tr/crypt.xpack.gen7 auf wc3 tft cd

Paul89 · 08.11.2012, 17:19

Hallo
mein Avira Free Antivirus hat heute nachdem ich die Warcraft 3 The Frozen Throne cd eingelegt habe Alarm geschlagen. Es wurde folgender Trojaner gefunden: tr/crypt.xpack.gen7 bei der autoplay.exe. Jetzt hab ich mir schon einige Themen dazu durchgelesen hier sowie auf anderen boards. Meine frage lautet jetzt ist das nur ein Fehlalarm? Ich hab die cd neu über amazon gekauft falls das noch hilft.

MfG Paul

kira · 09.11.2012, 04:42

Hallo und Herzlich Willkommen!

► schaue nach ob, im Konfiguration/Expertenmodus ein Haken (bei "Aktion bei Fund -> Autostart-Funktion blockieren) drin ist?

gruß
kira

Paul89 · 09.11.2012, 07:50

Hallo
danke für die schnelle Antwort hab jetzt in der Systemsteuerung den autorun abgestellt bin mir aber nicht sicher ob du das damit gemeint hast. Beo Avira hab ich nichts unter Konfiguration gefunden. Ich hab jetzt auch Malwarebytes installiert und die cd gescannt.
das Log sieht wie folgt aus:

Malwarebytes Anti-Malware 1.65.1.1000
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.11.09.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cl3ncy :: CL3NCY-PC [Administrator]

09.11.2012 07:45:02
mbam-log-2012-11-09 (07-45-02).txt

Art des Suchlaufs: Benutzerdefinierter Suchlauf (F:\|)
Aktivierte Suchlaufeinstellungen: Dateisystem | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Heuristiks/Extra | P2P
Durchsuchte Objekte: 144
Laufzeit: 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

MfG Paul

kira · 09.11.2012, 21:55

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du durch [X] oder Sternchen (*) ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

► Hilfeleistung - geplante Vorgehensweise:

Problemsuche
Problembeseitigung/Systembereinigung
Verwendete Programme deinstallieren/entfernen
Thema abschließen: Tipps zur Computersicherheit

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Mache Häckchen bei LOP- und Purity-Prüfung
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

2.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:

Download den CCleaner herunter
Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

gruß
kira

Paul89 · 10.11.2012, 08:03

Danke für die Hilfe^^

Hier die Logs:

OTL:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 10.11.2012 07:41:32 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Cl3ncy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,58 Gb Available Physical Memory | 82,39% Memory free
15,97 Gb Paging File | 14,46 Gb Available in Paging File | 90,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 157,87 Gb Free Space | 80,87% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 827,39 Gb Free Space | 99,23% Space Free | Partition Type: NTFS
Drive E: | 833,85 Gb Total Space | 810,74 Gb Free Space | 97,23% Space Free | Partition Type: NTFS
 
