ComboFix 08-06-20.4 - anna 2008-06-25 19:39:17.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1031.18.1085 [GMT 2:00] ausgeführt von:: C:\Users\anna\Desktop\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Weitere L”schungen )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\system32\dpwgghpw.ini C:\Windows\system32\fiqsfjvx.ini C:\Windows\system32\ihcyxwvi.ini C:\Windows\System32\IPsBLnpo.ini C:\Windows\System32\IPsBLnpo.ini2 C:\Windows\System32\jilUxyxx.ini C:\Windows\System32\jilUxyxx.ini2 C:\Windows\System32\KUCKTBeg.ini C:\Windows\System32\KUCKTBeg.ini2 C:\Windows\system32\kuonyeub.ini C:\Windows\system32\mcrh.tmp C:\Windows\System32\SsuuFeNn.ini C:\Windows\System32\SsuuFeNn.ini2 C:\Windows\system32\vohnpwyp.ini C:\Windows\system32\x64 C:\Windows\system32\xpmdmkno.ini C:\Windows\system32\xxyxUlij.dll . ((((((((((((((((((((((( Dateien erstellt von 2008-05-25 bis 2008-06-25 )))))))))))))))))))))))))))))) . Keine neuen Dateien erstellt in diesem Zeitraum . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-25 17:43 --------- d-----w C:\Users\anna\AppData\Roaming\Free Download Manager 2008-06-25 17:36 --------- d-----w C:\Users\anna\AppData\Roaming\Skype 2008-06-25 17:14 --------- d-----w C:\Users\anna\AppData\Roaming\skypePM 2008-06-25 17:14 --------- d-----w C:\Users\anna\AppData\Roaming\OpenOffice.org2 2008-06-24 11:30 --------- d-----w C:\Users\anna\AppData\Roaming\Azureus 2008-06-23 21:20 --------- d-----w C:\ProgramData\Microsoft Help 2008-06-23 19:20 --------- d-----w C:\Program Files\Azureus 2008-06-23 18:22 --------- d-----w C:\Users\anna\AppData\Roaming\Image Zone Express 2008-06-23 17:59 --------- d-----w C:\ProgramData\HPSSUPPLY 2008-06-23 16:57 --------- d-----w C:\Program Files\MagicISO 2008-06-23 13:56 --------- d-----w C:\Program Files\OpenOffice.org 2.4 2008-06-23 13:55 --------- d-----w C:\Program Files\OpenOffice.org 2.3 2008-06-22 20:02 --------- d-----w C:\Program Files\Lavalys 2008-06-22 19:51 --------- d-----w C:\ProgramData\FLEXnet 2008-06-22 01:48 --------- d-----w C:\Program Files\ZSoft 2008-06-21 14:53 --------- d-----w C:\Program Files\Safari 2008-06-17 23:31 --------- d-----w C:\Program Files\MSBuild 2008-06-17 23:31 --------- d-----w C:\Program Files\Microsoft Works 2008-06-17 23:27 --------- d-----w C:\Program Files\Microsoft Visual Studio 8 2008-06-15 15:13 --------- d-----w C:\Program Files\Common Files\Adobe 2008-06-15 15:12 --------- d-----w C:\Program Files\Common Files\Control Panels 2008-06-15 15:10 --------- d-----w C:\ProgramData\ALM 2008-06-15 14:10 --------- d-----w C:\Program Files\Common Files\Macrovision Shared 2008-06-14 18:11 --------- d-----w C:\Users\anna\AppData\Roaming\Talkback 2008-06-14 18:11 --------- d-----w C:\Program Files\Mozilla Sunbird 2008-06-13 01:15 --------- d-----w C:\Program Files\Windows Mail 2008-06-12 23:01 --------- d-----w C:\Users\anna\AppData\Roaming\Malwarebytes 2008-06-12 23:01 --------- d-----w C:\ProgramData\Malwarebytes 2008-06-12 23:01 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware 2008-06-12 12:53 --------- d-----w C:\Program Files\Foxit Software 2008-06-12 09:44 --------- d-----w C:\Program Files\Panda Security 2008-06-12 09:15 --------- d-----w C:\Program Files\Trend Micro 2008-06-11 12:49 --------- d-----w C:\Program Files\CCleaner 2008-06-10 20:54 --------- d-----w C:\Users\anna\AppData\Roaming\Apple Computer 2008-06-10 17:02 34,296 ----a-w C:\Windows\system32\drivers\mbamcatchme.sys 2008-06-10 17:02 15,864 ----a-w C:\Windows\system32\drivers\mbam.sys 2008-06-09 22:01 --------- d-----w C:\Users\anna\AppData\Roaming\phonostar-Player 2008-05-25 21:57 --------- d-----w C:\ProgramData\FreeDownloadManager.ORG 2008-05-25 21:57 --------- d-----w C:\Program Files\Free Download Manager 2008-05-22 22:46 --------- d-----w C:\Program Files\Canon 2008-05-22 22:45 --------- d-----w C:\Program Files\Common Files\Canon 2008-05-20 12:56 --------- d-----w C:\Program Files\Bonjour 2008-05-19 21:34 --------- d-----w C:\Program Files\Red Kawa 2008-05-19 21:34 --------- d-----w C:\Program Files\AviSynth 2.5 2008-05-15 15:59 --------- d-----w C:\Program Files\MODupRemover 2008-05-13 21:29 --------- d-----w C:\Users\anna\AppData\Roaming\gtk-2.0 2008-05-13 19:03 --------- d-----w C:\Program Files\GIMP-2.0 2008-05-13 18:54 --------- d-----w C:\Program Files\Apple Software Update 2008-05-10 01:21 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys 2008-05-06 19:07 --------- d-----w C:\Program Files\Common Files\xing shared 2008-05-06 19:07 --------- d-----w C:\Program Files\Common Files\Real 2008-05-03 11:30 --------- d-----w C:\Program Files\VoipCheapCom 2008-05-03 11:25 --------- d-----w C:\Users\anna\AppData\Roaming\VoipCheapCom 2008-04-25 04:23 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-03-08 00:21 32 ----a-w C:\Users\All Users\ezsid.dat 2008-03-08 00:21 32 ----a-w C:\ProgramData\ezsid.dat 2007-09-15 10:41 0 ----a-w C:\Users\anna\AppData\Roaming\wklnhst.dat 2007-09-14 17:42 174 --sha-w C:\Program Files\desktop.ini . ((((((((((((((((((((((((((((( snapshot@2008-06-12_13.25.07.03 ))))))))))))))))))))))))))))))))))))))))) . + 2008-06-23 13:56:45 12,288 ----a-w C:\Windows\assembly\GAC\cli_basetypes\1.0.10.0__ce2cb7e279207b9e\cli_basetypes.dll + 2008-06-23 13:56:45 32,256 ----a-w C:\Windows\assembly\GAC\cli_cppuhelper\1.0.13.0__ce2cb7e279207b9e\cli_cppuhelper.dll + 2008-06-23 13:56:45 847,872 ----a-w C:\Windows\assembly\GAC\cli_types\1.1.13.0__ce2cb7e279207b9e\cli_types.dll + 2008-06-23 13:56:45 8,192 ----a-w C:\Windows\assembly\GAC\cli_ure\1.0.13.0__ce2cb7e279207b9e\cli_ure.dll - 2007-09-15 15:20:06 65,536 ----a-w C:\Windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL + 2008-06-17 23:31:40 65,536 ----a-w C:\Windows\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL - 2007-09-15 15:20:10 4,608 ----a-w C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll + 2008-06-17 23:31:44 4,608 ----a-w C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll - 2007-09-15 15:20:05 1,215,328 ----a-w C:\Windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll + 2008-06-17 23:31:40 1,215,328 ----a-w C:\Windows\assembly\GAC\IACore\1.7.6223.0__31bf3856ad364e35\IACore.dll - 2007-09-15 15:20:06 82,784 ----a-w C:\Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll + 2008-06-17 23:31:40 82,784 ----a-w C:\Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll - 2007-09-15 15:19:58 31,560 ----a-w C:\Windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL + 2008-06-17 23:31:36 31,560 ----a-w C:\Windows\assembly\GAC\ipdmctrl\11.0.0.0__71e9bce111e9429c\IPDMCTRL.DLL - 2007-09-15 15:19:58 16,712 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll + 2008-06-17 23:31:36 16,712 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.InfoPath.Permission\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Permission.dll - 2007-09-15 15:17:40 80,696 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll + 2008-06-17 23:30:09 80,696 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll - 2007-09-15 15:18:56 1,612,592 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll + 2008-06-17 23:30:55 1,612,592 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll - 2007-09-15 15:18:57 1,276,720 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2008-06-17 23:30:55 1,276,720 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll - 2007-09-15 15:18:57 150,320 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2008-06-17 23:30:56 150,320 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll - 2007-09-15 15:19:59 404,296 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll + 2008-06-17 23:31:37 404,296 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.SemiTrust\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.SemiTrust.dll - 2007-09-15 15:19:01 88,896 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll + 2008-06-17 23:30:56 88,896 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.Xml.dll - 2007-09-15 15:19:00 146,232 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll + 2008-06-17 23:30:56 146,232 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll - 2007-09-15 15:19:46 17,208 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll + 2008-06-17 23:31:28 17,208 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.OneNote\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OneNote.dll - 2007-09-15 15:18:58 920,376 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll + 2008-06-17 23:30:56 920,376 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll - 2007-09-15 15:19:00 35,648 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll + 2008-06-17 23:30:56 35,648 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll - 2007-09-15 15:19:00 248,632 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll + 2008-06-17 23:30:56 248,632 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll - 2007-09-15 15:19:00 232,248 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll + 2008-06-17 23:30:56 232,248 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll - 2007-09-15 15:18:57 20,280 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll + 2008-06-17 23:30:56 20,280 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll - 2007-09-15 15:19:00 781,104 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2008-06-17 23:30:56 781,104 ----a-w C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll - 2007-09-15 15:18:57 371,496 ----a-w C:\Windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll + 2008-06-17 23:30:55 371,496 ----a-w C:\Windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll - 2007-09-15 15:19:00 64,288 ----a-w C:\Windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll + 2008-06-17 23:30:56 64,288 ----a-w C:\Windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll - 2007-09-15 15:20:06 229,376 ----a-w C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL + 2008-06-17 23:31:42 229,376 ----a-w C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL - 2007-09-15 15:18:58 416,544 ----a-w C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL + 2008-06-17 23:30:56 416,544 ----a-w C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL + 2008-06-23 13:56:25 3,072 ----a-w C:\Windows\assembly\GAC\policy.1.0.cli_basetypes\9.1.