| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: cmd.exe öffnet bei anmeldung automatischWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.06.2012, 17:41
| #1 |
| |  cmd.exe öffnet bei anmeldung automatisch cmd.exe öffnet bei anmeldung automatisch Bei jeder Anmeldung auf meinen Windows Benutzer steigt meine Zentralprozessoren Auslastung auf 95%. Es scheint, als ob es immer genügend Transis frei lässt um nicht aufzufallen. Wenn ich zum Beispiel in Word arbeite, ist die Auslastung bei 95%. Diese 95% habe ich aber auch wenn ich ein Spiel wie zbs Starcraft2 spiele. Hier einmal der Standard Hijack scan (ohne "cmd is running"): (Wie kann man aus so etwas Schadsoftware finden? Da fehlt doch das wesentliche) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:15:33, on 19.06.2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\ZOTAC FireStorm\Firestorm.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Users\Powk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Powk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Powk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Powk\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Powk\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=hp&babsrc=lnkry_nt R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 223.4.10.225:80 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [GamingKeyboard] "C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe O4 - HKLM\..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKCU\..\Run: [Google Update] "C:\Users\Powk\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe O4 - Startup: Zotac FireStorm.lnk = C:\Program Files (x86)\ZOTAC FireStorm\Firestorm.exe O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{AA75336F-B4EA-4630-8ACC-E97518D09AF6}: NameServer = 8.26.56.26,156.154.70.22 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: OO DiskImage - O&O Software GmbH - C:\Program Files\OO Software\DiskImage\oodiag.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4a\RpcAgentSrv.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10488 bytes |
|
20.06.2012, 07:50
| #2 |
| /// Malwareteam    |  cmd.exe öffnet bei anmeldung automatisch Aus "so etwas" kann man heutzutage kaum noch Schadsoftware finden, da HijackThis zuwenig Informationen liefert! Das steht auch groß und breit oben im Forum!
__________________ Um eine genauere Analyse zu ermöglichen, befolge bitte diesen Link: An alle Hilfesuchenden! Was muss ich vor Eröffnung eines Themas beachten?
__________________ |
|
20.06.2012, 20:04
| #3 |
| | cmd.exe öffnet bei anmeldung automatisch Da ich meine alte Festplatte "unsanft" behandelt habe, wurde mir von einem Freund diese angeboten. Da er schon einige Spiele und co darauf installiert hat, würde ich sie lieber nicht Formatieren. Wüsste jetzt auch nicht wie ich das machen sollte, mit nur einer Festplatte. Kann sich eine Festlatte selber Formatieren??
__________________ Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.20 20:47:15 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Powk\Downloads\OTL.exe PRC - [2012.06.12 11:56:48 | 000,412,304 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe PRC - [2012.06.09 20:23:23 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.12.23 18:13:02 | 001,804,288 | ---- | M] (Game Inc.) -- C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe PRC - [2010.12.27 09:46:38 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.03.29 12:10:28 | 001,001,472 | ---- | M] (ZOTAC Ltd.) -- C:\Program Files (x86)\ZOTAC FireStorm\Firestorm.exe ========== Modules (No Company Name) ========== MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2009.12.21 14:29:42 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\SHARKOON Skiller\keydll3.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.06.18 18:53:49 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.06.12 11:56:48 | 000,412,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2012.06.09 20:23:23 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.06.08 22:33:30 | 004,761,456 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Programme\OO Software\DiskImage\oodiag.exe -- (OO DiskImage) SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.06.01 17:37:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.03.11 21:13:24 | 002,815,496 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2011.11.23 12:27:10 | 001,267,000 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS) SRV - [2010.12.27 09:46:38 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.05.13 00:35:56 | 000,095,896 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4a\RpcAgentSrv.exe -- (SandraAgentSrv) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.06.08 22:34:20 | 000,259,344 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodivd.sys -- (oodivd) DRV:64bit: - [2012.06.08 22:34:20 | 000,044,304 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodivdh.sys -- (oodivdh) DRV:64bit: - [2012.06.08 22:34:18 | 000,118,032 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodisr.sys -- (oodisr) DRV:64bit: - [2012.06.08 22:34:18 | 000,040,720 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodisrh.sys -- (oodisrh) DRV:64bit: - [2011.11.10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2011.08.09 07:42:36 | 000,315,696 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx) DRV:64bit: - [2011.08.09 07:42:36 | 000,024,880 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons) DRV:64bit: - [2011.07.20 09:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R) DRV:64bit: - [2011.07.13 21:51:38 | 000,026,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GameKB.sys -- (GameKB) DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.12.10 13:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.12.10 13:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.11.12 01:10:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2012.06.08 22:48:08 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | Auto | Running] -- C:\Users\Powk\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys -- (WinRing0_1_2_0) DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4a\WNt500x64\sandra.sys -- (SANDRA) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008.08.31 19:30:00 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.10\RivaTuner64.sys -- (RivaTuner64) DRV - [2004.05.05 22:17:28 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\PQNTDRV.sys -- (PQNTDrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=hp&babsrc=lnkry_nt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5F DB 73 3D 32 46 CD 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 223.4.10.225:80 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://ixquick.com/" FF - prefs.js..keyword.URL: "hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Powk\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Powk\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.09 15:51:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.09 17:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Powk\AppData\Roaming\mozilla\Extensions [2012.06.18 18:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Powk\AppData\Roaming\mozilla\Firefox\Profiles\ijtpcfhi.default\extensions [2012.06.17 15:51:31 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Powk\AppData\Roaming\mozilla\Firefox\Profiles\ijtpcfhi.