT\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\it-IT\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	450048              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fr-FR\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	154112              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fr-FR\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fr-FR\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	449536              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fi\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fi\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fi\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	450048              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\es-ES\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	154112              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\es-ES\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\es-ES\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	449536              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-US\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-US\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-US\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	449536              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-GB\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-GB\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-GB\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	111616              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiOXWMK.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	441344              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiOXRPF.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	868864              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiO2XUIP.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	551424              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiO2SDK.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	820224              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiO2PRE.exe
+ 2011-12-10 09:22 . 2011-12-10 09:22	428032              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiO2FAXD.exe
+ 2011-12-14 11:38 . 2011-12-14 11:38	449536              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\de-DE\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\de-DE\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\de-DE\EKAiO2COI07.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	449536              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\da\EKAiO2PRE.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	153600              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\da\EKAiO2FAXD.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	177664              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\da\EKAiO2COI07.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	213504              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\EKAiO2WiaShellExt.dll
+ 2011-12-02 11:49 . 2011-12-02 11:49	239616              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\EKaio2WiaPtp.exe
+ 2011-12-10 09:21 . 2011-12-10 09:21	122368              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\EKaio2WiaCoInst.dll
- 2009-07-14 05:12 . 2011-12-18 17:18	262144              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-12-21 09:23	262144              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:01 . 2011-12-20 20:25	319168              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-12-25 07:28	319168              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-21 09:24 . 2011-12-21 09:24	327680              c:\windows\Installer\2340cb.msi
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1046_DC9ADFDC32FF459385901E5DDA1C8858.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1046_DC9ADFDC32FF459385901E5DDA1C8858.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1043_36D939E382C443B4891630DE2B85EBC2.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1043_36D939E382C443B4891630DE2B85EBC2.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1040_1FF72AA9EDC244729C9AFBD24A90E524.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1040_1FF72AA9EDC244729C9AFBD24A90E524.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1036_A41D2291122D4CD7A339DED2B8CA7090.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1036_A41D2291122D4CD7A339DED2B8CA7090.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1034_30438C29EA4E43738D6C3C1094A9F492.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1034_30438C29EA4E43738D6C3C1094A9F492.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1033_DB9A47DD20BD48B78405D4E726B5CA8B.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_start_psu_1033_DB9A47DD20BD48B78405D4E726B5CA8B.exe
+ 2011-11-24 08:38 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_short_psu_1033_FD077128E4284358A43BDE46525E6847.exe