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll + 2008-06-23 13:56:25 3,072 ----a-w C:\Windows\assembly\GAC\policy.1.0.cli_cppuhelper\13.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll + 2008-06-23 13:56:25 3,072 ----a-w C:\Windows\assembly\GAC\policy.1.0.cli_ure\13.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll + 2008-06-23 13:56:49 3,072 ----a-w C:\Windows\assembly\GAC\policy.1.1.cli_types\13.0.0.0__ce2cb7e279207b9e\policy.1.1.cli_types.dll - 2007-09-15 15:17:35 12,104 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll + 2008-06-17 23:30:06 12,104 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll - 2007-09-15 15:17:41 12,096 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll + 2008-06-17 23:30:09 12,096 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll - 2007-09-15 15:19:22 12,096 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll + 2008-06-17 23:31:04 12,096 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll - 2007-09-15 15:19:59 12,616 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll + 2008-06-17 23:31:37 12,616 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.Xml.dll - 2007-09-15 15:19:59 12,616 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll + 2008-06-17 23:31:37 12,616 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.InfoPath\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.InfoPath.dll - 2007-09-15 15:19:48 12,104 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll + 2008-06-17 23:31:29 12,104 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll - 2007-09-15 15:19:46 12,632 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll + 2008-06-17 23:31:28 12,632 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll - 2007-09-15 15:19:48 12,112 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll + 2008-06-17 23:31:29 12,112 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll - 2007-09-15 15:19:53 12,104 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll + 2008-06-17 23:31:31 12,104 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll - 2007-09-15 15:19:39 12,104 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll + 2008-06-17 23:31:19 12,104 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll - 2007-09-15 15:19:56 12,096 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll + 2008-06-17 23:31:35 12,096 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll - 2007-09-15 15:19:40 12,080 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll + 2008-06-17 23:31:19 12,080 ----a-w C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll - 2007-09-15 15:19:40 11,544 ----a-w C:\Windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll + 2008-06-17 23:31:19 11,544 ----a-w C:\Windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll - 2006-11-02 12:35:33 136,192 ----a-w C:\Windows\assembly\GAC_32\mcupdate\6.0.6000.0__31bf3856ad364e35\mcupdate.exe + 2008-04-23 04:28:09 136,704 ----a-w C:\Windows\assembly\GAC_32\mcupdate\6.0.6000.0__31bf3856ad364e35\mcupdate.exe - 2007-09-15 15:19:59 118,112 ----a-w C:\Windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll + 2008-06-17 23:31:36 118,112 ----a-w C:\Windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll - 2007-09-15 15:20:15 367,400 ----a-w C:\Windows\assembly\GAC_32\Microsoft.VisualStudio.Tools.Applications.InteropAdapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.InteropAdapter.dll + 2008-06-17 23:31:47 367,400 ----a-w C:\Windows\assembly\GAC_32\Microsoft.VisualStudio.Tools.Applications.InteropAdapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.InteropAdapter.dll - 2008-01-10 05:51:27 864,256 ----a-w C:\Windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll + 2008-04-23 04:27:53 864,256 ----a-w C:\Windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll - 2008-01-10 05:51:29 135,168 ----a-w C:\Windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe + 2008-04-23 04:27:55 135,168 ----a-w C:\Windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe - 2008-01-10 05:51:30 77,824 ----a-w C:\Windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll + 2008-04-23 04:27:56 77,824 ----a-w C:\Windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll - 2008-01-10 05:51:34 4,370,432 ----a-w C:\Windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll + 2008-04-23 04:27:59 4,374,528 ----a-w C:\Windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll - 2008-01-10 05:51:50 1,196,032 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll + 2008-04-23 04:28:14 1,196,032 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll - 2008-01-10 05:51:51 2,342,912 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll + 2008-04-23 04:28:14 2,342,912 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll - 2008-01-10 05:51:50 217,088 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll + 2008-04-23 04:28:13 217,088 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll - 2007-09-15 15:19:59 609,104 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll + 2008-06-17 23:31:36 609,104 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll - 2007-09-15 15:19:58 43,840 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\12.0.0.0__71e9bce111e9429c\microsoft.office.infopath.formcontrol.dll + 2008-06-17 23:31:36 43,840 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.FormControl\12.0.0.0__71e9bce111e9429c\microsoft.office.infopath.formcontrol.dll - 2007-09-15 15:19:59 39,728 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Vsta\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Vsta.dll + 2008-06-17 23:31:37 39,728 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Vsta\12.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.Vsta.dll - 2007-09-15 15:19:59 60,200 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.dll + 2008-06-17 23:31:36 60,200 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.dll + 2008-06-17 23:27:32 11,560 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.resources.dll - 2007-09-15 15:20:05 211,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.dll + 2008-06-17 23:31:40 211,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Adapter\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Adapter.dll + 2008-06-17 23:27:32 12,600 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.resources.dll - 2007-09-15 15:20:05 105,248 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll + 2008-06-17 23:31:40 105,248 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.AddInManager\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.AddInManager.dll + 2008-06-17 23:27:32 73,728 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.resources.dll - 2007-09-15 15:20:05 330,520 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.dll + 2008-06-17 23:31:39 330,520 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Blueprints\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Blueprints.dll + 2008-06-17 23:27:32 11,064 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.resources.dll - 2007-09-15 15:20:05 39,712 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll + 2008-06-17 23:31:40 39,712 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.ComRPCChannel.dll - 2007-09-15 15:20:05 39,704 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.dll + 2008-06-17 23:31:40 39,704 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.Contract\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.Contract.dll + 2008-06-17 23:27:32 13,104 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.resources.dll - 2007-09-15 15:20:05 72,472 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll + 2008-06-17 23:31:39 72,472 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications.DesignTime\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Tools.Applications.DesignTime.dll - 2007-09-15 15:20:05 47,832 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2008-06-17 23:31:40 47,832 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll - 2007-09-15 15:20:05 39,624 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.dll + 2008-06-17 23:31:40 39,624 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.dll + 2008-06-15 10:43:07 2,469,888 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\ehepg\3e10833eb7f83e11eec3a970f528ac8d\ehepg.ni.dll + 2008-06-15 10:43:37 360,448 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\ehepgdat\b5dcaeaa218eb42931b96193b5e4074f\ehepgdat.ni.dll + 2008-06-15 10:43:55 45,056 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\c8abe4268ada1cfa408dc4330e37817d\ehExtCOM.ni.dll + 2008-06-15 10:43:15 274,432 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\c11ea9504a5e5464b1850f98d3d381f1\ehExtHost.ni.exe + 2008-06-15 10:43:16 192,512 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\96751ef49f528415c45537453f9c4d28\ehiExtens.ni.dll + 2008-06-15 10:43:36 1,941,504 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\51b3eff44264e4f79d17c953207a7e6b\ehRecObj.ni.dll + 2008-06-15 10:43:33 12,963,840 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\ehshell\368930610e62dcd81dc7ab18a8336131\ehshell.ni.dll + 2008-06-15 10:43:17 765,952 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstore\f50c33f0c4356099d7969e18aeb3f9bf\mcstore.ni.dll + 2008-06-15 10:43:37 266,240 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\mcupdate\2b7d84415dee2bae7b5238a3a14d0add\mcupdate.ni.exe + 2008-06-15 10:43:14 6,115,328 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\6871abee28a9ed5eb7a878013664eb52\Microsoft.MediaCenter.UI.ni.dll + 2008-06-15 10:43:18 712,704 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\ceac290fb6cdaa39fcc449543998fd01\Microsoft.MediaCenter.Sports.ni.dll + 2008-06-15 10:43:16 282,624 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\cf87f745aab458d62d1c4f238c46689d\Microsoft.MediaCenter.Shell.ni.dll + 2008-06-15 10:43:15 634,880 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\fb91a2c47ac4978a5c9d28cc4cdf6fee\Microsoft.MediaCenter.ni.dll - 2008-06-12 10:35:38 67,584 --s-a-w C:\Windows\bootstat.dat + 2008-06-25 17:47:32 67,584 --s-a-w C:\Windows\bootstat.dat - 2008-01-10 05:50:47 21,504 ----a-w C:\Windows\ehome\ehdebug.dll + 2008-04-23 04:27:00 21,504 ----a-w C:\Windows\ehome\ehdebug.dll - 2008-01-10 05:51:27 864,256 ----a-w C:\Windows\ehome\ehepg.dll + 2008-04-23 04:27:53 864,256 ----a-w C:\Windows\ehome\ehepg.dll - 2008-01-10 05:51:29 135,168 ----a-w C:\Windows\ehome\ehexthost.exe + 2008-04-23 04:27:55 135,168 ----a-w C:\Windows\ehome\ehexthost.exe - 2006-11-02 12:35:32 372,224 ----a-w C:\Windows\ehome\ehglid.dll + 2008-04-23 04:27:00 372,224 ----a-w C:\Windows\ehome\ehglid.dll - 2008-01-10 05:51:30 77,824 ----a-w C:\Windows\ehome\ehiExtens.dll + 2008-04-23 04:27:56 77,824 ----a-w C:\Windows\ehome\ehiExtens.dll - 2008-01-10 05:50:47 103,936 ----a-w C:\Windows\ehome\ehPresenter.dll + 2008-04-23 04:27:00 105,472 ----a-w C:\Windows\ehome\ehPresenter.dll - 2008-01-10 05:50:47 252,416 ----a-w C:\Windows\ehome\ehReplay.dll + 2008-04-23 04:27:00 252,416 ----a-w C:\Windows\ehome\ehReplay.dll - 2008-01-10 05:46:17 10,094,080 ----a-w C:\Windows\ehome\ehres.dll + 2008-04-23 04:22:35 10,094,080 ----a-w C:\Windows\ehome\ehres.dll - 2008-01-10 05:51:34 4,370,432 ----a-w C:\Windows\ehome\ehshell.dll + 2008-04-23 04:27:59 4,374,528 ----a-w C:\Windows\ehome\ehshell.dll - 2008-01-10 05:50:47 18,944 ----a-w C:\Windows\ehome\ehtrace.dll + 2008-04-23 04:27:00 18,944 ----a-w C:\Windows\ehome\ehtrace.dll - 2008-01-10 05:50:47 517,120 ----a-w C:\Windows\ehome\ehui.dll + 2008-04-23 04:27:00 517,632 ----a-w C:\Windows\ehome\ehui.dll - 2008-01-10 05:50:47 1,497,600 ----a-w C:\Windows\ehome\ehuihlp.dll + 2008-04-23 04:27:00 1,497,600 ----a-w C:\Windows\ehome\ehuihlp.dll - 2008-01-10 05:50:48 6,656 ----a-w C:\Windows\ehome\McrMgr.dll + 2008-04-23 04:27:01 6,656 ----a-w C:\Windows\ehome\McrMgr.dll - 2008-01-10 05:50:25 173,056 ----a-w C:\Windows\ehome\McrMgr.exe + 2008-04-23 04:26:31 173,056 ----a-w C:\Windows\ehome\McrMgr.exe - 2006-11-02 12:35:33 136,192 ----a-w C:\Windows\ehome\mcupdate.exe + 2008-04-23 04:28:09 136,704 ----a-w C:\Windows\ehome\mcupdate.exe - 2008-01-10 05:51:50 217,088 ----a-w C:\Windows\ehome\Microsoft.MediaCenter.dll + 2008-04-23 04:28:13 217,088 ----a-w C:\Windows\ehome\Microsoft.MediaCenter.dll - 2008-01-10 05:51:50 1,196,032 ----a-w C:\Windows\ehome\Microsoft.MediaCenter.Shell.dll + 2008-04-23 04:28:14 1,196,032 ----a-w C:\Windows\ehome\Microsoft.MediaCenter.Shell.dll - 2008-01-10 05:51:51 2,342,912 ----a-w C:\Windows\ehome\Microsoft.MediaCenter.UI.dll + 2008-04-23 04:28:14 2,342,912 ----a-w C:\Windows\ehome\Microsoft.MediaCenter.UI.dll - 2008-03-04 09:51:07 146,190 ----a-w C:\Windows\hpoins18.dat + 2008-06-25 13:08:02 146,190 ----a-w C:\Windows\hpoins18.dat - 2008-04-10 08:49:35 665,600 ----a-w C:\Windows\inf\drvindex.dat + 2008-06-13 01:15:45 665,600 ----a-w C:\Windows\inf\drvindex.dat - 2008-06-09 17:02:26 51,200 ----a-w C:\Windows\inf\infpub.dat + 2008-06-22 20:49:16 51,200 ----a-w C:\Windows\inf\infpub.dat - 2008-06-09 17:02:26 86,016 ----a-w C:\Windows\inf\infstor.dat + 2008-06-22 20:46:29 86,016 ----a-w C:\Windows\inf\infstor.dat - 2008-06-09 17:02:26 86,016 ----a-w C:\Windows\inf\infstrng.dat + 2008-06-22 20:49:16 86,016 ----a-w C:\Windows\inf\infstrng.dat + 2008-06-15 14:50:28 65,536 ----a-r C:\Windows\Installer\{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}\ARPPRODUCTICON.exe - 2008-05-14 01:02:51 1,165,584 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2008-06-23 21:20:16 1,165,584 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2008-05-14 01:02:51 20,240 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2008-06-23 21:20:17 20,240 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2008-05-14 01:02:51 159,504 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2008-06-23 21:20:16 159,504 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2008-05-14 01:02:51 184,080 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2008-06-23 21:20:16 184,080 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2008-05-14 01:02:51 217,864 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2008-06-23 21:20:17 217,864 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2008-05-14 01:02:51 18,704 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2008-06-23 21:20:17 18,704 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2008-05-14 01:02:51 35,088 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2008-06-23 21:20:18 35,088 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2008-05-14 01:02:51 845,584 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2008-06-23 21:20:17 845,584 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2008-05-14 01:02:51 922,384 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2008-06-23 21:20:17 922,384 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2008-05-14 01:02:51 272,648 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2008-06-23 21:20:17 272,648 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2008-05-14 01:02:51 888,080 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2008-06-23 21:20:17 888,080 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2008-05-14 01:02:51 1,172,240 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2008-06-23 21:20:16 1,172,240 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2008-06-17 23:26:38 217,864 ----a-r C:\Windows\Installer\{90120000-006E-0407-0000-0000000FF1CE}\misc.exe - 2007-09-15 15:11:38 217,864 ----a-r C:\Windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2008-06-23 21:14:33 217,864 ----a-r C:\Windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2008-06-15 14:55:38 295,606 ----a-r C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe + 2008-06-15 14:55:40 295,606 ----a-r C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat_3D.exe + 2008-06-15 14:55:39 295,606 ----a-r C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat_Standard.exe + 2008-06-15 14:55:39 25,214 ----a-r C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Distiller.exe + 2008-06-15 14:55:39 7,278 ----a-r C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_ELEMENTS_DT.exe + 2008-06-15 14:55:38 23,558 ----a-r C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe + 2008-06-15 14:20:15 65,536 ----a-r C:\Windows\Installer\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}\ARPPRODUCTICON.exe + 2008-06-21 14:53:09 307,200 ----a-r C:\Windows\Installer\{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}\SafariIco.exe + 2008-06-23 13:57:56 2,363,392 ----a-r C:\Windows\Installer\{CCD90636-D97D-4130-A44A-3AD4E63B9220}\soffice.exe - 2000-08-31 06:00:00 28,160 ----a-w C:\Windows\Nircmd.exe + 2000-08-31 06:00:00 28,672 ----a-w C:\Windows\Nircmd.exe + 2008-06-25 12:04:24 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-06-25 12:04:24 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-06-25 12:04:24 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-06-12 10:47:10 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-06-25 17:48:02 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-06-25 17:48:02 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-06-12 09:22:34 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-06-21 11:21:46 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-06-12 09:22:34 32,768 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-06-21 11:21:46 32,768 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-06-12 09:22:34 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-06-21 11:21:46 16,384 --sha-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-06-12 10:47:05 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-06-25 17:48:02 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-06-25 17:48:02 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2008-02-21 04:43:34 124,928 ----a-w C:\Windows\System32\advpack.dll + 2008-04-25 04:23:05 124,928 ----a-w C:\Windows\System32\advpack.dll + 2008-06-23 19:39:22 105,984 ----a-w C:\Windows\System32\blluqkhl.dll + 2008-06-25 13:10:44 91,136 ----a-w C:\Windows\System32\bsuthjdt.dll + 2008-06-23 19:24:32 91,136 ----a-w C:\Windows\System32\capxruhw.dll - 2008-06-12 11:20:05 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-06-25 17:38:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-06-12 11:20:05 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-06-25 17:38:32 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-06-12 11:20:05 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-06-25 