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012.06.17 15:51:31 | 000,000,000 | ---D | M] (TV-Fox) -- C:\Users\Powk\AppData\Roaming\mozilla\Firefox\Profiles\ijtpcfhi.default\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4} [2012.06.15 16:25:08 | 000,001,610 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Mozilla\Firefox\Profiles\ijtpcfhi.default\searchplugins\ixquick-https---deutsch.xml [2012.06.18 16:27:11 | 000,002,474 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Mozilla\Firefox\Profiles\ijtpcfhi.default\searchplugins\Web Search.xml [2012.06.09 15:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.06.01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.06.01 18:33:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Powk\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Powk\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Powk\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Google Update (Enabled) = C:\Users\Powk\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\Powk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Powk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Powk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O4:64bit: - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe () O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:64bit: - HKLM..\Run: [OODITRAY.EXE] C:\Programme\OO Software\DiskImage\ooditray.exe (O&O Software GmbH) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [COMODO] C:\Programme\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO) O4 - HKLM..\Run: [CPA] C:\Programme\COMODO\COMODO GeekBuddy\VALA.exe (COMODO) O4 - HKLM..\Run: [GamingKeyboard] C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe (Game Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" File not found O4 - HKCU..\Run: [PeerBlock] C:\Programme\PeerBlock\peerblock.exe (PeerBlock, LLC) O4 - Startup: C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zotac FireStorm.lnk = C:\Program Files (x86)\ZOTAC FireStorm\Firestorm.exe (ZOTAC Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA75336F-B4EA-4630-8ACC-E97518D09AF6}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA75336F-B4EA-4630-8ACC-E97518D09AF6}: NameServer = 8.26.56.26,156.154.70.22 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{32c9ec83-b199-11e1-bc13-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{32c9ec83-b199-11e1-bc13-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe O33 - MountPoints2\{b5d3da4d-b7e8-11e1-81cd-f46d049cb420}\Shell - "" = AutoRun O33 - MountPoints2\{b5d3da4d-b7e8-11e1-81cd-f46d049cb420}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{ca285b10-b775-11e1-9630-f46d049cb420}\Shell - "" = AutoRun O33 - MountPoints2\{ca285b10-b775-11e1-9630-f46d049cb420}\Shell\AutoRun\command - "" = E:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1 [2012.06.20 00:55:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A.A [2012.06.18 18:53:49 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.06.18 18:53:49 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.06.18 18:53:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012.06.18 18:53:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012.06.18 18:24:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2012.06.18 15:16:17 | 009,712,960 | ---- | C] (Sony DADC Austria AG) -- C:\Users\Powk\Desktop\dirt3.exe [2012.06.18 10:55:31 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\My Cheat Tables [2012.06.18 10:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect Deluxe Edition [2012.06.18 10:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1 [2012.06.18 10:55:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.1 [2012.06.18 10:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect Deluxe Edition [2012.06.18 10:34:25 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\BioWare [2012.06.18 09:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA [2012.06.17 20:31:52 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Texture Packs Zusammenstellung [2012.06.17 17:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PartitionMagic 8.0 [2012.06.17 17:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec [2012.06.17 17:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2012.06.17 15:35:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO [2012.06.17 15:27:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock [2012.06.17 15:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock [2012.06.17 14:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo [2012.06.17 14:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2012.06.17 14:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [2012.06.17 14:59:22 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Comodo [2012.06.17 14:59:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo [2012.06.17 14:59:16 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll [2012.06.17 14:59:16 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll [2012.06.17 14:48:40 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\My Games [2012.06.17 14:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters [2012.06.17 10:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012.06.17 10:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.06.17 10:24:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2012.06.17 10:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012.06.17 10:24:07 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.06.17 10:24:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2012.06.17 10:24:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012.06.17 10:22:15 | 000,000,000 | ---D | C] -- C:\IDE [2012.06.17 10:22:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2012.06.17 10:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012.06.17 10:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012.06.17 10:20:44 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Microsoft Help [2012.06.17 10:20:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012.06.17 10:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012.06.17 10:20:26 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.06.16 14:39:16 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Malwarebytes [2012.06.16 14:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.16 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Adobe [2012.06.16 13:30:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012.06.16 13:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.06.16 13:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.06.16 07:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software [2012.06.16 07:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\OO Software [2012.06.16 07:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software [2012.06.16 07:38:37 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Downloaded Installations [2012.06.16 06:55:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2012.06.16 06:55:15 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\Games for Windows - LIVE Demos [2012.06.16 06:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound [2012.06.16 06:32:26 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll [2012.06.16 06:32:26 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll [2012.06.16 06:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL [2012.06.16 06:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS [2012.06.16 06:32:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE [2012.06.16 06:31:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2012.06.16 06:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2012.06.16 06:00:49 | 000,000,000 | ---D | C] -- C:\Users\Powk\jagexcache [2012.06.16 01:39:47 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell [2012.06.14 14:06:35 | 000,000,000 | ---D | C] -- C:\Windows\Intel_Chipset_V9301019_XPVistaWin7 [2012.06.14 14:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell [2012.06.14 13:51:04 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll [2012.06.14 13:47:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012.06.14 13:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012.06.14 13:47:17 | 002,580,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012.06.14 13:47:17 | 002,096,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2012.06.14 