- 2011-11-24 08:38 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_short_psu_1033_FD077128E4284358A43BDE46525E6847.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_setuputility_sv_69FFC3852D35471285A2CD1137B709EF.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_setuputility_sv_69FFC3852D35471285A2CD1137B709EF.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_setuputility_fi_658C81035500483EAE984694F2DE2F78.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_setuputility_fi_658C81035500483EAE984694F2DE2F78.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_setuputility_da_65223DD5D2A345BB8B47872BEEF97383.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_setuputility_da_65223DD5D2A345BB8B47872BEEF97383.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_printertool_sv_0A467CA819044BC7BA6D21816C4309FF.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_printertool_sv_0A467CA819044BC7BA6D21816C4309FF.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_printertool_fi_07FDBE5CC1054277AD6FE9C7A54FAC8B.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_printertool_fi_07FDBE5CC1054277AD6FE9C7A54FAC8B.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_printertool_da_BB63BB88F76047BBA98F4107EB360A4B.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\sc_printertool_da_BB63BB88F76047BBA98F4107EB360A4B.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut9_DF6F7E57247F405F8D44C945B89AFA1F.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut9_DF6F7E57247F405F8D44C945B89AFA1F.exe
- 2011-11-24 08:38 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut6_04D5FD60DD5F47279ABF3C110518B687.exe
+ 2011-11-24 08:38 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut6_04D5FD60DD5F47279ABF3C110518B687.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut34_F09544D3367843A48B5C31EDAA81E9A0.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut34_F09544D3367843A48B5C31EDAA81E9A0.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut33_73079DBCC88F41C7997E276DA153E481.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	126976              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut33_73079DBCC88F41C7997E276DA153E481.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut21_DD4D035ACA374327B7D30079F8FF9FB0.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut21_DD4D035ACA374327B7D30079F8FF9FB0.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut18_D23DA57BCA0C4A49A36A2015848FD42C.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut18_D23DA57BCA0C4A49A36A2015848FD42C.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut15_BEE2106E8860474594FD3BA39B0660F1.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut15_BEE2106E8860474594FD3BA39B0660F1.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut12_BBBC8FEC15EA45B58B2C60FEAC100AF7.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut12_BBBC8FEC15EA45B58B2C60FEAC100AF7.exe
+ 2011-05-25 11:19 . 2011-12-21 09:26	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut1_481DD05EA1B846948FF5700EFC7B9BBB.exe
- 2011-05-25 11:19 . 2011-11-24 08:38	143360              c:\windows\Installer\{BE94C681-68E2-4561-8ABC-8D2E799168B4}\NewShortcut1_481DD05EA1B846948FF5700EFC7B9BBB.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_6_79F4F9B00B33480CA4DD22609500B856.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_6_79F4F9B00B33480CA4DD22609500B856.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_29_0043EC1FF6794304B01705D24B1F1AF5.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_29_0043EC1FF6794304B01705D24B1F1AF5.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_11_9CC041322C0846838F374B3FE71F2E66.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_11_9CC041322C0846838F374B3FE71F2E66.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1046_CE127699C7D04AC3ABFEEBDACA880F1C.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1046_CE127699C7D04AC3ABFEEBDACA880F1C.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1043_50E79B3800BF47C2856089BA7CDB9C55.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1043_50E79B3800BF47C2856089BA7CDB9C55.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1040_FDECD279997D49C1AB752E8B4D63C3DA.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1040_FDECD279997D49C1AB752E8B4D63C3DA.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1036_96F5C37CA28344EC92728F24942D8DA6.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1036_96F5C37CA28344EC92728F24942D8DA6.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1034_8B0483CD192840ECAB7BB0ADBDC95740.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1034_8B0483CD192840ECAB7BB0ADBDC95740.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1033_1BE79BF0F7964E19A6276040740D2ADF.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_start_hc_1033_1BE79BF0F7964E19A6276040740D2ADF.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_short_hc_1033_3289F1C2118D4AEDA29BA1A286FB16FB.exe