17:38:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-06-12 10:30:06 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-06-25 17:39:13 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-06-25 17:39:13 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1 - 2007-05-02 09:16:16 309,760 ----a-w C:\Windows\System32\difxapi.dll + 2006-11-10 14:25:46 319,456 ----a-w C:\Windows\System32\difxapi.dll + 2008-06-23 19:49:04 91,136 ----a-w C:\Windows\System32\dmgjkmqk.dll - 2006-11-06 09:29:14 1,473,024 ----a-w C:\Windows\System32\drivers\igdkmd32.sys + 2008-02-11 17:36:10 2,302,976 ----a-w C:\Windows\System32\drivers\igdkmd32.sys + 2008-04-29 01:42:12 19,456 ----a-w C:\Windows\System32\DriverStore\FileRepository\bth.inf_c206c850\bthenum.sys + 2008-04-29 01:42:12 220,160 ----a-w C:\Windows\System32\DriverStore\FileRepository\bth.inf_c206c850\bthport.sys + 2008-04-29 01:42:08 29,184 ----a-w C:\Windows\System32\DriverStore\FileRepository\bth.inf_c206c850\BTHUSB.SYS + 2008-04-29 03:50:12 181,760 ----a-w C:\Windows\System32\DriverStore\FileRepository\bth.inf_c206c850\fsquirt.exe + 2008-02-11 16:46:50 106,496 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\hccutils.dll + 2008-02-11 18:13:02 166,424 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\hkcmd.exe + 2008-02-11 17:01:44 2,174,976 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\ig4dev32.dll + 2008-02-11 17:01:30 2,420,736 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\ig4icd32.dll + 2008-02-11 17:36:10 2,302,976 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igdkmd32.sys + 2008-02-11 17:36:08 3,301,376 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igdumd32.dll + 2008-02-11 18:13:04 539,160 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxcfg.exe + 2008-02-11 16:46:44 204,800 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxdev.dll + 2008-02-11 16:46:58 135,168 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxdo.dll + 2008-02-11 16:47:26 24,576 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxexps.dll + 2008-02-11 18:13:06 170,520 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxext.exe + 2008-02-11 18:13:08 133,656 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxpers.exe + 2008-02-11 16:47:34 204,800 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxpph.dll + 2008-02-11 16:46:32 3,293,184 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxress.dll + 2008-02-11 16:47:14 48,640 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxsrvc.dll + 2008-02-11 18:13:10 256,536 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxsrvc.exe + 2008-02-11 16:48:00 245,760 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxTMM.dll + 2008-02-11 18:13:12 141,848 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxtray.exe + 2008-02-11 18:13:14 170,520 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igfxzoom.exe + 2008-02-11 17:34:48 2,215,364 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igklg400.bin + 2008-02-11 17:34:48 1,971,732 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igklg450.bin + 2008-02-11 17:34:48 29,932 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igmedcompkrn.bin + 2008-02-11 17:55:18 147,456 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\igxpco32.dll + 2008-02-11 16:47:38 69,632 ----a-w C:\Windows\System32\DriverStore\FileRepository\kit12959.inf_5180b7c9\oemdspif.dll - 2008-02-21 04:43:35 347,136 ----a-w C:\Windows\System32\dxtmsft.dll + 2008-04-25 04:23:06 347,136 ----a-w C:\Windows\System32\dxtmsft.dll - 2008-02-21 04:43:35 214,528 ----a-w C:\Windows\System32\dxtrans.dll + 2008-04-25 04:23:06 214,528 ----a-w C:\Windows\System32\dxtrans.dll - 2006-11-02 12:34:48 428,032 ----a-w C:\Windows\System32\EncDec.dll + 2008-04-23 04:27:00 428,032 ----a-w C:\Windows\System32\EncDec.dll + 2008-06-23 19:40:16 91,136 ----a-w C:\Windows\System32\ewlenwod.dll + 2008-06-23 19:14:40 24,576 ----a-w C:\Windows\System32\fccdCVLF.dll + 2006-10-26 12:40:36 36,672 ----a-w C:\Windows\System32\FM20DEU.DLL - 2008-06-09 17:16:32 1,739,800 ----a-w C:\Windows\System32\FNTCACHE.DAT + 2008-06-24 11:42:15 1,755,128 ----a-w C:\Windows\System32\FNTCACHE.DAT - 2006-11-06 08:00:56 77,824 ----a-w C:\Windows\System32\hccutils.dll + 2008-02-11 16:46:50 106,496 ----a-w C:\Windows\System32\hccutils.dll - 2006-11-06 08:05:32 106,496 ----a-w C:\Windows\System32\hkcmd.exe + 2008-02-11 18:13:02 166,424 ----a-w C:\Windows\System32\hkcmd.exe - 2008-02-21 04:43:35 63,488 ----a-w C:\Windows\System32\icardie.dll + 2008-04-25 04:23:06 63,488 ----a-w C:\Windows\System32\icardie.dll - 2008-02-21 04:43:03 70,656 ----a-w C:\Windows\System32\ie4uinit.exe + 2008-04-25 04:22:36 70,656 ----a-w C:\Windows\System32\ie4uinit.exe - 2008-02-21 04:43:35 383,488 ----a-w C:\Windows\System32\ieapfltr.dll + 2008-04-25 04:23:06 383,488 ----a-w C:\Windows\System32\ieapfltr.dll - 2008-02-21 04:43:35 6,066,176 ----a-w C:\Windows\System32\ieframe.dll + 2008-04-25 04:23:06 6,066,176 ----a-w C:\Windows\System32\ieframe.dll - 2008-02-21 04:43:36 44,544 ----a-w C:\Windows\System32\iernonce.dll + 2008-04-25 04:23:06 44,544 ----a-w C:\Windows\System32\iernonce.dll - 2008-02-21 04:43:36 56,320 ----a-w C:\Windows\System32\iesetup.dll + 2008-04-25 04:23:06 56,320 ----a-w C:\Windows\System32\iesetup.dll - 2008-02-21 04:43:36 180,736 ----a-w C:\Windows\System32\ieui.dll + 2008-04-25 04:23:06 180,736 ----a-w C:\Windows\System32\ieui.dll - 2008-02-21 04:43:03 26,624 ----a-w C:\Windows\System32\ieUnatt.exe + 2008-04-25 04:22:36 26,624 ----a-w C:\Windows\System32\ieUnatt.exe + 2008-06-24 12:16:47 91,136 ----a-w C:\Windows\System32\ifrhjixy.dll - 2006-11-06 08:30:50 1,339,392 ----a-w C:\Windows\System32\ig4dev32.dll + 2008-02-11 17:01:44 2,174,976 ----a-w C:\Windows\System32\ig4dev32.dll - 2006-11-06 08:38:30 2,387,968 ----a-w C:\Windows\System32\ig4icd32.dll + 2008-02-11 17:01:30 2,420,736 ----a-w C:\Windows\System32\ig4icd32.dll - 2006-11-06 09:29:36 2,105,344 ----a-w C:\Windows\System32\igdumd32.dll + 2008-02-11 17:36:08 3,301,376 ----a-w C:\Windows\System32\igdumd32.dll - 2006-11-06 08:05:14 450,560 ----a-w C:\Windows\System32\igfxcfg.exe + 2008-02-11 18:13:04 539,160 ----a-w C:\Windows\System32\igfxcfg.exe + 2008-02-11 17:55:18 147,456 ----a-w C:\Windows\System32\igfxCoIn_v1437.dll - 2006-11-06 08:00:48 212,992 ----a-w C:\Windows\System32\igfxdev.dll + 2008-02-11 16:46:44 204,800 ----a-w C:\Windows\System32\igfxdev.dll - 2006-11-06 08:01:52 98,304 ----a-w C:\Windows\System32\igfxdo.dll + 2008-02-11 16:46:58 135,168 ----a-w C:\Windows\System32\igfxdo.dll - 2006-11-06 08:07:46 23,552 ----a-w C:\Windows\System32\igfxexps.dll + 2008-02-11 16:47:26 24,576 ----a-w C:\Windows\System32\igfxexps.dll - 2006-11-06 08:02:08 122,880 ----a-w C:\Windows\System32\igfxext.exe + 2008-02-11 18:13:06 170,520 ----a-w C:\Windows\System32\igfxext.exe - 2006-11-06 08:02:18 81,920 ----a-w C:\Windows\System32\igfxpers.exe + 2008-02-11 18:13:08 133,656 ----a-w C:\Windows\System32\igfxpers.exe - 2006-11-06 08:01:44 155,648 ----a-w C:\Windows\System32\igfxpph.dll + 2008-02-11 16:47:34 204,800 ----a-w C:\Windows\System32\igfxpph.dll - 2006-11-06 08:01:58 3,276,800 ----a-w C:\Windows\System32\igfxress.dll + 2008-02-11 16:46:32 3,293,184 ----a-w C:\Windows\System32\igfxress.dll - 2006-11-06 08:06:50 44,544 ----a-w C:\Windows\System32\igfxsrvc.dll + 2008-02-11 16:47:14 48,640 ----a-w C:\Windows\System32\igfxsrvc.dll - 2006-11-06 08:01:22 196,608 ----a-w C:\Windows\System32\igfxsrvc.exe + 2008-02-11 18:13:10 256,536 ----a-w C:\Windows\System32\igfxsrvc.exe - 2006-11-06 08:05:40 61,440 ----a-w C:\Windows\System32\igfxTMM.dll + 2008-02-11 16:48:00 245,760 ----a-w C:\Windows\System32\igfxTMM.dll + 2008-02-11 18:13:12 141,848 ----a-w C:\Windows\System32\igfxtray.exe - 2006-11-06 08:03:12 106,496 ----a-w C:\Windows\System32\igfxzoom.exe + 2008-02-11 18:13:14 170,520 ----a-w C:\Windows\System32\igfxzoom.exe - 2006-11-06 10:01:26 385,024 ----a-w C:\Windows\System32\igxpun.exe + 2008-02-11 18:13:16 920,088 ----a-w C:\Windows\System32\igxpun.exe + 2008-06-23 19:45:37 105,984 ----a-w C:\Windows\System32\ikipxbqj.dll - 2008-02-21 04:43:36 27,648 ----a-w C:\Windows\System32\jsproxy.dll + 2008-04-25 04:23:06 27,648 ----a-w C:\Windows\System32\jsproxy.dll + 2006-11-10 13:00:50 77,824 ----a-w C:\Windows\System32\Lang\HDMI\DEU\HDMIDEU.dll + 2007-02-20 13:34:06 190,696 ----a-w C:\Windows\System32\Macromed\Flash\FlashUtil9c.exe - 2007-11-21 00:52:38 2,884,992 ----a-w C:\Windows\System32\Macromed\Flash\NPSWF32.dll + 2007-02-20 14:04:02 2,463,976 ----a-w C:\Windows\System32\Macromed\Flash\NPSWF32.dll - 2007-11-21 00:52:40 218,496 ----a-w C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2007-02-20 14:04:04 190,696 ----a-w C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe - 2008-01-10 05:50:48 1,244,672 ----a-w C:\Windows\System32\mcmde.dll + 2008-04-23 04:27:01 1,244,672 ----a-w C:\Windows\System32\mcmde.dll - 2008-02-21 04:43:42 64,512 ----a-w C:\Windows\System32\migration\WininetPlugin.dll + 2008-04-25 04:23:11 64,512 ----a-w C:\Windows\System32\migration\WininetPlugin.dll + 2008-06-24 20:32:27 140,712 ---ha-w C:\Windows\System32\mlfcache.dat + 2008-06-23 19:33:22 91,136 ----a-w C:\Windows\System32\mllweect.dll - 2008-05-09 21:35:04 16,863,864 ----a-w C:\Windows\System32\mrt.exe + 2008-05-29 23:35:11 17,486,968 ----a-w C:\Windows\System32\mrt.exe - 2008-02-21 04:43:36 3,591,680 ----a-w C:\Windows\System32\mshtml.dll + 2008-04-25 04:23:07 3,591,680 ----a-w C:\Windows\System32\mshtml.dll - 2008-02-21 04:43:36 478,208 ----a-w C:\Windows\System32\mshtmled.dll + 2008-04-25 04:23:07 