13:47:17 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2012.06.14 13:47:17 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012.06.14 13:47:17 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2012.06.14 13:47:17 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll [2012.06.14 13:47:17 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012.06.14 13:47:17 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012.06.14 13:47:17 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012.06.14 13:47:17 | 000,118,464 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll [2012.06.14 13:47:17 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll [2012.06.14 13:47:17 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll [2012.06.14 13:47:17 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2012.06.14 13:47:16 | 002,654,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2012.06.14 13:47:16 | 001,242,728 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2012.06.14 13:47:16 | 000,618,600 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2012.06.14 13:47:16 | 000,561,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat [2012.06.14 13:47:16 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012.06.14 13:47:16 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012.06.14 13:47:16 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012.06.14 13:47:16 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012.06.14 13:47:16 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2012.06.14 13:47:16 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012.06.14 13:47:16 | 000,082,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2012.06.14 13:47:16 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012.06.14 13:47:15 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2012.06.14 13:47:15 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012.06.14 13:47:15 | 001,770,328 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2012.06.14 13:47:15 | 001,716,368 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2012.06.14 13:47:15 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2012.06.14 13:47:15 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2012.06.14 13:47:15 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2012.06.14 13:47:15 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2012.06.14 13:47:15 | 000,419,472 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2012.06.14 13:47:15 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2012.06.14 13:47:15 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2012.06.14 13:47:15 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012.06.14 13:47:15 | 000,125,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2012.06.14 13:47:15 | 000,106,640 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2012.06.14 13:47:15 | 000,072,336 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2012.06.14 13:47:14 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2012.06.14 13:47:14 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2012.06.14 13:47:14 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2012.06.14 13:47:14 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2012.06.14 13:47:14 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2012.06.14 13:47:14 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2012.06.14 13:47:14 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2012.06.14 13:47:14 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2012.06.14 13:47:14 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2012.06.14 13:47:14 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2012.06.14 13:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012.06.14 13:47:09 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012.06.14 13:47:08 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012.06.14 13:47:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012.06.14 13:45:38 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys [2012.06.14 13:45:10 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Realtek_Audio_V5106235_WinXp_V6016235_VistaWin7 [2012.06.14 13:45:10 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Marvell_91xx_WinXP_V1201006_VistaWin7_V1201010_20110831 [2012.06.14 13:45:09 | 000,342,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\e1c62x64.sys [2012.06.14 13:45:09 | 000,098,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicInstC.dll [2012.06.14 13:45:09 | 000,068,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\e1cmsg.dll [2012.06.14 13:45:09 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Intel_MEI_V8001262_XPVistaWin7 [2012.06.14 13:45:04 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Renesas_USB3_V20320_XPVistaWin7 [2012.06.14 13:45:04 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Intel_Gigabit_V16500_XPVistaWin7 [2012.06.14 13:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware [2012.06.14 13:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware [2012.06.14 13:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012.06.14 13:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics [2012.06.13 19:35:06 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2012.06.12 20:18:45 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012.06.12 20:18:45 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012.06.12 20:18:44 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012.06.12 20:14:34 | 000,000,000 | ---D | C] -- C:\Riot Games [2012.06.11 17:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Skiller [2012.06.11 17:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SHARKOON Skiller [2012.06.11 17:03:34 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\InstallShield [2012.06.11 00:05:33 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\ANNO 2070 [2012.06.10 23:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3 [2012.06.10 23:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2012.06.10 23:23:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2012.06.10 23:17:41 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.10 [2012.06.10 23:17:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RivaTuner v2.10 [2012.06.10 20:22:27 | 000,955,848 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012.06.10 20:22:27 | 000,839,112 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012.06.10 20:22:27 | 000,268,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.06.10 20:22:15 | 000,189,384 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.06.10 20:22:15 | 000,188,872 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.06.10 20:22:13 | 000,000,000 | ---D | C] -- C:\Fraps [2012.06.10 20:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.06.10 19:07:50 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Programme [2012.06.10 18:58:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2012.06.09 20:37:03 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\PunkBuster [2012.06.09 19:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp [2012.06.09 19:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp [2012.06.09 19:05:27 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2012.06.09 19:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012.06.09 19:05:16 | 000,000,000 | ---D | C] -- C:\Intel [2012.06.09 18:52:18 | 000,000,000 | ---D | C] -- C:\Users\Powk\SystemRequirementsLab [2012.06.09 18:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2012.06.09 18:04:18 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\.minecraft [2012.06.09 17:42:20 | 086,400,840 | ---- | C] (K2 Network, Inc.) -- C:\Users\Powk\APB_Reloaded_Installer.exe [2012.06.09 17:42:12 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\GamersFirst LIVE! [2012.06.09 17:40:53 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\PMB