Computer Name: ******* | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Cl3ncy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\EXPERTool\TBPANEL.exe (Gainward Co.)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ec057796972ce41b751eaa3a8306fbcb\System.ServiceModel.Discovery.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5055b60e339143bbace5871f5fe4b114\System.ServiceModel.Activities.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvcInt#\d4adb751b6243b8669237a5259e4a035\IAStorDataMgrSvcInterfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\7da8678130c6186e5635f0dab9de8bae\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\eaf38851778a2b0b790de0f2f41af37b\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
MOD - C:\Program Files (x86)\EXPERTool\TBManage.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (RTVLANPT) -- C:\Windows\SysNative\drivers\RtVlan620.sys (Realtek Corporation)
DRV:64bit: - (TEAM) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RTTEAMPT) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek                                            )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 13 4F 86 F1 E4 AD CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8A4C76EA-1A4C-4AD3-AB70-0B89CF7BFC52}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=3a4e08ab-0f19-4cd6-a004-817b29cf7bca&apn_sauid=A98F7A59-42A3-4ACB-B6D4-57CE99A17748
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKCU..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23C24213-2576-4DF4-B906-B375F1976DFB}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a8fedaf3-1940-11e2-baeb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a8fedaf3-1940-11e2-baeb-806e6f6e6963}\Shell\AutoRun\command - "" = F:\CDSETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.11.10 07:40:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cl3ncy\Desktop\OTL.exe
[2012.11.08 17:36:19 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Malwarebytes
[2012.11.08 17:36:10 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.08 17:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.08 17:36:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.08 17:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.06 15:12:53 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.11.06 15:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012.11.06 15:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012.11.01 08:30:40 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.10.23 07:41:56 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\TS3Client
[2012.10.20 09:09:42 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012.10.20 09:09:42 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012.10.20 09:09:40 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012.10.20 09:09:40 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012.10.20 09:09:40 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012.10.20 09:09:40 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012.10.20 09:09:40 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012.10.20 09:09:40 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012.10.20 09:09:40 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012.10.19 15:34:31 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\Google
[2012.10.19 15:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.10.19 13:57:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.10.19 13:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.10.19 13:38:54 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\LolClient
[2012.10.19 13:06:53 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.10.19 13:05:16 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.10.19 13:05:16 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.10.19 13:05:16 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.10.19 13:05:16 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.10.19 13:05:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.10.19 13:05:16 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.10.19 13:05:16 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.10.19 13:05:16 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.10.19 13:05:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.10.19 13:05:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.10.19 13:05:16 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.10.19 13:05:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.10.19 13:05:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.10.19 13:05:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.10.19 13:05:16 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.10.19 13:05:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.10.19 13:05:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.10.19 13:05:16 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.10.19 13:05:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.10.19 13:05:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.10.19 13:05:15 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.10.19 13:05:15 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.10.19 13:05:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.10.19 13:05:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.10.19 13:05:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.10.19 13:05:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.10.19 13:05:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.10.19 13:05:15 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.10.19 13:05:15 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.10.19 13:05:15 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.10.19 13:05:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.10.19 13:05:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.10.19 13:05:15 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.10.19 13:05:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.10.19 13:05:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.10.19 13:05:14 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.10.19 13:05:14 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.10.19 13:05:14 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.10.19 13:05:14 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.10.19 13:05:14 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.10.19 13:05:14 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.10.19 13:05:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.10.19 13:05:14 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.10.19 13:05:14 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.10.19 13:05:14 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.10.19 13:05:14 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.10.19 13:05:14 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.10.19 13:05:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.10.19 13:05:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.10.19 13:05:14 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.10.19 13:05:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.10.19 13:05:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.10.19 13:05:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.10.19 13:05:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.10.19 13:05:14 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.10.19 13:05:14 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.10.19 13:05:14 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.10.19 13:05:14 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.10.19 13:05:14 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.10.19 13:05:14 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.10.19 13:05:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.10.19 13:05:14 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.10.19 13:05:14 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.10.19 13:05:14 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.10.19 13:05:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.10.19 13:05:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.10.19 13:05:14 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.10.19 13:05:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.10.19 13:05:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.10.19 13:05:14 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.10.19 13:05:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.10.19 13:05:14 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.10.19 12:58:30 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.10.19 12:58:30 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.10.19 12:53:24 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.10.19 12:53:24 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.10.19 12:47:52 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.10.19 12:47:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.10.19 12:47:49 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.10.19 12:13:28 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\PMB Files
[2012.10.19 12:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.10.19 12:13:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012.10.19 12:09:14 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Macromedia
[2012.10.19 12:09:14 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Adobe
[2012.10.19 12:05:41 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.19 12:05:41 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.19 12:05:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.10.19 12:05:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.10.19 12:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.10.19 12:00:23 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Opera
[2012.10.19 12:00:23 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\Opera
[2012.10.19 12:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2012.10.19 12:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012.10.19 11:56:05 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Intel Corporation
[2012.10.19 11:55:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.10.19 11:55:30 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.10.19 11:55:30 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012.10.19 11:55:30 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2012.10.19 11:55:30 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2012.10.19 11:55:30 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.10.19 11:55:30 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012.10.19 11:55:30 | 000,220,776 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012.10.19 11:55:30 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.10.19 11:55:30 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.10.19 11:55:30 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.10.19 11:55:30 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2012.10.19 11:55:30 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012.10.19 11:55:30 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012.10.19 11:55:30 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.10.19 11:55:30 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2012.10.19 11:55:29 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012.10.19 11:55:29 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012.10.19 11:55:28 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.10.19 11:55:28 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012.10.19 11:55:28 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012.10.19 11:55:28 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012.10.19 11:55:28 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012.10.19 11:55:28 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.10.19 11:55:28 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.10.19 11:55:28 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.10.19 11:55:28 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.10.19 11:55:28 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.10.19 11:55:28 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012.10.19 11:55:28 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.10.19 11:55:28 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.10.19 11:55:28 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012.10.19 11:55:28 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.10.19 11:55:28 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.10.19 11:55:28 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.10.19 11:55:28 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012.10.19 11:55:27 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.10.19 11:55:27 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.10.19 11:55:27 | 001,345,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2012.10.19 11:55:27 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012.10.19 11:55:27 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012.10.19 11:55:27 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.10.19 11:55:27 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.10.19 11:55:27 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.10.19 11:55:26 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.10.19 11:55:25 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.10.19 11:55:25 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.10.19 11:55:25 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.10.19 11:55:25 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.10.19 11:55:25 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.10.19 11:55:25 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.10.19 11:55:25 | 000,537,456 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012.10.19 11:55:25 | 000,524,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012.10.19 11:55:25 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.10.19 11:55:25 | 000,449,392 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012.10.19 11:55:25 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.10.19 11:55:25 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.10.19 11:55:25 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.10.19 11:55:25 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.10.19 11:55:25 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.10.19 11:55:25 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012.10.19 11:55:25 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012.10.19 11:55:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.10.19 11:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.10.19 11:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.10.19 11:52:02 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64hda.dll
[2012.10.19 11:52:02 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012.10.19 11:52:02 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012.10.19 11:51:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.10.19 11:50:43 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2012.10.19 11:50:43 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2012.10.19 11:50:30 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.10.19 11:50:30 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.10.19 11:50:22 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.10.19 11:50:06 | 002,731,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.10.19 11:50:06 | 002,428,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.10.19 11:50:06 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2012.10.19 11:49:45 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.10.19 11:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LoiLoScope FREE trial