478,208 ----a-w C:\Windows\System32\mshtmled.dll - 2007-07-02 16:15:00 946,960 ----a-w C:\Windows\System32\msjava.dll + 2007-03-12 12:02:26 947,472 ----a-w C:\Windows\System32\msjava.dll - 2008-02-21 04:43:37 671,232 ----a-w C:\Windows\System32\mstime.dll + 2008-04-25 04:23:09 671,232 ----a-w C:\Windows\System32\mstime.dll + 2008-06-24 12:16:54 105,472 ----a-w C:\Windows\System32\ndkvmkvv.dll + 2008-06-23 19:29:46 105,984 ----a-w C:\Windows\System32\nokuexfi.dll + 2007-02-20 14:04:02 2,463,976 ----a-w C:\Windows\System32\NPSWF32.dll + 2007-02-20 14:04:04 190,696 ----a-w C:\Windows\System32\NPSWF32_FlashUtil.exe - 2006-11-06 08:03:16 53,248 ----a-w C:\Windows\System32\oemdspif.dll + 2008-02-11 16:47:38 69,632 ----a-w C:\Windows\System32\oemdspif.dll - 2008-06-12 10:42:56 117,550 ----a-w C:\Windows\System32\perfc007.dat + 2008-06-25 16:19:37 117,550 ----a-w C:\Windows\System32\perfc007.dat - 2008-06-12 10:42:56 104,768 ----a-w C:\Windows\System32\perfc009.dat + 2008-06-25 16:19:37 104,768 ----a-w C:\Windows\System32\perfc009.dat - 2008-06-12 10:42:56 644,248 ----a-w C:\Windows\System32\perfh007.dat + 2008-06-25 16:19:37 644,248 ----a-w C:\Windows\System32\perfh007.dat - 2008-06-12 10:42:56 613,046 ----a-w C:\Windows\System32\perfh009.dat + 2008-06-25 16:19:37 613,046 ----a-w C:\Windows\System32\perfh009.dat - 2008-02-21 04:43:38 44,544 ----a-w C:\Windows\System32\pngfilt.dll + 2008-04-25 04:23:10 44,544 ----a-w C:\Windows\System32\pngfilt.dll - 2007-08-09 09:56:47 292,352 ----a-w C:\Windows\System32\psisdecd.dll + 2008-04-23 04:27:04 292,352 ----a-w C:\Windows\System32\psisdecd.dll + 2008-06-23 19:55:04 105,984 ----a-w C:\Windows\System32\qakdfnuv.dll + 2008-06-25 13:13:05 106,496 ----a-w C:\Windows\System32\qcyivfvb.dll - 2007-12-12 02:05:17 1,327,104 ----a-w C:\Windows\System32\quartz.dll + 2008-04-26 08:02:05 1,327,104 ----a-w C:\Windows\System32\quartz.dll - 2008-06-09 17:15:16 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2008-06-22 23:31:50 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT - 2007-05-14 07:05:10 2,920,960 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\hpbcfgre.DLL + 2007-01-29 11:58:26 1,925,120 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\hpbcfgre.dll - 2006-11-30 09:14:06 671,816 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\hpcdmc32.DLL + 2006-11-29 15:26:42 671,816 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\hpcdmc32.dll - 2006-11-02 02:46:12 728,576 ----a-w C:\Windows\System32\spool\drivers\w32x86\PS5UI.DLL + 2003-05-05 14:47:20 129,024 ----a-w C:\Windows\System32\spool\drivers\w32x86\PS5UI.DLL - 2006-11-02 02:46:12 543,232 ----a-w C:\Windows\System32\spool\drivers\w32x86\PSCRIPT5.DLL + 2003-05-05 14:47:20 455,168 ----a-w C:\Windows\System32\spool\drivers\w32x86\PSCRIPT5.DLL + 2008-06-25 10:07:56 99,840 ----a-w C:\Windows\System32\ssfkjjbv.dll + 2008-06-25 12:10:42 99,840 ----a-w C:\Windows\System32\untmnqcm.dll - 2008-02-21 04:43:41 1,159,680 ----a-w C:\Windows\System32\urlmon.dll + 2008-04-25 04:23:11 1,159,680 ----a-w C:\Windows\System32\urlmon.dll + 2008-06-23 19:22:49 105,984 ----a-w C:\Windows\System32\vboitjme.dll - 2008-06-12 10:07:06 10,882 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1416638823-3723293513-1189148302-1000_UserData.bin + 2008-06-25 17:15:20 11,762 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1416638823-3723293513-1189148302-1000_UserData.bin - 2008-06-12 10:07:06 71,492 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-06-25 17:15:20 73,446 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-06-12 10:07:03 67,536 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-06-22 20:53:57 69,884 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2008-02-21 04:43:42 826,368 ----a-w C:\Windows\System32\wininet.dll + 2008-04-25 04:23:11 826,368 ----a-w C:\Windows\System32\wininet.dll - 2006-11-02 09:46:14 14,848 ----a-w C:\Windows\System32\wshrm.dll + 2008-05-10 03:30:50 14,848 ----a-w C:\Windows\System32\wshrm.dll + 2008-06-25 12:08:19 91,136 ----a-w C:\Windows\System32\xckjlnre.dll + 2008-06-23 19:20:57 91,136 ----a-w C:\Windows\System32\xvdtqcgk.dll + 2008-06-25 10:05:36 91,136 ----a-w C:\Windows\System32\ydddtyfv.dll - 2008-06-10 16:47:11 40,182,194 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-06-15 14:18:26 47,925,595 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-04-23 04:27:53 864,256 ----a-w C:\Windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.16679_none_d97a4d2ed1f284d2\ehepg.dll + 2008-04-23 14:12:49 864,256 ----a-w C:\Windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.20821_none_da31f92beaeecb56\ehepg.dll + 2008-04-23 04:27:55 135,168 ----a-w C:\Windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.16679_none_bcbfc9e4c1e1e81d\ehexthost.exe + 2008-04-23 14:12:50 135,168 ----a-w C:\Windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.20821_none_bd7775e1dade2ea1\ehexthost.exe + 2008-04-23 04:27:56 77,824 ----a-w C:\Windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.16679_none_fba2d0c909e74612\ehiExtens.dll + 2008-04-23 14:12:51 77,824 ----a-w C:\Windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.20821_none_fc5a7cc622e38c96\ehiExtens.dll + 2008-04-23 04:27:59 4,374,528 ----a-w C:\Windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.16679_none_896d686f44a61324\ehshell.dll + 2008-04-23 14:12:55 4,382,720 ----a-w C:\Windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.20821_none_8a25146c5da259a8\ehshell.dll + 2008-04-23 04:44:14 4,046,848 ----a-w C:\Windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.18061_none_8b5674b141cbbd6c\ehshell.dll + 2008-04-23 04:36:58 4,046,848 ----a-w C:\Windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.22165_none_8be412a45ae5c292\ehshell.dll + 2008-04-23 04:28:14 1,196,032 ----a-w C:\Windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.16679_none_4e6b0c2698ea89ba\Microsoft.MediaCenter.Shell.dll + 2008-04-23 14:13:09 1,269,760 ----a-w C:\Windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.20821_none_4f22b823b1e6d03e\Microsoft.MediaCenter.Shell.dll + 2008-04-23 04:28:14 2,342,912 ----a-w C:\Windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.16679_none_30f95ad65a3e86d4\Microsoft.MediaCenter.UI.dll + 2008-04-23 14:13:09 2,351,104 ----a-w C:\Windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.20821_none_31b106d3733acd58\Microsoft.MediaCenter.UI.dll + 2008-04-23 04:45:00 1,957,888 ----a-w C:\Windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.18061_none_32e267185764311c\Microsoft.MediaCenter.UI.dll + 2008-04-23 04:37:38 1,957,888 ----a-w C:\Windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.22165_none_3370050b707e3642\Microsoft.MediaCenter.UI.dll + 2008-04-23 04:28:13 217,088 ----a-w C:\Windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.16679_none_2354b3c9cf56f2ea\Microsoft.MediaCenter.dll + 2008-04-23 14:13:08 217,088 ----a-w C:\Windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.20821_none_240c5fc6e853396e\Microsoft.MediaCenter.dll + 2008-04-29 01:42:12 19,456 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6000.16682_none_700a06c9bea9b8da\bthenum.sys + 2008-04-29 01:42:12 220,160 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6000.16682_none_700a06c9bea9b8da\bthport.sys + 2008-04-29 01:42:08 29,184 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6000.16682_none_700a06c9bea9b8da\BTHUSB.SYS + 2008-04-29 03:50:12 181,760 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6000.16682_none_700a06c9bea9b8da\fsquirt.exe + 2008-04-29 01:35:24 19,456 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6000.20824_none_70d68596d794e0d3\bthenum.sys + 2008-04-29 01:35:25 220,160 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6000.20824_none_70d68596d794e0d3\bthport.sys + 2008-04-29 01:35:23 29,184 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6000.20824_none_70d68596d794e0d3\BTHUSB.SYS + 2008-04-29 01:35:24 181,760 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6000.20824_none_70d68596d794e0d3\fsquirt.exe + 2008-01-19 05:53:38 19,456 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.18064_none_7207e5dbbbbe4497\bthenum.sys + 2008-04-29 01:42:23 220,160 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.18064_none_7207e5dbbbbe4497\bthport.sys + 2008-04-29 01:42:21 29,184 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.18064_none_7207e5dbbbbe4497\BTHUSB.SYS + 2008-04-29 03:54:02 181,760 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.18064_none_7207e5dbbbbe4497\fsquirt.exe + 2008-04-29 01:43:50 19,456 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.22168_none_729583ced4d849bd\bthenum.sys + 2008-04-29 01:43:50 220,160 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.22168_none_729583ced4d849bd\bthport.sys + 2008-04-29 01:43:48 29,184 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.22168_none_729583ced4d849bd\BTHUSB.SYS + 2008-04-29 01:43:51 181,760 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.22168_none_729583ced4d849bd\fsquirt.exe + 2008-04-23 04:28:09 136,704 ----a-w C:\Windows\winsxs\x86_mcupdate_31bf3856ad364e35_6.0.6000.16679_none_c673e63faed8754d\mcupdate.exe + 2008-04-23 14:13:03 136,704 ----a-w C:\Windows\winsxs\x86_mcupdate_31bf3856ad364e35_6.0.6000.20821_none_c72b923cc7d4bbd1\mcupdate.exe + 2008-04-23 04:44:47 140,288 ----a-w C:\Windows\winsxs\x86_mcupdate_31bf3856ad364e35_6.0.6001.18061_none_c85cf281abfe1f95\mcupdate.exe + 2008-04-23 04:37:28 140,288 ----a-w C:\Windows\winsxs\x86_mcupdate_31bf3856ad364e35_6.0.6001.22165_none_c8ea9074c51824bb\mcupdate.exe + 2008-04-25 04:23:05 124,928 ----a-w C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16681_none_a98fa7bdf5e9f5de\advpack.dll + 2008-04-25 04:06:14 124,928 ----a-w C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20823_none_aa5c268b0ed51dd7\advpack.dll + 2008-04-26 08:02:05 1,327,104 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6000.16681_none_a4347a24f0ff937a\quartz.dll + 2008-04-26 07:41:59 1,327,616 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6000.20823_none_a500f8f209eabb73\quartz.dll + 2008-04-26 08:08:15 1,314,816 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6001.18063_none_a6325936ee141f37\quartz.dll + 2008-04-26 07:57:58 1,314,816 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directshow-core_31bf3856ad364e35_6.0.6001.22167_none_a6bff72a072e245d\quartz.dll + 2008-04-23 04:27:00 252,416 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.16679_none_128e8c93a2bce482\ehReplay.dll + 2008-04-23 05:11:36 254,464 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.20821_none_13463890bbb92b06\ehReplay.dll + 2008-04-23 04:42:33 254,464 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.18061_none_147798d59fe28eca\ehReplay.dll + 2008-04-23 04:30:25 254,464 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.22165_none_150536c8b8fc93f0\ehReplay.dll + 2008-04-23 04:27:01 6,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16679_none_3200fce9dd0448e0\McrMgr.dll + 2008-04-23 04:26:31 173,056 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16679_none_3200fce9dd0448e0\McrMgr.exe + 2008-04-23 05:11:51 6,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.20821_none_32b8a8e6f6008f64\McrMgr.dll + 2008-04-23 03:56:48 172,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.20821_none_32b8a8e6f6008f64\McrMgr.exe + 2008-04-23 04:27:00 21,504 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.16679_none_2db4cba1854c2050\ehdebug.dll + 2008-04-23 05:11:35 21,504 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.20821_none_2e6c779e9e4866d4\ehdebug.dll + 2008-04-23 04:27:00 372,224 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.16679_none_2d12eef96d2c252b\ehglid.dll + 2008-04-23 05:11:35 372,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.20821_none_2dca9af686286baf\ehglid.dll + 2008-04-23 04:42:33 373,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.18061_none_2efbfb3b6a51cf73\ehglid.dll + 2008-04-23 04:30:24 373,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.22165_none_2f89992e836bd499\ehglid.dll + 2008-04-23 04:27:00 105,472 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.16679_none_249fac1865043b1f\ehPresenter.dll + 2008-04-23 05:11:36 105,472 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.20821_none_255758157e0081a3\ehPresenter.dll + 2008-04-23 04:42:33 105,472 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.18061_none_2688b85a6229e567\ehPresenter.dll + 2008-04-23 04:30:25 105,472 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.22165_none_2716564d7b43ea8d\ehPresenter.dll + 2008-04-23 04:22:35 10,094,080 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.16679_none_4fe31875538242d1\ehres.dll + 2008-04-23 05:11:36 10,103,808 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.20821_none_509ac4726c7e8955\ehres.dll + 2008-04-23 04:27:00 18,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.16679_none_3693dda116ea05e6\ehtrace.dll + 2008-04-23 05:11:36 18,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.20821_none_374b899e2fe64c6a\ehtrace.dll + 2008-04-23 04:27:00 517,632 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.16679_none_cc9b30cbcc71d8eb\ehui.dll + 2008-04-23 05:11:36 521,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.20821_none_cd52dcc8e56e1f6f\ehui.dll + 2008-04-23 04:42:33 522,240 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.18061_none_ce843d0dc9978333\ehui.dll + 2008-04-23 04:30:33 522,240 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.22165_none_cf11db00e2b18859\ehui.dll + 2008-04-23 04:27:00 1,497,600 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.16679_none_39e223022e478d8d\ehuihlp.dll + 2008-04-23 05:11:36 1,498,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.20821_none_3a99ceff4743d411\ehuihlp.dll + 2008-04-25 04:23:10 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16681_none_eb8ab16d1682dbdd\pngfilt.dll + 2008-04-25 04:09:24 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20823_none_ec57303a2f6e03d6\pngfilt.dll + 2008-04-25 04:23:11 1,159,680 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16681_none_b2a75a1fd9e35341\urlmon.dll + 2008-04-25 04:09:51 1,162,752 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20823_none_b373d8ecf2ce7b3a\urlmon.dll + 2008-04-25 04:35:19 1,166,336 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18063_none_b4a53931d6f7defe\urlmon.dll + 2008-04-25 04:21:54 1,166,336 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22167_none_b532d724f011e424\urlmon.dll + 2008-04-25 04:23:09 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16681_none_de89e8e87f8c12b0\mstime.dll + 2008-04-25 04:08:10 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.20823_none_df5667b598773aa9\mstime.dll + 2008-04-25 04:35:16 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18063_none_e087c7fa7ca09e6d\mstime.dll + 2008-04-25 04:20:09 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22167_none_e11565ed95baa393\mstime.dll + 2008-04-25 04:23:06 27,648 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\jsproxy.dll + 2008-04-25 04:23:11 826,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll + 2008-04-25 04:23:11 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\WininetPlugin.dll + 2008-04-25 04:07:19 27,648 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\jsproxy.dll + 2008-04-25 04:09:57 827,392 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll + 2008-04-25 04:09:57 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\WininetPlugin.dll + 2008-04-25 04:35:13 28,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\jsproxy.dll + 2008-04-25 04:35:23 826,880 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll + 2008-04-25 04:35:24 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\WininetPlugin.dll + 2008-04-25 04:19:00 28,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\jsproxy.dll + 2008-04-25 04:22:01 826,880 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll + 2008-04-25 04:22:01 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\WininetPlugin.dll + 2007-09-14 17:29:45 2,455,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16681_none_f956589b6ed7f427\ieapfltr.dat + 2008-04-25 04:23:06 383,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16681_none_f956589b6ed7f427\ieapfltr.dll + 2007-09-14 17:29:45 2,455,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20823_none_fa22d76887c31c20\ieapfltr.dat + 2008-04-25 04:07:00 383,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20823_none_fa22d76887c31c20\ieapfltr.dll + 2008-04-25 04:23:06 347,136 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16681_none_958a915384bd7a55\dxtmsft.dll + 2008-04-25 04:23:06 214,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16681_none_958a915384bd7a55\dxtrans.dll + 2008-04-25 04:06:44 347,136 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20823_none_965710209da8a24e\dxtmsft.dll + 2008-04-25 04:06:44 214,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20823_none_965710209da8a24e\dxtrans.dll + 2008-04-25 04:23:07 478,208 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16681_none_45ed2bab467e2ce2\mshtmled.dll + 2008-04-25 04:07:54 478,208 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20823_none_46b9aa785f6954db\mshtmled.dll + 2008-04-25 04:23:07 3,591,680 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16681_none_110754e02542e30a\mshtml.dll + 2008-04-25 04:07:54 3,593,728 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20823_none_11d3d3ad3e2e0b03\mshtml.dll + 2008-04-25 04:35:14 3,578,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18063_none_130533f222576ec7\mshtml.dll + 2008-04-25 04:19:50 3,578,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22167_none_1392d1e53b7173ed\mshtml.dll + 2008-04-25 04:23:06 63,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16681_none_585fc1aa67576f13\icardie.dll + 2008-04-25 04:06:59 63,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.20823_none_592c40778042970c\icardie.dll + 2008-04-25 04:22:36 26,624 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_2d26424d1d17e8b7\ieUnatt.exe + 2008-04-25 04:22:36 625,664 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_2d26424d1d17e8b7\iexplore.exe + 2008-04-25 02:03:49 26,624 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_2df2c11a360310b0\ieUnatt.exe + 2008-04-25 02:04:08 625,664 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_2df2c11a360310b0\iexplore.exe + 2008-04-25 04:22:36 70,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16681_none_c394f7686192b15c\ie4uinit.exe + 2008-04-25 04:23:06 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16681_none_c394f7686192b15c\iernonce.dll + 2008-04-25 04:23:06 56,320 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16681_none_c394f7686192b15c\iesetup.dll + 2008-04-25 02:03:38 70,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20823_none_c46176357a7dd955\ie4uinit.exe + 2008-04-25 04:07:06 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20823_none_c46176357a7dd955\iernonce.dll + 2008-04-25 04:07:06 56,320 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20823_none_c46176357a7dd955\iesetup.dll + 2008-04-25 