Files [2012.06.09 17:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012.06.09 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2012.06.09 17:40:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst [2012.06.09 17:40:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst [2012.06.09 17:37:17 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Mozilla [2012.06.09 17:37:17 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Mozilla [2012.06.09 15:52:53 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan [2012.06.09 15:52:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan [2012.06.09 15:52:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan [2012.06.09 15:51:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.06.09 15:51:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.06.09 15:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.06.09 14:09:33 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Ubisoft Game Launcher [2012.06.09 14:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield [2012.06.09 14:02:32 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\NVIDIA [2012.06.09 14:02:10 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z [2012.06.09 14:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z [2012.06.09 13:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.06.09 13:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012.06.09 13:51:32 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.06.09 13:51:32 | 000,687,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.06.09 13:51:32 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.06.09 13:51:26 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.06.09 13:51:26 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.06.09 13:51:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.06.09 13:42:24 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012.06.09 13:27:51 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Skype [2012.06.09 13:27:46 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.06.09 13:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.06.09 13:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.06.09 13:27:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.06.09 13:26:34 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Macromedia [2012.06.09 13:26:34 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Adobe [2012.06.09 13:25:41 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.06.09 13:24:33 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Google [2012.06.09 13:23:47 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Apps [2012.06.09 13:23:44 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Deployment [2012.06.09 13:21:16 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Data [2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\StarCraft II [2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II [2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2012.06.09 02:04:28 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Ubisoft [2012.06.09 01:59:14 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2012.06.09 01:59:14 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2012.06.09 01:59:14 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2012.06.09 01:59:14 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2012.06.09 01:59:14 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2012.06.09 01:59:14 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2012.06.09 01:59:14 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2012.06.09 01:59:14 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2012.06.09 01:59:14 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2012.06.09 01:59:14 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2012.06.09 01:59:14 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2012.06.09 01:59:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2012.06.09 01:59:13 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2012.06.09 01:59:13 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2012.06.09 01:59:13 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2012.06.09 01:59:13 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2012.06.09 01:59:13 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2012.06.09 01:59:13 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2012.06.09 01:59:13 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2012.06.09 01:59:13 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2012.06.09 01:59:13 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2012.06.09 01:59:13 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2012.06.09 01:59:13 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2012.06.09 01:59:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2012.06.09 01:59:13 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2012.06.09 01:59:13 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2012.06.09 01:59:12 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2012.06.09 01:59:12 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2012.06.09 01:59:12 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2012.06.09 01:59:12 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012.06.09 01:59:12 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2012.06.09 01:59:12 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2012.06.09 01:59:12 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2012.06.09 01:59:12 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2012.06.09 01:59:11 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2012.06.09 01:59:11 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2012.06.09 01:59:11 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2012.06.09 01:59:11 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2012.06.09 01:59:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2012.06.09 01:59:11 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2012.06.09 01:59:11 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2012.06.09 01:59:11 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2012.06.09 01:59:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2012.06.09 01:59:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2012.06.09 01:59:10 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2012.06.09 01:59:10 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2012.06.09 01:59:10 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2012.06.09 01:59:10 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2012.06.09 01:59:10 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2012.06.09 01:59:10 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2012.06.09 01:59:10 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2012.06.09 01:59:10 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2012.06.09 01:59:10 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2012.06.09 01:59:10 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2012.06.09 01:59:10 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2012.06.09 01:59:10 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2012.06.09 01:59:09 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2012.06.09 01:59:09 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012.06.09 01:59:09 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2012.06.09 01:59:09 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2012.06.09 01:59:09 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2012.06.09 01:59:09 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2012.06.09 01:59:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2012.06.09 01:59:09 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2012.06.09 01:59:09 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2012.06.09 01:59:09 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2012.06.09 