[2012.10.19 11:49:23 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012.10.19 11:49:23 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012.10.19 11:49:23 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012.10.19 11:49:23 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012.10.19 11:49:23 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012.10.19 11:49:23 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012.10.19 11:49:23 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012.10.19 11:49:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012.10.19 11:49:22 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012.10.19 11:49:22 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012.10.19 11:49:22 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012.10.19 11:49:22 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012.10.19 11:49:22 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012.10.19 11:49:22 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012.10.19 11:49:22 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012.10.19 11:49:22 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.10.19 11:49:22 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012.10.19 11:49:22 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012.10.19 11:49:22 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012.10.19 11:49:22 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012.10.19 11:49:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012.10.19 11:49:22 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012.10.19 11:49:22 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012.10.19 11:49:22 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012.10.19 11:49:22 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012.10.19 11:49:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012.10.19 11:49:21 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012.10.19 11:49:21 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012.10.19 11:49:21 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012.10.19 11:49:21 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012.10.19 11:49:21 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012.10.19 11:49:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012.10.19 11:49:21 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012.10.19 11:49:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012.10.19 11:49:21 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012.10.19 11:49:21 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012.10.19 11:49:20 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012.10.19 11:49:20 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012.10.19 11:49:20 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012.10.19 11:49:20 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012.10.19 11:49:20 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012.10.19 11:49:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012.10.19 11:49:20 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012.10.19 11:49:20 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012.10.19 11:49:20 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.10.19 11:49:20 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012.10.19 11:49:20 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012.10.19 11:49:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.10.19 11:49:20 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012.10.19 11:49:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012.10.19 11:49:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.10.19 11:49:20 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.10.19 11:49:20 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.10.19 11:49:20 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.10.19 11:49:20 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.10.19 11:49:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.10.19 11:49:19 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012.10.19 11:49:19 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012.10.19 11:49:19 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012.10.19 11:49:19 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012.10.19 11:49:19 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012.10.19 11:49:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012.10.19 11:49:19 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012.10.19 11:49:19 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012.10.19 11:49:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012.10.19 11:49:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012.10.19 11:49:19 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012.10.19 11:49:19 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012.10.19 11:49:19 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012.10.19 11:49:19 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012.10.19 11:49:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012.10.19 11:49:19 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012.10.19 11:49:19 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012.10.19 11:49:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012.10.19 11:49:18 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012.10.19 11:49:18 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012.10.19 11:49:18 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012.10.19 11:49:18 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012.10.19 11:49:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012.10.19 11:49:18 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012.10.19 11:49:18 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012.10.19 11:49:18 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012.10.19 11:49:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012.10.19 11:49:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012.10.19 11:49:18 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012.10.19 11:49:18 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012.10.19 11:49:18 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012.10.19 11:49:18 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012.10.19 11:49:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012.10.19 11:49:17 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012.10.19 11:49:17 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012.10.19 11:49:17 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012.10.19 11:49:17 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012.10.19 11:49:17 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012.10.19 11:49:17 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012.10.19 11:49:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012.10.19 11:49:17 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012.10.19 11:49:17 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012.10.19 11:49:17 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012.10.19 11:49:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012.10.19 11:49:17 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012.10.19 11:49:17 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012.10.19 11:49:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012.10.19 11:49:16 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012.10.19 11:49:16 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012.10.19 11:49:16 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012.10.19 11:49:16 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012.10.19 11:49:16 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012.10.19 11:49:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012.10.19 11:49:16 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012.10.19 11:49:16 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012.10.19 11:49:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012.10.19 11:49:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012.10.19 11:49:16 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012.10.19 11:49:16 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012.10.19 11:49:15 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012.10.19 11:49:15 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012.10.19 11:49:15 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012.10.19 11:49:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012.10.19 11:49:15 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012.10.19 11:49:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012.10.19 11:49:15 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012.10.19 11:49:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012.10.19 11:49:15 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012.10.19 11:49:15 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012.10.19 11:49:15 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012.10.19 11:49:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012.10.19 11:49:15 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012.10.19 11:49:15 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012.10.19 11:49:14 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012.10.19 11:49:14 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012.10.19 11:49:14 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012.10.19 11:49:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012.10.19 11:49:14 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012.10.19 11:49:14 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012.10.19 11:49:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012.10.19 11:49:14 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012.10.19 11:49:14 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012.10.19 11:49:14 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012.10.19 11:49:14 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012.10.19 11:49:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012.10.19 11:49:14 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012.10.19 11:49:14 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012.10.19 11:49:13 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012.10.19 11:49:13 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.10.19 11:49:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012.10.19 11:49:13 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.10.19 11:49:13 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012.10.19 11:49:13 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012.10.19 11:49:13 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012.10.19 11:49:13 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012.10.19 11:49:13 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012.10.19 11:49:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012.10.19 11:49:13 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012.10.19 11:49:13 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012.10.19 11:49:13 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012.10.19 11:49:13 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012.10.19 11:49:12 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012.10.19 11:49:12 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012.10.19 11:49:12 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012.10.19 11:49:12 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012.10.19 11:49:10 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012.10.19 11:49:10 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012.10.19 11:49:10 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012.10.19 11:49:10 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012.10.19 11:49:10 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012.10.19 11:49:10 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012.10.19 11:49:10 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012.10.19 11:49:10 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012.10.19 11:49:10 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012.10.19 11:49:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012.10.19 11:49:10 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012.10.19 11:49:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012.10.19 11:49:09 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012.10.19 11:49:09 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012.10.19 11:49:09 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012.10.19 11:49:09 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012.10.19 11:49:09 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012.10.19 11:49:09 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012.10.19 11:47:38 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.10.19 11:47:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012.10.19 11:47:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.10.19 11:47:38 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.10.19 11:47:38 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.10.19 11:47:37 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.10.19 11:47:37 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.10.19 11:47:37 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.10.19 11:47:37 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.10.19 11:47:37 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.10.19 11:47:36 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.10.19 11:47:32 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.10.19 11:47:32 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.10.19 11:47:31 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.10.19 11:47:31 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012.10.19 11:47:30 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.10.19 11:47:30 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.10.19 11:47:30 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.10.19 11:47:30 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.10.19 11:47:30 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.10.19 11:47:30 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.10.19 11:47:29 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.10.19 11:47:29 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.10.19 11:47:27 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.10.19 11:47:26 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012.10.19 11:47:26 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012.10.19 11:47:26 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012.10.19 11:47:26 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012.10.19 11:47:26 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012.10.19 11:47:26 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012.10.19 11:47:26 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012.10.19 11:47:26 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012.10.19 11:47:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012.10.19 11:47:25 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012.10.19 11:47:25 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012.10.19 11:47:25 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012.10.19 11:47:25 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012.10.19 11:47:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.10.19 11:47:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.10.19 11:47:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.10.19 11:47:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.10.19 11:47:21 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.10.19 11:47:21 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.10.19 11:47:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.10.19 11:47:19 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012.10.19 11:47:19 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012.10.19 11:47:12 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.19 11:47:12 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.19 11:47:12 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.19 11:47:10 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012.10.19 11:47:10 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.10.19 11:47:10 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012.10.19 11:47:09 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.10.19 11:47:09 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.10.19 11:47:09 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.10.19 11:47:05 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.19 11:47:05 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.19 11:47:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.19 11:47:05 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.19 11:47:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.19 11:47:05 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.19 11:47:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.19 11:47:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.19 11:47:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.19 11:47:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.19 11:47:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.19 11:47:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.19 11:47:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.19 11:47:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.19 11:47:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.19 11:47:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.19 11:47:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.19 11:47:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.19 11:47:01 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.10.19 11:47:00 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.10.19 11:46:59 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.10.19 11:46:59 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.10.19 11:46:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.10.19 11:46:55 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.10.19 11:46:55 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.10.19 11:46:55 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.10.19 11:46:55 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.10.19 11:46:55 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.10.19 11:46:54 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.10.19 11:46:54 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.10.19 11:46:52 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.10.19 11:46:52 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.10.19 11:46:52 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.10.19 11:46:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.10.19 11:46:52 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.10.19 