+ 2011-05-25 11:20 . 2011-12-21 09:28	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_short_hc_1033_3289F1C2118D4AEDA29BA1A286FB16FB.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_6_93F60001B9734662953DF13B2078359F.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_6_93F60001B9734662953DF13B2078359F.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_29_2BB123578BED4BFA8A4296F6B839F571.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_29_2BB123578BED4BFA8A4296F6B839F571.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_11_65D472CF1A584F9C98B3549AB33F2BF9.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_11_65D472CF1A584F9C98B3549AB33F2BF9.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1046_A704C36B0B3D446CADC1752FAB36D1A7.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1046_A704C36B0B3D446CADC1752FAB36D1A7.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1043_43F2ECE9B10E406E9E6D011AC1B793EB.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1043_43F2ECE9B10E406E9E6D011AC1B793EB.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1040_2C957938BFAD43BCAB25B5C8F4C9A599.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1040_2C957938BFAD43BCAB25B5C8F4C9A599.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1036_4FEF69180DD749EAAF34573883C0B1B3.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1036_4FEF69180DD749EAAF34573883C0B1B3.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1034_A63805436CD547E38C59DCA2B67B0696.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1034_A63805436CD547E38C59DCA2B67B0696.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1033_E318532C033F488B809A057A09313CBF.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1033_E318532C033F488B809A057A09313CBF.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1031_F0C07CC6934F4DCDAD1D095765033C65.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\sc_desk_hc_1031_F0C07CC6934F4DCDAD1D095765033C65.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\NewShortcut29_98C5194EC8604E1E96A7F324A1D64755.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\NewShortcut29_98C5194EC8604E1E96A7F324A1D64755.exe
- 2011-05-25 11:20 . 2011-11-24 08:39	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\NewShortcut28_CE3CC1DE1D7040629B4F8D8BAC9ACE26.exe
+ 2011-05-25 11:20 . 2011-12-21 09:27	557056              c:\windows\Installer\{56BA241F-580C-43D2-8403-947241AAE633}\NewShortcut28_CE3CC1DE1D7040629B4F8D8BAC9ACE26.exe
- 2011-06-17 08:44 . 2011-06-17 08:44	323624              c:\windows\Installer\$PatchCache$\Managed\186C49EB2E861654A8CBD8E29719864B\6.0.14\wiaaut.dll
+ 2011-12-19 15:32 . 2011-12-19 15:32	323624              c:\windows\Installer\$PatchCache$\Managed\186C49EB2E861654A8CBD8E29719864B\6.0.14\wiaaut.dll
- 2011-11-24 08:39 . 2011-11-24 08:39	308224              c:\windows\assembly\NativeImages_v2.0.50727_32\Windows7.DesktopInt#\03dc0636114436742866ba51ea90686b\Windows7.DesktopIntegration.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	308224              c:\windows\assembly\NativeImages_v2.0.50727_32\Windows7.DesktopInt#\03dc0636114436742866ba51ea90686b\Windows7.DesktopIntegration.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	643584              c:\windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\8e53cd2e249b870506ad504282b05d02\VistaBridgeLibrary.ni.dll
- 2011-11-24 08:39 . 2011-11-24 08:39	643584              c:\windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\8e53cd2e249b870506ad504282b05d02\VistaBridgeLibrary.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	170496              c:\windows\assembly\NativeImages_v2.0.50727_32\PhotobucketNet\7fe608911e3d04f5d88c81916d5c75d7\PhotobucketNet.ni.dll
- 2011-11-24 08:40 . 2011-11-24 08:40	170496              c:\windows\assembly\NativeImages_v2.0.50727_32\PhotobucketNet\7fe608911e3d04f5d88c81916d5c75d7\PhotobucketNet.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	155648              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Windows\400750560e604bf36dfa946d4e88a081\Inkjet.Windows.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	283136              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\8618abe8c3754ea09cb862f82d7a2947\Inkjet.Utilities.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	282624              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\36c396c7df50809f1542ac66b45e7a23\Inkjet.Utilities.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	138240              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Tray\ea23fbd89574940e19f79b7e55c0dd50\Inkjet.Tray.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	977920              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Tools\dc07a6af7626793c82afcc433d75bf75\Inkjet.Tools.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	180736              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Statistics\426109970fd34b16d14ee0d53b9e3427\Inkjet.Statistics.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	378368              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Scanning\1a59845076c2edac566f38bb463564ee\Inkjet.Scanning.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	567296              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Scan\54dbb851c066e03ca1ebc7ffb4044d3e\Inkjet.Scan.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	343040              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Printing\7037ded51528aa41bca37e17e186e1d1\Inkjet.Printing.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	298496              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Picasa\434655e4026a7f015e60e97642a60ec4\Inkjet.Picasa.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	210944              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.PhotoBucket\1ea953d47055a603a5e9349856cb45aa\Inkjet.PhotoBucket.