01:59:09 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2012.06.09 01:59:09 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2012.06.09 01:59:09 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2012.06.09 01:59:09 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2012.06.09 01:59:09 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2012.06.09 01:59:09 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2012.06.09 01:59:08 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2012.06.09 01:59:08 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2012.06.09 01:59:08 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2012.06.09 01:59:08 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2012.06.09 01:59:08 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2012.06.09 01:59:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2012.06.09 01:59:08 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2012.06.09 01:59:08 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2012.06.09 01:59:08 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2012.06.09 01:59:07 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2012.06.09 01:59:07 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2012.06.09 01:59:07 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2012.06.09 01:59:07 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2012.06.09 01:59:07 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2012.06.09 01:59:07 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2012.06.09 01:59:07 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2012.06.09 01:59:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2012.06.09 01:59:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2012.06.09 01:59:07 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2012.06.09 01:59:07 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2012.06.09 01:59:07 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2012.06.09 01:59:06 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2012.06.09 01:59:06 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2012.06.09 01:59:06 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2012.06.09 01:59:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2012.06.09 01:59:06 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2012.06.09 01:59:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2012.06.09 01:59:06 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2012.06.09 01:59:06 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2012.06.09 01:59:06 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2012.06.09 01:59:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2012.06.09 01:59:05 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2012.06.09 01:59:05 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2012.06.09 01:59:05 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2012.06.09 01:59:05 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2012.06.09 01:59:05 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2012.06.09 01:59:05 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2012.06.09 01:59:05 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2012.06.09 01:59:05 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2012.06.09 01:59:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2012.06.09 01:59:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2012.06.09 01:59:05 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2012.06.09 01:59:05 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2012.06.09 01:59:04 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2012.06.09 01:59:04 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2012.06.09 01:59:04 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012.06.09 01:59:04 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012.06.09 01:59:04 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2012.06.09 01:59:04 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2012.06.09 01:59:04 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2012.06.09 01:59:04 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2012.06.09 01:59:04 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2012.06.09 01:59:04 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2012.06.09 01:59:04 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2012.06.09 01:59:04 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2012.06.09 01:59:03 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2012.06.09 01:59:03 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2012.06.09 01:59:03 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2012.06.09 01:59:03 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2012.06.09 01:59:03 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2012.06.09 01:59:03 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2012.06.09 01:59:03 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2012.06.09 01:59:03 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2012.06.09 01:59:03 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2012.06.09 01:59:03 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2012.06.09 01:59:03 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012.06.09 01:59:03 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012.06.09 01:59:02 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2012.06.09 01:59:02 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2012.06.09 01:59:02 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2012.06.09 01:59:02 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2012.06.09 01:59:02 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2012.06.09 01:59:02 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2012.06.09 01:59:01 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2012.06.09 01:59:01 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2012.06.09 01:59:01 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2012.06.09 01:59:01 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2012.06.09 01:59:01 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2012.06.09 01:59:01 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2012.06.09 01:59:01 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2012.06.09 01:59:01 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2012.06.09 01:59:01 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2012.06.09 01:59:01 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2012.06.09 01:59:01 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2012.06.09 01:59:01 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2012.06.09 01:59:01 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2012.06.09 01:59:01 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2012.06.09 01:59:00 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2012.06.09 01:59:00 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2012.06.09 01:58:59 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2012.06.09 01:58:59 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012.06.09 01:58:58 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2012.06.09 01:58:58 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2012.06.09 01:58:58 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2012.06.09 01:58:58 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2012.06.09 01:58:58 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2012.06.09 01:58:58 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2012.06.09 01:58:58 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2012.06.09 01:58:58 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2012.06.09 01:58:58 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2012.06.09 01:58:58 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2012.06.09 01:58:57 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2012.06.09 01:58:57 