11:46:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.10.19 11:46:49 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012.10.19 11:46:48 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.10.19 11:46:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.10.19 11:46:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.10.19 11:46:43 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.19 11:46:38 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.10.19 11:46:22 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012.10.19 11:46:21 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.10.19 11:46:21 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.10.19 11:46:21 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.10.19 11:46:21 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.10.19 11:46:18 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.10.19 11:46:16 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.10.19 11:46:16 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.10.19 11:46:16 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.10.19 11:46:16 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.10.19 11:46:16 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.10.19 11:46:16 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.10.19 11:46:16 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.10.19 11:46:11 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.10.19 11:46:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.10.19 11:46:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.10.19 11:46:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.10.19 11:46:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.10.19 11:46:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012.10.19 11:46:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012.10.19 11:46:09 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.10.19 11:45:54 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.10.19 11:45:53 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.10.19 11:45:50 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.10.19 11:45:48 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.10.19 11:45:48 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.10.19 11:45:48 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.10.19 11:45:48 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.10.19 11:45:44 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.10.19 11:45:44 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.10.19 11:45:42 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.10.19 11:45:40 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.10.19 11:45:40 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.10.19 11:45:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.10.19 11:45:33 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.19 11:45:32 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.19 11:45:18 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.10.19 11:45:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.10.19 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool
[2012.10.19 11:44:16 | 000,015,648 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\SysWow64\drivers\TBPanelx64.sys
[2012.10.19 11:44:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EXPERTool
[2012.10.19 11:43:24 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\ElevatedDiagnostics
[2012.10.19 11:42:11 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Avira
[2012.10.19 11:40:30 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\DoNotTrackPlus
[2012.10.19 11:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.19 11:36:23 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.10.19 11:36:23 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.10.19 11:36:12 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\AskToolbar
[2012.10.19 11:35:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.10.19 11:35:23 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.10.19 11:35:23 | 000,099,248 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.10.19 11:35:23 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.10.19 11:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.19 11:35:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.10.19 11:32:15 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.10.19 11:32:15 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.10.19 11:32:15 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.10.19 11:32:09 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.10.19 11:32:09 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.10.19 11:32:09 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.10.19 11:32:01 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.10.19 11:32:01 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.10.19 11:31:08 | 000,646,248 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012.10.19 11:31:08 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012.10.19 11:30:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012.10.19 11:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2012.10.19 11:30:18 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.10.19 11:28:58 | 000,058,472 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys
[2012.10.19 11:28:58 | 000,032,360 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan620.sys
[2012.10.19 11:28:58 | 000,027,136 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys
[2012.10.19 11:28:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
[2012.10.19 11:28:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.10.19 11:28:04 | 000,645,952 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2012.10.19 11:28:04 | 000,027,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2012.10.19 11:27:27 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.10.19 11:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.10.19 11:26:46 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012.10.19 11:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.10.19 11:26:46 | 000,000,000 | ---D | C] -- C:\Intel
[2012.10.19 11:26:45 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\InstallShield
[2012.10.19 11:25:36 | 000,000,000 | ---D | C] -- C:\Treiber
[2012.10.19 11:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.10.19 11:22:39 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.10.19 11:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.10.19 11:22:32 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.10.19 11:22:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.10.18 18:26:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.10.18 17:34:30 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.10.18 17:34:30 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Searches
[2012.10.18 17:34:30 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.10.18 17:34:19 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Identities
[2012.10.18 17:34:17 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Contacts
[2012.10.18 17:34:15 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\VirtualStore
[2012.10.18 17:34:06 | 000,000,000 | --SD | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Videos
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Saved Games
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Pictures
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Music
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Links
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Favorites
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Downloads
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Documents
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Desktop
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Vorlagen
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\AppData\Local\Verlauf
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\AppData\Local\Temporary Internet Files
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Startmenü
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\SendTo
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Recent
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Netzwerkumgebung
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Lokale Einstellungen
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Documents\Eigene Videos
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Documents\Eigene Musik
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Eigene Dateien
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Documents\Eigene Bilder
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Druckumgebung
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Cookies
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\AppData\Local\Anwendungsdaten
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Anwendungsdaten
[2012.10.18 17:34:06 | 000,000,000 | -H-D | C] -- C:\Users\Cl3ncy\AppData
[2012.10.18 17:34:06 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\Temp
[2012.10.18 17:34:06 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\Microsoft
[2012.10.18 17:34:06 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Media Center Programs
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.10.18 17:33:57 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.10.18 17:27:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.10.18 17:27:12 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.10 07:43:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.10 07:40:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cl3ncy\Desktop\OTL.exe
[2012.11.10 07:38:01 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.10 07:38:01 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.10 07:35:02 | 001,501,928 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.10 07:35:02 | 000,654,966 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.10 07:35:02 | 000,616,848 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.10 07:35:02 | 000,130,336 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.10 07:35:02 | 000,106,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.10 07:30:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.10 07:30:36 | 2134,495,231 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.30 13:39:51 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.10.19 15:34:25 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.19 15:34:25 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.19 13:52:02 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.19 13:05:16 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.10.19 13:05:16 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.10.19 13:05:16 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.10.19 13:05:16 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.10.19 13:05:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.10.19 13:05:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.10.19 13:05:16 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.10.19 13:05:16 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.10.19 13:05:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.10.19 13:05:16 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.10.19 13:05:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.10.19 13:05:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.10.19 13:05:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.10.19 13:05:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.10.19 13:05:16 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.19 13:05:16 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.10.19 13:05:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.10.19 13:05:16 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.10.19 13:05:16 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.10.19 13:05:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.10.19 13:05:15 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.10.19 13:05:15 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.10.19 13:05:15 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.10.19 13:05:15 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.10.19 13:05:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.10.19 13:05:15 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.10.19 13:05:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.10.19 13:05:15 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.10.19 13:05:15 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.10.19 13:05:15 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.10.19 13:05:15 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.10.19 13:05:15 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.10.19 13:05:15 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.10.19 13:05:15 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.10.19 13:05:15 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.10.19 13:05:15 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.10.19 13:05:14 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.10.19 13:05:14 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.10.19 13:05:14 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.10.19 13:05:14 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.10.19 13:05:14 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.10.19 13:05:14 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.10.19 13:05:14 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.10.19 13:05:14 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.10.19 13:05:14 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.10.19 13:05:14 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.10.19 13:05:14 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.10.19 13:05:14 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.10.19 13:05:14 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.10.19 13:05:14 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.10.19 13:05:14 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.10.19 13:05:14 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.10.19 13:05:14 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.10.19 13:05:14 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.10.19 13:05:14 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.10.19 13:05:14 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.10.19 13:05:14 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.10.19 13:05:14 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.10.19 13:05:14 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.10.19 13:05:14 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.10.19 13:05:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.10.19 13:05:14 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.10.19 13:05:14 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.10.19 13:05:14 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.10.19 13:05:14 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.10.19 13:05:14 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.10.19 13:05:14 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.19 13:05:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.10.19 13:05:14 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.10.19 13:05:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.10.19 13:05:14 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.10.19 13:05:14 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.10.19 13:05:14 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.10.19 13:05:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.10.19 12:00:05 | 001,472,002 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.18 17:30:36 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.10.18 17:30:36 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2012.10.19 13:23:12 | 003,536,817 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.10.19 13:05:16 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.19 13:05:14 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.19 12:05:42 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.19 12:00:21 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.10.19 12:00:05 | 001,472,002 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.19 11:55:28 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012.10.19 11:50:43 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.10.19 11:31:08 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012.10.19 11:27:08 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.10.18 17:34:36 | 000,001,405 | ---- | C] () -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.10.18 17:34:32 | 000,001,439 | ---- | C] () -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.10.18 17:30:27 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.10.18 17:30:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.10.18 17:27:12 | 2134,495,231 | -HS- | C] () -- C:\hiberfil.sys
[2011.01.07 11:16:58 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.10.19 13:38:54 | 000,000,000 | ---D | M] -- C:\Users\Cl3ncy\AppData\Roaming\LolClient
[2012.10.19 12:00:23 | 000,000,000 | ---D | M] -- C:\Users\Cl3ncy\AppData\Roaming\Opera
[2012.10.23 07:55:37 | 000,000,000 | ---D | M] -- C:\Users\Cl3ncy\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