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	237056              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Localization\a00d9badb4f2e344b42a5c76a8b89014\Inkjet.Localization.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	522240              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.KodakGallery\02088502de74f0377acd8f4af5d06e54\Inkjet.KodakGallery.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	750080              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.IO\3a7650c5ca2dbe3cb1f00a003aae4515\Inkjet.IO.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	824832              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Hardware\5d49e7ab1d92aed39b2abc96bbee0aeb\Inkjet.Hardware.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	163328              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Flickr\9816827e2806c14d8a1906629eaa78fe\Inkjet.Flickr.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	162816              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Facebook\445bacea289d66b91f47c313c0ee9ade\Inkjet.Facebook.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	168448              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.EasyShare\a6e304d7a1a79c2b40cdf225a317dd56\Inkjet.EasyShare.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	105984              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Diagnostics\a2f4c2178fba1eb4e26423b25f7ee362\Inkjet.Diagnostics.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	280064              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Browse\fbb84a21981d09d113a19d5ee87b1623\Inkjet.Browse.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	169984              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Automation\ffbf2237475a302344c16554abe0e489\Inkjet.Automation.ni.dll
- 2011-11-24 08:40 . 2011-11-24 08:40	102912              c:\windows\assembly\NativeImages_v2.0.50727_32\Google.GData.Photos\c5c86e423e7c4801aa5a77f3da350b1e\Google.GData.Photos.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	102912              c:\windows\assembly\NativeImages_v2.0.50727_32\Google.GData.Photos\c5c86e423e7c4801aa5a77f3da350b1e\Google.GData.Photos.ni.dll
- 2011-11-24 08:40 . 2011-11-24 08:40	216576              c:\windows\assembly\NativeImages_v2.0.50727_32\Google.GData.Extens#\a62cc0c7d812759ac282b0678c13ecb6\Google.GData.Extensions.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	216576              c:\windows\assembly\NativeImages_v2.0.50727_32\Google.GData.Extens#\a62cc0c7d812759ac282b0678c13ecb6\Google.GData.Extensions.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	551424              c:\windows\assembly\NativeImages_v2.0.50727_32\Google.GData.Client\1ff834921875b7a3d77239115ce5d5d7\Google.GData.Client.ni.dll
- 2011-11-24 08:40 . 2011-11-24 08:40	551424              c:\windows\assembly\NativeImages_v2.0.50727_32\Google.GData.Client\1ff834921875b7a3d77239115ce5d5d7\Google.GData.Client.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	372736              c:\windows\assembly\NativeImages_v2.0.50727_32\FlickrNet\0e98497384490272c94b83f7d752681b\FlickrNet.ni.dll
- 2011-11-24 08:39 . 2011-11-24 08:39	372736              c:\windows\assembly\NativeImages_v2.0.50727_32\FlickrNet\0e98497384490272c94b83f7d752681b\FlickrNet.ni.dll
- 2011-11-24 08:39 . 2011-11-24 08:39	238080              c:\windows\assembly\NativeImages_v2.0.50727_32\Facebook\77f22ff9ac1758d9bbdec45e280b2fa0\Facebook.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	238080              c:\windows\assembly\NativeImages_v2.0.50727_32\Facebook\77f22ff9ac1758d9bbdec45e280b2fa0\Facebook.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	435200              c:\windows\assembly\NativeImages_v2.0.50727_32\EastmanKodakCompany#\0599448619bdd5951b3f404c7a7579e5\EastmanKodakCompany.EasyShare.ni.dll
- 2011-11-24 08:39 . 2011-11-24 08:39	435200              c:\windows\assembly\NativeImages_v2.0.50727_32\EastmanKodakCompany#\0599448619bdd5951b3f404c7a7579e5\EastmanKodakCompany.EasyShare.ni.dll
+ 2011-11-02 14:52 . 2011-11-02 14:52	2754560              c:\windows\twain_32\kodak\kds_aioesp\twaingui.exe
+ 2011-11-02 14:52 . 2011-11-02 14:52	2754560              c:\windows\twain_32\kodak\kds_aio5000\twaingui.exe
+ 2011-12-10 09:20 . 2011-12-10 09:20	2761216              c:\windows\twain_32\kodak\kds_aio2esp\twaingui.exe
+ 2011-12-25 07:12 . 2009-07-13 23:15	4170108              c:\windows\SysWOW64\wdrv\wdrvbdb.bin
+ 2011-12-14 11:38 . 2011-12-14 11:38	1883648              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\sv-se\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1886208              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\pt-BR\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1884160              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\no-no\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1884672              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\nl-NL\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1885696              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\it-IT\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1887232              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fr-FR\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1884160              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\fi\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1886208              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\es-ES\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1882624              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-US\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1882624              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\en-GB\EKAiO2RES.dll