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2012.06.09 01:58:57 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2012.06.09 01:58:57 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2012.06.09 01:58:57 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2012.06.09 01:58:57 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2012.06.09 01:58:03 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Diagnostics [2012.06.09 01:46:20 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012.06.09 01:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2012.06.08 23:54:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.06.08 23:14:09 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\Amnesia [2012.06.08 23:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent [2012.06.08 23:05:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amnesia - The Dark Descent [2012.06.08 23:00:02 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\WinRAR [2012.06.08 23:00:02 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.06.08 23:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.06.08 22:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR [2012.06.08 22:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2012.06.08 22:34:20 | 000,259,344 | ---- | C] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodivd.sys [2012.06.08 22:34:20 | 000,044,304 | ---- | C] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodivdh.sys [2012.06.08 22:34:18 | 000,118,032 | ---- | C] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodisr.sys [2012.06.08 22:34:18 | 000,040,720 | ---- | C] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodisrh.sys [2012.06.08 22:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.06.08 21:57:12 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64hda.dll [2012.06.08 21:57:12 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2012.06.08 21:57:12 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2012.06.08 21:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012.06.08 21:56:24 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZOTAC FireStorm [2012.06.08 21:56:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZOTAC FireStorm [2012.06.08 21:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.06.08 21:56:14 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll [2012.06.08 21:56:14 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll [2012.06.08 21:56:04 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012.06.08 21:56:04 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012.06.08 21:56:03 | 007,728,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012.06.08 21:56:02 | 005,652,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012.06.08 21:56:00 | 020,474,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012.06.08 21:55:58 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.06.08 21:37:58 | 000,000,000 | -HSD | C] -- C:\Boot [2012.06.08 20:55:54 | 012,858,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012.06.08 20:55:53 | 010,077,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012.06.08 20:55:52 | 002,897,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012.06.08 20:55:51 | 003,113,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.06.08 20:55:51 | 002,480,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.06.08 20:55:51 | 002,252,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.06.08 20:55:50 | 004,942,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.06.08 20:55:49 | 006,606,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.06.08 20:55:34 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.06.08 20:55:31 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.06.08 20:55:31 | 002,210,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012.06.08 20:55:31 | 001,976,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012.06.08 20:55:31 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2012.06.08 20:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.06.08 20:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012.06.08 20:46:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.06.08 20:45:09 | 000,000,000 | R--D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.06.08 20:45:09 | 000,000,000 | R--D | C] -- C:\Users\Powk\Searches [2012.06.08 20:45:09 | 000,000,000 | R--D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.06.08 20:44:59 | 000,000,000 | R--D | C] -- C:\Users\Powk\Contacts [2012.06.08 20:44:56 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\VirtualStore [2012.06.08 20:44:40 | 000,000,000 | --SD | C] -- C:\Users\Powk\AppData\Roaming\Microsoft [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Videos [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Saved Games [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Pictures [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Music [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Links [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Favorites [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Downloads [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Documents [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Desktop [2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Vorlagen [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\AppData\Local\Verlauf [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\AppData\Local\Temporary Internet Files [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Startmenü [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\SendTo [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Recent [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Netzwerkumgebung [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Lokale Einstellungen [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Documents\Eigene Videos [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Documents\Eigene Musik [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Eigene Dateien [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Documents\Eigene Bilder [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Druckumgebung [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Cookies [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\AppData\Local\Anwendungsdaten [2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Anwendungsdaten [2012.06.08 20:44:40 | 000,000,000 | -H-D | C] -- C:\Users\Powk\AppData [2012.06.08 20:44:40 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Temp [2012.06.08 20:44:40 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Microsoft [2012.06.08 20:44:40 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Media Center Programs [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Programme [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.06.08 20:39:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.06.08 20:39:23 | 000,000,000 | ---D | C] -- C:\Windows\CSC [2012.05.30 08:29:18 | 000,071,680 | ---- | C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll [2012.05.30 08:29:14 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll [5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.20 20:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.20 20:47:21 | 000,000,000 | ---- | M] () -- C:\Users\Powk\defogger_reenable [2012.06.20 20:41:23 | 000,009,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.20 20:41:23 | 000,009,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.20 20:29:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2734158981-619937663-1740015174-1000UA.job [2012.06.20 19:35:15 | 000,000,024 | ---- | M] () -- C:\Users\Powk\random.dat [2012.06.20 19:29:55 | 000,000,043 | ---- | M] () -- C:\Users\Powk\jagex_cl_runescape_LIVE.dat [2012.06.20 19:28:12 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.20 19:28:12 