Extras:

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 10.11.2012 07:41:32 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\*****\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,58 Gb Available Physical Memory | 82,39% Memory free
15,97 Gb Paging File | 14,46 Gb Available in Paging File | 90,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 157,87 Gb Free Space | 80,87% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 827,39 Gb Free Space | 99,23% Space Free | Partition Type: NTFS
Drive E: | 833,85 Gb Total Space | 810,74 Gb Free Space | 97,23% Space Free | Partition Type: NTFS
 
Computer Name: ******* | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C0320D7-DDFA-41E6-9E74-194EA1E63C8A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{240B88D9-5F17-41EF-A069-DC366828BAB0}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{30BE8DB9-6577-402C-BBD8-7F2724153386}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{5C04AFD0-8206-4A8E-B447-20F72E61EB00}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{61F2CD75-5918-4D8B-B724-1E8C4733B275}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{C7C45FBB-73C6-4118-8F64-163EF65FBBE6}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{EED5DE4E-33CF-4FB4-A3E7-8EC48625B49A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"TCP Query User{A37C9C66-09A2-4955-998B-E59A540545A1}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe | 
"UDP Query User{33015438-669E-4D4B-8045-021EFCB98924}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MySSID_is1" = EXPERTool 7.16
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.02.1578" = Opera 12.02
"Warcraft III" = Warcraft III
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05.11.2012 17:56:01 | Computer Name = ******* | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.11.2012 02:30:58 | Computer Name = ******** | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.11.2012 09:48:05 | Computer Name = ********| Source = WinMgmt | ID = 10
Description = 
 
Error - 07.11.2012 02:32:18 | Computer Name = ******** | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.11.2012 07:49:39 | Computer Name =******** | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.11.2012 10:24:29 | Computer Name = ******* | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.11.2012 11:21:47 | Computer Name = ******** | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.11.2012 02:28:31 | Computer Name = ******** | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.11.2012 14:13:12 | Computer Name = ******** | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.11.2012 02:32:30 | Computer Name = ******** | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 19.10.2012 08:50:29 | Computer Name = ******* | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 19.10.2012 08:50:32 | Computer Name = ******** | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 19.10.2012 08:50:32 | Computer Name = ******** | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Planer" wurde unerwartet beendet. Dies ist bereits
 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 19.10.2012 08:50:34 | Computer Name = ******* | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies
 ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 19.10.2012 08:50:37 | Computer Name = ********| Source = Service Control Manager | ID = 7034
Description = Dienst "Avira Planer" wurde unerwartet beendet. Dies ist bereits 3
 Mal passiert.
 
Error - 19.10.2012 08:50:37 | Computer Name = Cl3ncy-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist
 bereits 3 Mal passiert.
 
Error - 19.10.2012 08:50:37 | Computer Name = ******* | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Intel(R) Management and Security Application Local Management
 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende
 Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 19.10.2012 08:53:19 | Computer Name = ******** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler 
beendet:   %%16405
 
Error - 19.10.2012 08:55:43 | Computer Name = ******* | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Internet Explorer 8 unter
 Windows 7 für x64-basierte Systeme (KB2544521)
 
Error - 19.10.2012 08:55:43 | Computer Name = ********| Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für
 Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)
 
 
< End of report >

--- --- ---

Paul89 · 10.11.2012, 08:05

und install:

Code:

ATTFilter

Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	19.10.2012	6,00MB	11.4.402.287
Avira Free Antivirus	Avira	30.10.2012	122MB	13.0.0.2735
Avira SearchFree Toolbar plus Web Protection	Ask.com	19.10.2012	9,33MB	1.15.8.0
Avira SearchFree Toolbar plus Web Protection Updater	Ask.com	19.10.2012		1.4.1.29403
CCleaner	Piriform	24.10.2012		3.24
EXPERTool 7.16	Gainward Co., Ltd	19.10.2012	11,2MB	
Intel(R) Management Engine Components	Intel Corporation	19.10.2012		7.0.0.1144
Intel(R) Rapid Storage Technology	Intel Corporation	19.10.2012		11.5.4.1001
League of Legends	Riot Games	19.10.2012		1.3
Malwarebytes Anti-Malware Version 1.65.1.1000	Malwarebytes Corporation	08.11.2012	19,4MB	1.65.1.1000
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	19.10.2012	38,8MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	19.10.2012	2,93MB	4.0.30319
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	23.10.2012	788KB	9.0.30729
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	19.10.2012	11,1MB	10.0.40219
NVIDIA 3D Vision Treiber 306.97	NVIDIA Corporation	19.10.2012		306.97
NVIDIA Grafiktreiber 306.97	NVIDIA Corporation	19.10.2012		306.97
NVIDIA HD-Audiotreiber 1.1.13.1	NVIDIA Corporation	19.10.2012		1.1.13.1
NVIDIA PhysX-Systemsoftware 9.10.0514	NVIDIA Corporation	19.10.2012		9.10.0514
NVIDIA Update 1.10.8	NVIDIA Corporation	19.10.2012		1.10.8
Opera 12.02	Opera Software ASA	22.10.2012		12.02.1578
Pando Media Booster	Pando Networks Inc.	19.10.2012	5,46MB	2.6.0.8
Realtek Ethernet Controller Driver	Realtek	19.10.2012		7.49.927.2011
Realtek Ethernet Diagnostic Utility	Realtek	19.10.2012		1.006
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	19.10.2012		6.0.1.6662
Renesas Electronics USB 3.0 Host Controller Driver	Renesas Electronics Corporation	19.10.2012	1,00MB	2.0.30.0
TeamSpeak 3 Client	TeamSpeak Systems GmbH	23.10.2012		3.0.6
Warcraft III	Blizzard Entertainment	06.11.2012

Hoffe das ist soweit erst mal alles richtig.

MfG Paul

kira · 11.11.2012, 08:18

Systembereinigung und Prüfung:

► Wenn Du nun alle Schritte erledigt hast, melde dich mit die gewünschten Ergebnisse zurück!
Nur bei Probleme inzwischen melden!

1.
Deinstalliere unter Systemsteuerung-> Software/Programme:

Zitat:

Avira SearchFree Toolbar plus Web Protection Ask.com 19.10.2012 9,33MB 1.15.8.0
Avira SearchFree Toolbar plus Web Protection Updater Ask.com 19.10.2012 1.4.1.29403

Info
Hinweise zum Einsatz von Freeware-Version Avira AntiVir Personal:
Hier klicken zum Weiterlesen:
-> http://www.chip.de/news/AntiVir-Serv..._45444953.html
► Lieber ohne Webguard, als mit diese Adware ...