+ 2011-12-10 09:22 . 2011-12-10 09:22	3240448              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiO2MUI.exe
+ 2011-12-10 09:22 . 2011-12-10 09:22	1058304              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\EKAiO2MON.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1885184              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\de-DE\EKAiO2RES.dll
+ 2011-12-14 11:38 . 2011-12-14 11:38	1884672              c:\windows\system32\DriverStore\FileRepository\ekaio2xps.inf_amd64_neutral_3f3caa4af0d278a8\Drivers\XpsPrinter\amd64\da\EKAiO2RES.dll
+ 2011-12-10 09:21 . 2011-12-10 09:21	1626112              c:\windows\system32\DriverStore\FileRepository\ekaio2wia.inf_amd64_neutral_ca7406939318428c\Drivers\Scanner\wia64\ekaiO2wia2Drv.dll
+ 2011-05-19 13:53 . 2011-12-25 07:28	8453937              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3230886925-126132133-2629391164-500-12288.dat
+ 2011-12-21 09:26 . 2011-12-21 09:26	3778560              c:\windows\Installer\2341a1.msi
+ 2011-12-21 09:25 . 2011-12-21 09:25	3611136              c:\windows\assembly\NativeImages_v2.0.50727_32\twaingui\de67648e38ddf8cac41b692f93da6c6e\twaingui.ni.exe
- 2011-11-24 08:39 . 2011-11-24 08:39	1762304              c:\windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\cfff56c84c790176f77942a32d70b935\Newtonsoft.Json.Net20.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	1762304              c:\windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\cfff56c84c790176f77942a32d70b935\Newtonsoft.Json.Net20.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	2438144              c:\windows\assembly\NativeImages_v2.0.50727_32\NetworkPrinterDisco#\f3d4d13b4f1a2845a521e6f8f263711c\NetworkPrinterDiscovery.ni.exe
+ 2011-12-21 09:27 . 2011-12-21 09:27	1247744              c:\windows\assembly\NativeImages_v2.0.50727_32\KodakAiOUpdater\f357abd61c37423c05064a544c6d8004\KodakAiOUpdater.ni.exe
+ 2011-12-21 09:26 . 2011-12-21 09:26	1190912              c:\windows\assembly\NativeImages_v2.0.50727_32\InkjetCore\e3631aec5ba73a1091270c5869ec8580\InkjetCore.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	1178624              c:\windows\assembly\NativeImages_v2.0.50727_32\InkjetCore\93ce0e05bad79cc3f9326cc560e46e2c\InkjetCore.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	1532928              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Editing\b3015cfe45ded52272a6030cc84848cf\Inkjet.Editing.ni.dll
+ 2011-12-21 09:28 . 2011-12-21 09:28	1217536              c:\windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Destination\91d29b724f5e27dea5802cb39852a158\Inkjet.Destination.ni.dll
- 2011-11-24 08:38 . 2011-11-24 08:38	1177600              c:\windows\assembly\NativeImages_v2.0.50727_32\idrskrn_net14\81fdd5d81e1fb7757764133c129e8664\idrskrn_net14.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	1177600              c:\windows\assembly\NativeImages_v2.0.50727_32\idrskrn_net14\81fdd5d81e1fb7757764133c129e8664\idrskrn_net14.ni.dll
+ 2011-12-21 09:27 . 2011-12-21 09:27	3761664              c:\windows\assembly\NativeImages_v2.0.50727_32\CommonControls\6ba4d5b19fd438585fd79682330e015a\CommonControls.ni.dll
+ 2011-12-21 09:26 . 2011-12-21 09:26	3763712              c:\windows\assembly\NativeImages_v2.0.50727_32\CommonControls\42dce472bed35c03b6491141433b9106\CommonControls.ni.dll
+ 2011-12-21 09:26 . 2011-12-21 09:26	3207680              c:\windows\assembly\NativeImages_v2.0.50727_32\AiOPrinterTools\6d3cffb08b995cb8d61a0955a39d7cef\AiOPrinterTools.ni.exe
+ 2011-12-21 09:27 . 2011-12-21 09:27	1059328              c:\windows\assembly\NativeImages_v2.0.50727_32\AiOHostDirector\5fea9ab4ea17c71abde1df3529adc650\AiOHostDirector.ni.exe
+ 2011-12-21 09:28 . 2011-12-21 09:28	1874944              c:\windows\assembly\NativeImages_v2.0.50727_32\AiOHomeCenter\cb47f0efcd648466bb9b72de5711c6af\AiOHomeCenter.ni.exe
+ 2011-05-20 07:35 . 2011-12-25 07:09	22418236              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3230886925-126132133-2629391164-1003-8192.dat
+ 2011-05-23 16:36 . 2011-12-22 20:02	26271128              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3230886925-126132133-2629391164-1003-12288.dat
+ 2011-12-21 09:27 . 2011-12-21 09:27	13282816              c:\windows\Installer\2341bd.msi
+ 2011-12-21 09:26 . 2011-12-21 09:26	14059520              c:\windows\Installer\2340de.msi
+ 2011-12-21 09:25 . 2011-12-21 09:25	26562560              c:\windows\Installer\2340d8.msi
+ 2011-12-21 09:25 . 2011-12-21 09:25	32674304              c:\windows\Installer\2340d2.msi
+ 2011-12-21 09:23 . 2011-12-21 09:23	13505024              c:\windows\Installer\233ef8.msi
.
-- Snapshot auf jetziges Datum zurückgesetzt --

Backdoorprogramm BDS/Cycbot.176128.56

Plagegeister aller Art und deren Bekämpfung: Backdoorprogramm BDS/Cycbot.176128.56