04:23:06 52,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16681_none_29ba0dd8684286b9\iebrshim.dll + 2008-04-25 04:07:00 52,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20823_none_2a868ca5812daeb2\iebrshim.dll + 2008-04-25 04:23:06 6,066,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16681_none_6266aee3b1387137\ieframe.dll + 2008-04-25 04:23:06 180,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16681_none_6266aee3b1387137\ieui.dll + 2008-04-25 04:07:06 6,068,224 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20823_none_63332db0ca239930\ieframe.dll + 2008-04-25 04:07:06 180,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20823_none_63332db0ca239930\ieui.dll + 2008-04-25 04:22:36 263,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16681_none_e6601b6294bbc56f\ieinstal.exe + 2008-04-25 02:04:02 263,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20823_none_e72c9a2fada6ed68\ieinstal.exe + 2008-04-25 04:22:36 301,568 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16681_none_0b08507ed7368521\ieuser.exe + 2008-04-25 02:04:03 301,568 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20823_none_0bd4cf4bf021ad1a\ieuser.exe + 2008-04-23 04:27:01 1,244,672 ----a-w C:\Windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.16679_none_3d017dbd628e4075\mcmde.dll + 2008-04-23 05:11:51 1,244,672 ----a-w C:\Windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.20821_none_3db929ba7b8a86f9\mcmde.dll + 2008-05-02 22:21:56 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16688_none_f0535e6e6e8d6c76\OESpamFilter.dat + 2008-05-02 22:17:48 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20833_none_f10e0b498786feff\OESpamFilter.dat + 2008-05-02 22:18:31 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18071_none_f23d6afa6bb23015\OESpamFilter.dat + 2008-05-02 22:17:54 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22178_none_f2ce09cb84c98140\OESpamFilter.dat + 2008-05-10 01:21:06 113,664 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6000.16687_none_524810318afeff68\rmcast.sys + 2008-05-10 03:30:50 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6000.16687_none_524810318afeff68\wshrm.dll + 2008-05-10 01:15:20 113,664 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6000.20832_none_5302bd0ca3f891f1\rmcast.sys + 2008-05-10 03:14:30 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6000.20832_none_5302bd0ca3f891f1\wshrm.dll + 2008-05-10 01:33:10 113,664 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6001.18069_none_5445ef4388138b25\rmcast.sys + 2006-11-02 09:46:14 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6001.18069_none_5445ef4388138b25\wshrm.dll + 2008-05-10 01:20:02 113,664 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6001.22176_none_54c1bb44a13bfadb\rmcast.sys + 2008-05-10 03:22:18 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6001.22176_none_54c1bb44a13bfadb\wshrm.dll + 2008-04-23 04:27:00 428,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.16679_none_de4f2af09170b787\EncDec.dll + 2008-04-23 05:11:36 428,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.20821_none_df06d6edaa6cfe0b\EncDec.dll + 2008-04-23 04:42:37 428,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.18061_none_e03837328e9661cf\EncDec.dll + 2008-04-23 04:34:41 428,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.22165_none_e0c5d525a7b066f5\EncDec.dll + 2008-04-23 04:27:04 292,352 ----a-w C:\Windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.16679_none_d9d44caa5a19bb32\psisdecd.dll + 2008-04-23 05:12:30 292,352 ----a-w C:\Windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.20821_none_da8bf8a7731601b6\psisdecd.dll + 2008-04-23 04:42:37 293,376 ----a-w C:\Windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.18061_none_dbbd58ec573f657a\psisdecd.dll + 2008-04-23 04:34:47 293,376 ----a-w C:\Windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.22165_none_dc4af6df70596aa0\psisdecd.dll + 2008-06-15 14:18:25 40,960 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.163_none_43f0c1d77830fb9e\mfc80CHS.dll + 2008-06-15 14:18:25 45,056 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.163_none_43f0c1d77830fb9e\mfc80CHT.dll + 2008-06-15 14:18:25 65,536 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.163_none_43f0c1d77830fb9e\mfc80DEU.dll + 2008-06-15 14:18:25 57,344 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.163_none_43f0c1d77830fb9e\mfc80ENU.dll + 2008-06-15 14:18:25 61,440 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.163_none_43f0c1d77830fb9e\mfc80ESP.dll + 2008-06-15 14:18:25 61,440 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.163_none_43f0c1d77830fb9e\mfc80FRA.dll + 2008-06-15 14:18:25 61,440 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.163_none_43f0c1d77830fb9e\mfc80ITA.dll + 2008-06-15 14:18:25 49,152 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.163_none_43f0c1d77830fb9e\mfc80JPN.dll + 2008-06-15 14:18:25 49,152 ----a-w C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.163_none_43f0c1d77830fb9e\mfc80KOR.dll . -- Snapshot reset to current date -- . (((((((((((((((((((((((((((( Autostart Punkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0b77365e-4f49-4839-b7fc-f31912b18825}] 2008-06-25 15:13 106496 --a------ C:\Windows\system32\qcyivfvb.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5FB57166-9239-45B7-8F8B-7B6645007B18}] C:\Windows\system32\geBTKCUK.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ACED1C9F-2718-4512-9F69-F4E28C1F484F}] 2008-06-23 21:14 24576 --a------ C:\Windows\system32\fccdCVLF.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4FFFF6C-3FB4-4E59-B906-432858DC78FF}] C:\Windows\system32\nNeFuusS.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C416905B-15F8-4184-8779-01E197CE9E64}] C:\Windows\system32\opnLBsPI.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 13:11 1232896] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 18:22 21898024] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440] "PhonostarAgent"="C:\Program Files\phonostar\ps_agent.exe" [2007-12-05 17:10 98304] "PhonostarTimer"="C:\Program Files\phonostar\ps_timer.exe" [2007-12-05 17:14 126976] "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 15:08 136136] "VoipCheapCom"="C:\Program Files\VoipCheapCom\VoipCheapCom.exe" [2007-02-20 14:23 7202360] "Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2008-05-20 17:27 2474031] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 09:01 437160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-01 17:37 3772416 C:\Windows\RtHDVCpl.exe] "SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 21:43 729088] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 14:23 200704] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 21:52 49152] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 20:46 153136] "KnexStarter"="C:\Program Files\Common Files\Hewlett-Packard\HP Device Communication Services\Appinterfaces\HPDeviceService.exe" [2008-04-22 18:26 73728] "RunTasktray"="C:\Program Files\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe" [2008-04-22 16:33 69120] "WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2003-04-17 08:54 12288] "Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdc.exe" [2007-01-24 13:21 563080] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-16 09:52 262401] "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe" [2007-09-26 11:53 492912] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-05-06 21:07 185896] "Acrobat Assistant 8.0"="D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46 624248] "Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40 1884160] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016] "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-02-11 20:13 141848] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-02-11 20:13 166424] "Persistence"="C:\Windows\system32\igfxpers.exe" [2008-02-11 20:13 133656] "BMdfabfdcd"="C:\Windows\system32\bsuthjdt.dll" [2008-06-25 15:10 91136] C:\Users\anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632] OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 16:41:28 393216] Windows Calendar.lnk - C:\Program Files\Windows Calendar\WinCal.exe [2007-09-14 19:34:29 967168] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 21:40:10 210520] VPN Client.lnk - C:\Windows\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico [2007-10-12 18:51:48 6144] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{ACED1C9F-2718-4512-9F69-F4E28C1F484F}"= C:\Windows\system32\fccdCVLF.dll [2008-06-23 21:14 24576] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List] "C:\\Program Files\\Hewlett-Packard\\HP Easy Printer Care\\HPPRun.exe"= C:\Program Files\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe:*:Enabled:HP Easy Printer Care HPPRun [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{F4DD84CE-E17A-4B85-A1FC-89B2F1AC2696}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{4BDAD0C4-480A-4EED-820F-36D05F16A69D}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{10526763-4111-453A-94E1-CD41D5BBF8F4}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{98B96728-6812-44F6-ABD4-AC834EA74052}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{1FBF5C60-29FE-4EED-BEFF-0E68502FE8A8}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "{198FD9A9-8D1C-437E-8934-02CE13FA261B}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire "TCP Query User{2B3F9092-4D4B-463B-8A1F-CD9663F0CFE3}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus "UDP Query