2.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript also - nach dem "Code", alles was in der Codebox steht - (also beginnend mit :OTL und am Ende [emptytemp]), alles was in der Codebox steht (ohne "code"!) :

Code:

ATTFilter

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O4 - HKLM..\Run: []  File not found

:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

3.
Tipps - Der Internet Explorer von Microsoft gehört zur Grundausstattung unter Windows, somit wie alle andere installierte Software muss gepflegt werden! Auch bei Nicht-Verwendung!:
-> Tipps zu Internet Explorer
-> Standard Suchmaschine des Explorers ändern
-> Ändern oder Auswählen eines Suchanbieters in Internet Explorer 7/8
-> Wie kann ich den Cache im Internet Explorer leeren?

4.
Alle Programme/Fenster schliessen
reinige dein System mit CCleaner:

"CCleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

5.
Vorbereitung

Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
Bitte während der Online-Scans deaktivieren:
Anti-Virus-Programm und Firewall.
Internet Explorer starten => im Menü unter Extras => Internetoption => Datenschutz => den Haken bei "Popupblocker einschalten" entfernen und
unter dem Reiter "Sicherheit" => die Sicherheitsstufe ggfs. auf "Mittelhoch" herabsetzen.
Nicht vergessen, sie hinterher wieder einzuschalten bzw. die Internetoptionen wie zuvor einzustellen..
Während der Online-Scans auf andere Online-Aktivitäten verzichten.
Du musst das Herunterladen und Installieren von ActiveX-Steuerelementen (Controls) zulassen.
.

Den PC NUR online scannen und NICHT ein zweites Antivirenprogramm installieren!!!

Eset Online Scanner (NOD32)
- Unterstützte Betriebssysteme: Microsoft Windows 7 - Vista - XP - 2000 - NT.
- Anmerkung für Vista und Windows 7-User: Bitte den Browser unbedingt als Administrator starten.
- Dein Anti-Virus-Programm während des Scans deaktivieren.
- Button "ESET Online Scanner" drücken.
- IE-User müssen das Installieren eines ActiveX Elements erlauben.
- Einen Haken bei "YES, I accept the Terms of Use." machen und auf den Button "Start" drücken.
- Einen Haken bei "Remove found threads" und "Scan archives" machen.
- Start drücken.
- Signaturen werden heruntergeladen.
- Der Scan beginnt automatisch.
- Wenn fertig, das Protokoll speichern und mir posten.
  -> List of found threats
  -> Export to text file
  -> Back
  -> Delete quarantäne files
- Finish drücken.
- Browser schließen.
- Deinstallation nachdem das Protokoll mir gepostet hast: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
- Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

6.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

ansonsten sieht gut aus...
► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

Paul89 · 12.11.2012, 07:41

erstes OTL log

Code:

ATTFilter

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Cl3ncy\Desktop\cmd.bat deleted successfully.
C:\Users\Cl3ncy\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Cl3ncy
->Temp folder emptied: 56884501 bytes
->Temporary Internet Files folder emptied: 1812258 bytes
->Opera cache emptied: 52411875 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 639 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 106,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 11122012_073456

Files\Folders moved on Reboot...
C:\Users\Cl3ncy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Ich kann ESET nicht durchführen weil er mir sagt das mein Windows Defender noch aktiv ist, was jedoch nicht der Fall ist, da ich ihn nicht abschalten konnte.
Meine Firewall und Avira waren deaktiviert.

kira · 13.11.2012, 04:13

Windows Defender:
Parallel zu ein AV-Programm nicht Empfehlenswert aktiv laufen lassen, weil dadurch können sich in die Quere kommen. Bitte dich ihn so zu deaktivieren: -> Aktivieren und Deaktivieren von Windows Defender
Windows Defender komplett deaktivieren

Start => Systemsteuerung => Klassische Ansicht => Windows Defender oder
Windows Defender starten (C:\Programme\Windows Defender\MSASCui.exe)

Extras => Optionen => Automatische Überprüfung => Haken bei "Computer automatisch überprüfen" entfernen.
Extras => Optionen => Echtzeitschutz => Haken bei "Echtzeitschutz aktivieren" entfernen.
Extras => Optionen => Administrator => Haken bei "Dieses Programm verwenden" entfernen.

Start => services.msc ins Suchfeld eingeben.
Es öffnet sich das Fenster der Dienste
Doppelklick auf den Dienst "Windows Defender"
Starttyp auf "Manuell" umstellen.
Dienststatus beenden, falls der Dienst noch gestartet ist.
► Nach einem Neustart (falls noch existirt) unter "Start-> ausführen-> "msconfig" (reinschreiben ohne ""-> OK -> Systemstart kontrolliere, ob mitläuft?! - ggf Häckhen rausnehmen
► Unter Dienste:
Start -> Ausführen -> "Services.msc" -> (reinschreiben ohne ""-> OK" - "Eigenschaften"-> "Stop" -> Starttyp "Deaktiviert" auswählen

Paul89 · 15.11.2012, 08:34

ja habs versucht aber nicht so geklappt wie angegeben.
Nach dem Scan kam ich immer nicht weiter deswegen hab ich jetzt einen Screenshot gemacht.

MfG Paul

kira · 16.11.2012, 08:00

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Paul89 · 16.11.2012, 10:14

OTL:
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 16.11.2012 10:06:54 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Cl3ncy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,49 Gb Available Physical Memory | 81,35% Memory free
15,97 Gb Paging File | 14,38 Gb Available in Paging File | 90,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 157,50 Gb Free Space | 80,68% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 827,49 Gb Free Space | 99,24% Space Free | Partition Type: NTFS
Drive E: | 833,85 Gb Total Space | 810,74 Gb Free Space | 97,23% Space Free | Partition Type: NTFS
 