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.20 19:28:12 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.20 19:28:12 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.20 19:28:12 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.20 19:23:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.20 19:23:49 | 3204,669,440 | -HS- | M] () -- C:\hiberfil.sys [2012.06.20 13:29:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2734158981-619937663-1740015174-1000Core.job [2012.06.18 18:53:49 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.06.18 18:53:49 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.06.18 16:25:27 | 000,001,292 | ---- | M] () -- C:\Users\Powk\Desktop\Mass Effect Deluxe Edition.lnk [2012.06.18 10:55:11 | 000,001,085 | ---- | M] () -- C:\Users\Powk\Desktop\Cheat Engine.lnk [2012.06.18 09:20:34 | 000,415,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.17 20:37:10 | 001,581,077 | ---- | M] () -- C:\Users\Powk\Desktop\mcpatcher-2.3.7_02.exe [2012.06.17 20:24:14 | 000,680,606 | ---- | M] () -- C:\Users\Powk\Desktop\TileMaster.rar [2012.06.17 17:18:15 | 000,001,250 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2012.06.17 15:27:28 | 000,001,736 | ---- | M] () -- C:\Users\Powk\Desktop\PeerBlock.lnk [2012.06.17 15:17:40 | 000,002,194 | ---- | M] () -- C:\Users\Powk\Desktop\Amnesia.lnk [2012.06.17 15:08:24 | 000,001,563 | ---- | M] () -- C:\Users\Powk\Desktop\dirt3.exe - Verknüpfung.lnk [2012.06.17 14:59:16 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll [2012.06.17 14:59:16 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll [2012.06.16 13:52:46 | 011,595,776 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Sandra.mdb [2012.06.16 07:17:38 | 000,006,554 | ---- | M] () -- C:\Windows\SysNative\cwlog.dtl [2012.06.16 07:17:35 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll [2012.06.16 07:17:35 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll [2012.06.16 07:17:35 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppcommdlg.dll [2012.06.16 07:17:35 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppwmi.dll [2012.06.16 07:17:34 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll [2012.06.16 07:17:25 | 000,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe [2012.06.16 07:17:25 | 000,349,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe [2012.06.16 07:17:25 | 000,107,946 | ---- | M] () -- C:\Windows\SysNative\slmgr.vbs [2012.06.16 07:17:25 | 000,002,048 | ---- | M] () -- C:\Windows\SysNative\winver.exe [2012.06.16 07:17:24 | 002,169,856 | -HS- | M] () -- C:\Windows\SysNative\hale.exe [2012.06.15 20:47:09 | 000,000,366 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Network Meter_Settings.ini [2012.06.14 14:05:20 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2012.06.14 13:51:04 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll [2012.06.14 13:38:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.06.14 13:38:21 | 000,001,183 | ---- | M] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2012.SP4a.lnk [2012.06.14 13:37:04 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2012.06.13 19:35:07 | 000,000,572 | ---- | M] () -- C:\Users\Powk\Desktop\Fraps.lnk [2012.06.12 20:18:45 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2012.06.10 23:23:08 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk [2012.06.10 23:04:26 | 000,001,103 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zotac FireStorm.lnk [2012.06.10 20:22:10 | 000,955,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012.06.10 20:22:10 | 000,839,112 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012.06.10 20:22:10 | 000,268,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.06.10 20:22:10 | 000,189,384 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.06.10 20:22:10 | 000,188,872 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.06.10 18:58:41 | 000,002,037 | ---- | M] () -- C:\Users\Powk\Desktop\JDownloader.lnk [2012.06.09 20:37:07 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.06.09 20:37:07 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.06.09 20:23:32 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.06.09 20:23:23 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.06.09 19:41:02 | 3999,925,254 | ---- | M] () -- C:\Users\Powk\Client1.7.0.586601.7z [2012.06.09 19:38:49 | 086,400,840 | ---- | M] (K2 Network, Inc.) -- C:\Users\Powk\APB_Reloaded_Installer.exe [2012.06.09 18:43:24 | 000,000,658 | ---- | M] () -- C:\Users\Powk\Desktop\ANNO 2070 - Verknüpfung.lnk [2012.06.09 18:04:15 | 000,278,561 | ---- | M] () -- C:\Users\Powk\Desktop\Minecraft.exe [2012.06.09 17:40:45 | 000,001,160 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2012.06.09 15:52:52 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo [2012.06.09 15:51:34 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.06.09 13:51:22 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.06.09 13:51:22 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.06.09 13:41:24 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2012.06.09 13:27:46 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.06.09 13:25:41 | 000,002,283 | ---- | M] () -- C:\Users\Powk\Desktop\Google Chrome.lnk [2012.06.08 23:54:32 | 267,104,679 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.06.08 22:34:20 | 000,259,344 | ---- | M] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodivd.sys [2012.06.08 22:34:20 | 000,044,304 | ---- | M] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodivdh.sys [2012.06.08 22:34:18 | 000,118,032 | ---- | M] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodisr.sys [2012.06.08 22:34:18 | 000,040,720 | ---- | M] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodisrh.sys [2012.06.08 21:37:59 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012.06.08 20:42:09 | 000,000,751 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.06.08 20:42:09 | 000,000,751 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.05.30 08:29:18 | 000,071,680 | ---- | M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll [2012.05.30 08:29:14 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll [2012.05.26 15:39:40 | 2147,483,643 | ---- | M] () -- C:\Program Files (x86)\Alokotum [5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.20 20:47:21 | 000,000,000 | ---- | C] () -- C:\Users\Powk\defogger_reenable [2012.06.18 18:53:51 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.18 16:25:27 | 000,001,292 | ---- | C] () -- C:\Users\Powk\Desktop\Mass Effect Deluxe Edition.lnk [2012.06.18 15:16:17 | 000,008,229 | ---- | C] () -- C:\Users\Powk\Desktop\Launcher.exe [2012.06.18 10:55:11 | 000,001,085 | ---- | C] () -- C:\Users\Powk\Desktop\Cheat Engine.lnk [2012.06.17 20:54:35 | 000,680,606 | ---- | C] () -- C:\Users\Powk\Desktop\TileMaster.rar [2012.06.17 20:53:06 | 001,581,077 | ---- | C] () -- C:\Users\Powk\Desktop\mcpatcher-2.3.7_02.exe [2012.06.17 17:18:15 | 000,001,250 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2012.06.17 15:27:28 | 000,001,736 | ---- | C] () -- C:\Users\Powk\Desktop\PeerBlock.lnk [2012.06.17 15:17:40 | 000,002,194 | ---- | C] () -- C:\Users\Powk\Desktop\Amnesia.lnk [2012.06.17 15:08:24 | 000,001,563 | ---- | C] () -- C:\Users\Powk\Desktop\dirt3.exe - Verknüpfung.lnk [2012.06.16 13:30:16 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.06.16 07:17:34 | 000,006,554 | ---- | C] () -- C:\Windows\SysNative\cwlog.dtl [2012.06.16 07:17:24 | 002,169,856 | -HS- | C] () -- C:\Windows\SysNative\hale.exe [2012.06.16 06:00:49 | 000,000,043 | ---- | C] () -- C:\Users\Powk\jagex_cl_runescape_LIVE.dat [2012.06.16 06:00:49 | 000,000,024 | ---- | C] () -- C:\Users\Powk\random.dat [2012.06.15 20:41:51 | 000,000,366 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Network Meter_Settings.ini [2012.06.15 20:22:21 | 2147,483,643 | ---- | C] () -- C:\Program