User{B90A9CC3-4E22-4495-BDC1-149042B05A25}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus "TCP Query User{4208924E-746A-490D-B832-AAB5C480E9CF}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter "UDP Query User{C34F8FB0-B3EE-4AD8-AC3C-FBA121A3A399}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter "TCP Query User{BDFB26BF-A458-4D7F-B0E4-3E225BF0B3C4}C:\\users\\anna\\appdata\\local\\temp\\nero web\\setupxu.exe"= UDP:C:\users\anna\appdata\local\temp\nero web\setupxu.exe:setupxu.exe "UDP Query User{53B37A4F-78CF-41AB-B5BB-90CA3BAC4CAA}C:\\users\\anna\\appdata\\local\\temp\\nero web\\setupxu.exe"= TCP:C:\users\anna\appdata\local\temp\nero web\setupxu.exe:setupxu.exe "TCP Query User{6D139940-0319-46E6-8FA4-3B25777B2F66}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus "UDP Query User{D3EF685E-4C9F-454C-BB58-F728DB5891DB}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus "{72391A80-B41F-479C-BEA5-6751235BEAB6}"= UDP:14456:Azureus Ernesto "{7069354F-D9E1-4163-92C9-BF8185696B4A}"= UDP:990:LocalSubnet:LocalSubnet|IF={C29C566D-2C68-4F2F-93CA-A2F67648073B}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001 "{B39B93FB-2FBE-441E-A769-9879B4AA8D4C}"= UDP:5721:LocalSubnet:LocalSubnet|IF={C29C566D-2C68-4F2F-93CA-A2F67648073B}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{2B89BADB-858F-4D87-B424-553326801DEC}"= UDP:1034:LocalSubnet:LocalSubnet|IF={C29C566D-2C68-4F2F-93CA-A2F67648073B}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{5402CB27-D5E3-4EA4-BC52-5FE3996D9700}"= UDP:5678:LocalSubnet:LocalSubnet|IF={C29C566D-2C68-4F2F-93CA-A2F67648073B}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{E72C1562-EC42-4E0D-A5CD-9C01B006B94A}"= UDP:999:LocalSubnet:LocalSubnet|IF={C29C566D-2C68-4F2F-93CA-A2F67648073B}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{DD78AB46-AEA1-4B5F-8687-8F32851F9DDE}"= UDP:26675:LocalSubnet:LocalSubnet|IF={C29C566D-2C68-4F2F-93CA-A2F67648073B}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{A8823093-17C5-4847-AC32-76E2AAEF28D4}"= UDP:990:LocalSubnet:LocalSubnet|IF={C29C566D-2C68-4F2F-93CA-A2F67648073B}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "TCP Query User{5EE102DD-77F2-4B13-96D6-C1D7B49FD5C9}C:\\program files\\phonostar\\ps_olect.exe"= UDP:C:\program files\phonostar\ps_olect.exe:ps_olect "UDP Query User{348F674C-BC6E-4FD1-8AC0-0A406D91F22C}C:\\program files\\phonostar\\ps_olect.exe"= TCP:C:\program files\phonostar\ps_olect.exe:ps_olect "{5BF24BF5-441A-468B-8DD2-4C36D44BD65B}"= UDP:50001:Azureus1 "{3E216593-E634-4675-A942-3DFA993F946C}"= TCP:50001:Azureus "TCP Query User{6433B0AC-5BE9-4CDA-A3DF-F084E6BD448B}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{B8C8451D-DCBE-40FE-B94B-E7E5AAE90545}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{B45340CD-19A2-4919-982C-E2D658D2A78C}C:\\program files\\phonostar\\ps_olect.exe"= UDP:C:\program files\phonostar\ps_olect.exe:ps_olect "UDP Query User{D63AA736-5F00-4A83-98D7-474DC3F769A8}C:\\program files\\phonostar\\ps_olect.exe"= TCP:C:\program files\phonostar\ps_olect.exe:ps_olect "TCP Query User{4EBB9B60-90E1-4A74-9A92-3B0C317A529B}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{239D9813-9FDE-4B1F-A9C0-27BF8CC2BA86}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox "{C032C1E6-5D79-451A-986C-9C2D52F62EDB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{6B960225-2769-451E-A922-DDD3F47FF263}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{20690B30-AA11-47B0-9C5C-A45FECED7E46}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{62B8C8AA-33BB-431D-A304-BAAD09FE530A}"= UDP:C:\Program Files\VoipCheapCom\VoipCheapCom.exe:VoipCheapCom "{8658AE57-944E-4D6E-A678-2C3BC776B3C3}"= TCP:C:\Program Files\VoipCheapCom\VoipCheapCom.exe:VoipCheapCom "{66DEB1B8-47BA-40D1-A3C0-553362FDD4F5}"= UDP:C:\Program Files\VoipCheapCom\VoipCheapCom.exe:VoipCheapCom "{B01F66D4-D01F-45F3-B68C-F2A15F193338}"= TCP:C:\Program Files\VoipCheapCom\VoipCheapCom.exe:VoipCheapCom "TCP Query User{9D7A1FC2-BF54-492B-81CD-AEEBAEFECA62}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{A768B4C9-BC45-4F77-A2A9-6DEA03E34A74}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox "TCP Query User{9F490FD0-2012-4B63-AC48-151E4E5C6F22}C:\\program files\\quicktime\\quicktimeplayer.exe"= UDP:C:\program files\quicktime\quicktimeplayer.exe:QuickTime Player "UDP Query User{FBBE60F0-19F6-49F1-A578-A27B3BA739B5}C:\\program files\\quicktime\\quicktimeplayer.exe"= TCP:C:\program files\quicktime\quicktimeplayer.exe:QuickTime Player "{4DC66C16-0BCB-4707-92AD-CD318C6D2827}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{980D8D50-2739-49AD-B50C-EB00E087D09A}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{1C86748D-F9BB-403B-A578-715E6AC616D9}C:\\users\\anna\\appdata\\local\\simplify media\\simplifypeer.exe"= UDP:C:\users\anna\appdata\local\simplify media\simplifypeer.exe:simplifypeer.exe "UDP Query User{A552AD9C-D0F6-4661-8B74-F3E7315ABC38}C:\\users\\anna\\appdata\\local\\simplify media\\simplifypeer.exe"= TCP:C:\users\anna\appdata\local\simplify media\simplifypeer.exe:simplifypeer.exe "TCP Query User{4B5B902A-6B86-46AB-AB60-CB020DCE5FC5}C:\\users\\anna\\appdata\\local\\simplify media\\simplifypeer.exe"= UDP:C:\users\anna\appdata\local\simplify media\simplifypeer.exe:simplifypeer.exe "UDP Query User{AD7D1EF4-64D9-467E-A071-C29AFEE84099}C:\\users\\anna\\appdata\\local\\simplify media\\simplifypeer.exe"= TCP:C:\users\anna\appdata\local\simplify media\simplifypeer.exe:simplifypeer.exe "{E9B59808-1730-47D5-A189-2CCE92454CB0}"= UDP:3703:Adobe Version Cue CS3 Server "{D7ABB33D-F793-401E-A280-9297AD1623C4}"= UDP:3704:Adobe Version Cue CS3 Server "{D16F40C8-57F5-4EFF-84CC-B65232453516}"= UDP:50900:Adobe Version Cue CS3 Server "{2EA09634-5A07-45BF-A710-FC2950588A97}"= UDP:50901:Adobe Version Cue CS3 Server "{C3F0AC92-2A75-4C57-AD85-0A75D5A2B226}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{E84C285E-A2A1-4DDC-9CF9-6168DC8EBA5D}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{BB9EFCD5-F61E-4153-9A62-C84DEF0F75D8}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{FE5F5D0A-4147-43F7-9566-76D99048689C}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{6D9CB51B-A169-4088-9F80-8E0A1E335E52}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{DC79A8F5-BB38-41E5-A38B-6CA29F33C717}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{F92D78BB-2B0F-439C-9B17-911A613B3CE4}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{7543D86C-D957-4F5F-99DF-784A35EE011E}C:\\program files\\free download manager\\fdm.exe"= UDP:C:\program files\free download manager\fdm.exe:Free Download Manager "UDP Query User{4B10F0DD-0670-4C79-B859-92F04FDF2039}C:\\program files\\free download manager\\fdm.exe"= TCP:C:\program files\free download manager\fdm.exe:Free Download Manager "TCP Query User{9B103C43-9B66-4DA3-BF6F-1F833E134B3A}C:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{C5B03868-DF33-4E23-9BE3-D1319963CF21}C:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath "TCP Query User{EEF9B25A-4034-4353-BA67-596D32905343}C:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{45A828D4-7499-481A-881A-C0433C391556}C:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "C:\\Program Files\\Hewlett-Packard\\HP Easy Printer Care\\HPPRun.exe"= C:\Program Files\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe:*:Enabled:HP Easy Printer Care HPPRun R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2007-09-26 11:53] R2 RapiMgr;Windows Mobile-basierte Geräteverbindung;C:\Windows\system32\svchost.exe [2006-11-02 11:45] R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler;C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-12-08 10:52] R2 WcesComm;Windows Mobile 2003-basierte Geräteverbindung;C:\Windows\system32\svchost.exe [2006-11-02 11:45] R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 19:36] R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\Windows\system32\DRIVERS\sis163u.sys [2007-05-07 13:48] S3 Droppix Service;Droppix Service;"C:\Program Files\Common Files\Droppix\DxService.exe" [2007-04-05 18:00] S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-18 00:00] S3 MBAMCatchMe;MBAMCatchMe;C:\Windows\system32\drivers\mbamcatchme.sys [2008-06-10 19:02] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\Windows\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr bthsvcs REG_MULTI_SZ BthServ [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] \shell\AutoRun\command - I:\LaunchU3.exe -a . Inhalt des "geplante Tasks" Ordners "2008-06-25 17:12:24 C:\Windows\Tasks\WebReg Photosmart C3100 series.job" - C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-25 19:48:16 Windows 6.0.6000 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostart Eintr„ge... Scanne versteckte Dateien... ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\Windows\Explorer.exe -> C:\Windows\system32\bsuthjdt.dll . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\audiodg.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceHost.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.bin C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\System32\conime.exe C:\Windows\System32\dllhost.exe . ************************************************************************** . Zeit der Fertigstellung: 2008-06-25 20:02:14 - machine was rebooted [anna] ComboFix-quarantined-files.txt 2008-06-25 18:01:05 ComboFix2.txt 2008-06-12 11:26:46 Das System hat keinen Meldungstext für die Meldungsnummer 0x2379 in der Meldungsdatei Application gefunden. Das System hat keinen Meldungstext fr die Meldungsnummer 0x2379 in der Meldungsdatei Application gefunden. 905 --- E O F --- 2008-06-22 20:46:35