Computer Name: CL3NCY-PC | User Name: Cl3ncy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.14 13:49:20 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.11.13 21:13:04 | 000,878,480 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012.11.10 07:40:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cl3ncy\Desktop\OTL.exe
PRC - [2012.10.30 13:39:50 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.10.30 13:39:43 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.10.10 20:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.08.16 12:37:56 | 000,277,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.08.16 12:37:50 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.08.08 16:39:32 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.08.08 16:39:26 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.23 09:58:44 | 002,259,568 | ---- | M] (Gainward Co.) -- C:\Program Files (x86)\EXPERTool\TBPANEL.exe
PRC - [2010.11.21 04:25:10 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.11.17 02:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.15 08:39:29 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll
MOD - [2012.11.15 08:39:26 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll
MOD - [2012.11.15 08:39:24 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
MOD - [2012.11.15 08:39:23 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
MOD - [2012.11.15 08:39:22 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
MOD - [2012.11.15 08:39:21 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
MOD - [2012.11.15 08:39:18 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012.10.19 15:34:25 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [1998.10.31 09:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\EXPERTool\TBManage.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.10.30 13:39:50 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.10.30 13:39:43 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.10.19 15:34:25 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.10 20:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.08.16 12:37:50 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.08.08 16:39:32 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.08.08 16:39:26 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.11.14 13:49:27 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.11.14 13:49:27 | 000,098,888 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.09.24 08:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.08.16 12:33:42 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.16 12:33:38 | 000,027,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.29 10:30:34 | 000,646,248 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.09.16 08:12:58 | 000,032,360 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011.06.15 14:11:20 | 000,058,472 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2011.06.15 14:11:20 | 000,058,472 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011.06.15 14:11:20 | 000,027,136 | ---- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.07 11:16:58 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 13 4F 86 F1 E4 AD CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{8A4C76EA-1A4C-4AD3-AB70-0B89CF7BFC52}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=3a4e08ab-0f19-4cd6-a004-817b29cf7bca&apn_sauid=A98F7A59-42A3-4ACB-B6D4-57CE99A17748
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKCU..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23C24213-2576-4DF4-B906-B375F1976DFB}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a8fedaf3-1940-11e2-baeb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a8fedaf3-1940-11e2-baeb-806e6f6e6963}\Shell\AutoRun\command - "" = F:\CDSETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.11.15 08:40:24 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.15 08:40:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.15 08:37:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.15 08:37:27 | 000,000,000 | -HSD | C] -- \Config.Msi
[2012.11.15 08:36:28 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.15 08:36:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.15 08:36:28 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.15 08:36:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.15 08:36:28 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.15 08:36:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.15 08:36:27 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.15 08:36:27 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.15 08:36:27 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.15 08:36:27 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.15 08:36:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.15 08:36:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.15 08:36:26 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.15 08:36:26 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.15 08:36:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.15 08:35:17 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.15 08:35:17 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.15 08:35:17 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.15 08:35:17 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.15 08:05:41 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.15 08:05:41 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.15 08:05:41 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.15 08:05:39 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.15 08:05:39 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.15 08:05:39 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.15 08:05:39 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.15 08:05:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.15 08:05:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.15 08:05:33 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.15 08:05:33 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.12 07:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.11.12 07:34:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.12 07:34:56 | 000,000,000 | ---D | C] -- \_OTL
[2012.11.10 07:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.11.10 07:40:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cl3ncy\Desktop\OTL.exe
[2012.11.08 17:36:10 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.08 17:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.08 17:36:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.08 17:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.06 15:12:53 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.11.06 15:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012.11.06 15:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012.11.01 08:30:40 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.10.20 09:09:42 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012.10.20 09:09:42 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012.10.20 09:09:40 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012.10.20 09:09:40 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012.10.20 09:09:40 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012.10.20 09:09:40 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012.10.20 09:09:40 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012.10.20 09:09:40 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012.10.20 09:09:40 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012.10.19 15:34:31 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\Google
[2012.10.19 15:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.10.19 13:57:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.10.19 13:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.10.19 13:06:53 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.10.19 13:05:16 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.10.19 13:05:16 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.10.19 13:05:16 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.10.19 13:05:16 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.10.19 13:05:16 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.10.19 13:05:16 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.10.19 13:05:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.10.19 13:05:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.10.19 13:05:16 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.10.19 13:05:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.10.19 13:05:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.10.19 13:05:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.10.19 13:05:16 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.10.19 13:05:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.10.19 13:05:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.10.19 13:05:16 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.10.19 13:05:15 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.10.19 13:05:15 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.10.19 13:05:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.10.19 13:05:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.10.19 13:05:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.10.19 13:05:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.10.19 13:05:15 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.10.19 13:05:15 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.10.19 13:05:15 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.10.19 13:05:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.10.19 13:05:15 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.10.19 13:05:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.10.19 13:05:15 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.10.19 13:05:14 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.10.19 13:05:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.10.19 13:05:14 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.10.19 13:05:14 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.10.19 13:05:14 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.10.19 13:05:14 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.10.19 13:05:14 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.10.19 13:05:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.10.19 13:05:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.10.19 13:05:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.10.19 13:05:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.10.19 13:05:14 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.10.19 13:05:14 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.10.19 13:05:14 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.10.19 13:05:14 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.10.19 13:05:14 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.10.19 13:05:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.10.19 13:05:14 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.10.19 13:05:14 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.10.19 13:05:14 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.10.19 13:05:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.10.19 13:05:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.10.19 13:05:14 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.10.19 13:05:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.10.19 13:05:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.10.19 13:05:14 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.10.19 13:05:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.10.19 13:05:14 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.10.19 12:58:30 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.10.19 12:58:30 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.10.19 12:53:24 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.10.19 12:53:24 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.10.19 12:47:52 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.10.19 12:47:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.10.19 12:47:49 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.10.19 12:13:28 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\PMB Files
[2012.10.19 12:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.10.19 12:13:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012.10.19 12:05:41 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.19 12:05:41 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.19 12:05:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.10.19 12:05:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.10.19 12:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.10.19 12:00:23 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\Opera
[2012.10.19 12:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2012.10.19 12:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012.10.19 11:55:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.10.19 11:55:30 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.10.19 11:55:30 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012.10.19 11:55:30 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2012.10.19 11:55:30 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2012.10.19 11:55:30 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.10.19 11:55:30 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012.10.19 11:55:30 | 000,220,776 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012.10.19 11:55:30 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.10.19 11:55:30 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.10.19 11:55:30 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.10.19 11:55:30 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2012.10.19 11:55:30 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012.10.19 11:55:30 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012.10.19 11:55:30 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.10.19 11:55:30 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2012.10.19 11:55:29 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012.10.19 11:55:29 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012.10.19 11:55:28 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.10.19 11:55:28 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012.10.19 11:55:28 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012.10.19 11:55:28 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012.10.19 11:55:28 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012.10.19 11:55:28 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.10.19 11:55:28 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.10.19 11:55:28 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.10.19 11:55:28 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.10.19 11:55:28 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.10.19 11:55:28 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012.10.19 11:55:28 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.10.19 11:55:28 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.10.19 11:55:28 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012.10.19 11:55:28 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.10.19 11:55:28 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.10.19 11:55:28 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.10.19 11:55:28 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012.10.19 11:55:27 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.10.19 11:55:27 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.10.19 11:55:27 | 001,345,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2012.10.19 11:55:27 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012.10.19 11:55:27 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012.10.19 11:55:27 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.10.19 11:55:27 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.10.19 11:55:27 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.10.19 11:55:26 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.10.19 11:55:25 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.10.19 11:55:25 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.10.19 11:55:25 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.10.19 11:55:25 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.10.19 11:55:25 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.10.19 11:55:25 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.10.19 11:55:25 | 000,537,456 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012.10.19 11:55:25 | 000,524,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012.10.19 11:55:25 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.10.19 11:55:25 | 000,449,392 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012.10.19 11:55:25 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.10.19 11:55:25 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.10.19 11:55:25 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.10.19 11:55:25 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.10.19 11:55:25 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.10.19 11:55:25 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012.10.19 11:55:25 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012.10.19 11:55:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.10.19 11:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.10.19 11:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.10.19 11:52:02 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64hda.dll