Files (x86)\Alokotum [2012.06.15 20:21:14 | 1073,741,823 | ---- | C] () -- C:\Program Files (x86)\Afterback [2012.06.15 20:21:12 | 104,857,600 | ---- | C] () -- C:\Program Files (x86)\Arem [2012.06.14 19:31:09 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din [2012.06.14 13:45:09 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din [2012.06.14 13:40:46 | 011,595,776 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Sandra.mdb [2012.06.14 13:38:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.06.14 13:38:21 | 000,001,183 | ---- | C] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2012.SP4a.lnk [2012.06.13 19:35:07 | 000,000,572 | ---- | C] () -- C:\Users\Powk\Desktop\Fraps.lnk [2012.06.12 20:18:45 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2012.06.11 17:04:01 | 000,026,624 | ---- | C] () -- C:\Windows\SysNative\drivers\GameKB.sys [2012.06.10 23:23:08 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk [2012.06.10 18:58:41 | 000,002,037 | ---- | C] () -- C:\Users\Powk\Desktop\JDownloader.lnk [2012.06.10 18:58:40 | 000,002,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012.06.10 18:58:40 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2012.06.10 18:58:40 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012.06.09 20:37:07 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.06.09 20:23:25 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.06.09 20:23:25 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.06.09 20:23:23 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.06.09 18:43:24 | 000,000,658 | ---- | C] () -- C:\Users\Powk\Desktop\ANNO 2070 - Verknüpfung.lnk [2012.06.09 18:04:10 | 000,278,561 | ---- | C] () -- C:\Users\Powk\Desktop\Minecraft.exe [2012.06.09 17:42:20 | 3999,925,254 | ---- | C] () -- C:\Users\Powk\Client1.7.0.586601.7z [2012.06.09 17:40:45 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2012.06.09 15:52:52 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo [2012.06.09 15:51:34 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.06.09 15:51:34 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.06.09 13:27:46 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.06.09 13:26:10 | 000,002,283 | ---- | C] () -- C:\Users\Powk\Desktop\Google Chrome.lnk [2012.06.09 13:24:34 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2734158981-619937663-1740015174-1000UA.job [2012.06.09 13:24:33 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2734158981-619937663-1740015174-1000Core.job [2012.06.09 13:20:55 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2012.06.09 13:16:25 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012.06.09 00:07:21 | 000,001,103 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zotac FireStorm.lnk [2012.06.08 23:54:32 | 267,104,679 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.06.08 21:56:14 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012.06.08 21:37:59 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2012.06.08 21:37:58 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2012.06.08 20:45:15 | 000,001,405 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.06.08 20:45:10 | 000,001,439 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.06.08 20:38:58 | 3204,669,440 | -HS- | C] () -- C:\hiberfil.sys < End of report > |
|
21.06.2012, 12:01
| #4 | |
| /// Malwareteam | cmd.exe öffnet bei anmeldung automatischZitat:
ckscan Downloade dir bitte CKScanner Wichtig: Speichere die Datei am Desktop.
__________________ Kein Asylrecht für Trojaner!  Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
21.06.2012, 12:15
| #5 |
| | cmd.exe öffnet bei anmeldung automatisch Na Bumm. Laut diesem Scan war das also schon vorher da. Muss ich jetzt alle "unlegalen" spiele von ihm deinstallieren und die temps jagen? Und ich hatte mich schon auf gratis Spiele gefreut  CKScanner - Additional Security Risks - These are not necessarily bad c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack.snt c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack01.ogg c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack02.ogg c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack03.ogg c:\program files (x86)\amnesia - the dark descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue.dds c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue.mat c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue01.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue01.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue02.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue02.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue03.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue03.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue04.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue04.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue_back.dds c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue_back.mat c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown.dds c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown.mat c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown01.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown01.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown02.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown02.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown03.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown03.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown04.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown04.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown_back.dds c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown_back.mat c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_nrm.dds c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_spec.dds c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh c:\program files (x86)\gamersfirst\apb reloaded\apbgame\content\release\packages\symboleditor\primitives_splatscracks.upk c:\program files (x86)\jdownloader\jd\plugins\hoster\crackedcom.class c:\users\powk\downloads\adrorium\sr-dirt3.crack.rar c:\users\powk\downloads\adrorium\oo.diskimage.professional.v6.8.1.x64\kg\keygen.exe c:\users\powk\downloads\adrorium\oo.diskimage.professional.v6.8.1.x64\kg\lz0-keygen.exe c:\users\powk\downloads\adrorium\oo.diskimage.professional.v6.8.1.x64\kg\zwt-keygen.exe c:\users\powk\downloads\adrorium\win 7 activator-sammlung 23\chew-wga v.1.1\chew7.exe scanner sequence 3.ZZ.11.VRCPJR ----- EOF ----- |
|
21.06.2012, 13:33
| #6 | |
| /// Malwareteam | cmd.exe öffnet bei anmeldung automatischZitat:
 Alleine der Besuch auf Seiten, welche diese Dateien zum Download anbieten, beinhaltet ein hohes Risiko sich zu infizieren. Wenn Du den Crack startest, startest du eine ausführbare Datei aus einer sehr dubiosen Quelle. Im Quellcode der Datei kann alles mögliche stehen. ( z.B downloaden und ausführen von Malwaredateien ) Dies ist einer der Hauptursachen für Infektionen. Ausserdem sind Cracks, Keygens, usw. illegal und das ist genauso Diebstahl wie in einem Laden. Darum haben wir uns darauf geeinigt: Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Deshalb beschränkt sich unsere Hilfe für dich auf eine Anleitung zur Neuinstallation und Absicherung des Systems
__________________ --> cmd.exe öffnet bei anmeldung automatisch |
|
21.06.2012, 13:56
| #7 |
| | cmd.exe öffnet bei anmeldung automatisch Ja aber ich war das ja garnicht  |
|
| Themen zu cmd.exe öffnet bei anmeldung automatisch |
| acrobat update, adobe, adobe flash player, auslastung, bho, black, browser, candy, cmd öffnet automatisch, dll, explorer, flash player, google, hijack, hijackthis, hohe cpu auslastung, internet, internet explorer, lsass.exe, microsoft, mozilla, nvidia, opencandy, plug-in, rundll, scan, security, senden, usb, usb 3.0, windows, wmp, öffnet |
Linear-Darstellung