[2012.10.19 11:52:02 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012.10.19 11:52:02 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012.10.19 11:51:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.10.19 11:50:43 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2012.10.19 11:50:43 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2012.10.19 11:50:30 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.10.19 11:50:30 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.10.19 11:50:22 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.10.19 11:50:06 | 002,731,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.10.19 11:50:06 | 002,428,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.10.19 11:50:06 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2012.10.19 11:49:45 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.10.19 11:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LoiLoScope FREE trial
[2012.10.19 11:49:23 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012.10.19 11:49:23 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012.10.19 11:49:23 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012.10.19 11:49:23 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012.10.19 11:49:23 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012.10.19 11:49:23 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012.10.19 11:49:23 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012.10.19 11:49:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012.10.19 11:49:22 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012.10.19 11:49:22 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012.10.19 11:49:22 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012.10.19 11:49:22 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012.10.19 11:49:22 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012.10.19 11:49:22 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012.10.19 11:49:22 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012.10.19 11:49:22 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.10.19 11:49:22 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012.10.19 11:49:22 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012.10.19 11:49:22 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012.10.19 11:49:22 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012.10.19 11:49:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012.10.19 11:49:22 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012.10.19 11:49:22 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012.10.19 11:49:22 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012.10.19 11:49:22 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012.10.19 11:49:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012.10.19 11:49:21 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012.10.19 11:49:21 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012.10.19 11:49:21 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012.10.19 11:49:21 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012.10.19 11:49:21 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012.10.19 11:49:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012.10.19 11:49:21 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012.10.19 11:49:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012.10.19 11:49:21 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012.10.19 11:49:21 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012.10.19 11:49:20 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012.10.19 11:49:20 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012.10.19 11:49:20 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012.10.19 11:49:20 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012.10.19 11:49:20 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012.10.19 11:49:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012.10.19 11:49:20 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012.10.19 11:49:20 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012.10.19 11:49:20 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.10.19 11:49:20 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012.10.19 11:49:20 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012.10.19 11:49:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.10.19 11:49:20 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012.10.19 11:49:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012.10.19 11:49:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.10.19 11:49:20 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.10.19 11:49:20 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.10.19 11:49:20 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.10.19 11:49:20 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.10.19 11:49:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.10.19 11:49:19 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012.10.19 11:49:19 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012.10.19 11:49:19 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012.10.19 11:49:19 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012.10.19 11:49:19 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012.10.19 11:49:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012.10.19 11:49:19 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012.10.19 11:49:19 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012.10.19 11:49:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012.10.19 11:49:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012.10.19 11:49:19 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012.10.19 11:49:19 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012.10.19 11:49:19 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012.10.19 11:49:19 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012.10.19 11:49:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012.10.19 11:49:19 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012.10.19 11:49:19 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012.10.19 11:49:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012.10.19 11:49:18 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012.10.19 11:49:18 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012.10.19 11:49:18 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012.10.19 11:49:18 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012.10.19 11:49:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012.10.19 11:49:18 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012.10.19 11:49:18 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012.10.19 11:49:18 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012.10.19 11:49:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012.10.19 11:49:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012.10.19 11:49:18 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012.10.19 11:49:18 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012.10.19 11:49:18 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012.10.19 11:49:18 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012.10.19 11:49:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012.10.19 11:49:17 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012.10.19 11:49:17 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012.10.19 11:49:17 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012.10.19 11:49:17 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012.10.19 11:49:17 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012.10.19 11:49:17 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012.10.19 11:49:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012.10.19 11:49:17 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012.10.19 11:49:17 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012.10.19 11:49:17 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012.10.19 11:49:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012.10.19 11:49:17 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012.10.19 11:49:17 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012.10.19 11:49:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012.10.19 11:49:16 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012.10.19 11:49:16 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012.10.19 11:49:16 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012.10.19 11:49:16 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012.10.19 11:49:16 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012.10.19 11:49:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012.10.19 11:49:16 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012.10.19 11:49:16 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012.10.19 11:49:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012.10.19 11:49:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012.10.19 11:49:16 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012.10.19 11:49:16 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012.10.19 11:49:15 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012.10.19 11:49:15 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012.10.19 11:49:15 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012.10.19 11:49:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012.10.19 11:49:15 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012.10.19 11:49:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012.10.19 11:49:15 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012.10.19 11:49:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012.10.19 11:49:15 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012.10.19 11:49:15 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012.10.19 11:49:15 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012.10.19 11:49:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012.10.19 11:49:15 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012.10.19 11:49:15 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012.10.19 11:49:14 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012.10.19 11:49:14 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012.10.19 11:49:14 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012.10.19 11:49:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012.10.19 11:49:14 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012.10.19 11:49:14 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012.10.19 11:49:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012.10.19 11:49:14 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012.10.19 11:49:14 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012.10.19 11:49:14 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012.10.19 11:49:14 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012.10.19 11:49:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012.10.19 11:49:14 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012.10.19 11:49:14 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012.10.19 11:49:13 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012.10.19 11:49:13 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.10.19 11:49:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012.10.19 11:49:13 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.10.19 11:49:13 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012.10.19 11:49:13 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012.10.19 11:49:13 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012.10.19 11:49:13 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012.10.19 11:49:13 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012.10.19 11:49:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012.10.19 11:49:13 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012.10.19 11:49:13 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012.10.19 11:49:13 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012.10.19 11:49:13 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012.10.19 11:49:12 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012.10.19 11:49:12 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012.10.19 11:49:12 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012.10.19 11:49:12 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012.10.19 11:49:10 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012.10.19 11:49:10 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012.10.19 11:49:10 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012.10.19 11:49:10 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012.10.19 11:49:10 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012.10.19 11:49:10 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012.10.19 11:49:10 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012.10.19 11:49:10 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012.10.19 11:49:10 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012.10.19 11:49:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012.10.19 11:49:10 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012.10.19 11:49:10 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012.10.19 11:49:09 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012.10.19 11:49:09 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012.10.19 11:49:09 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012.10.19 11:49:09 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012.10.19 11:49:09 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012.10.19 11:49:09 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012.10.19 11:47:38 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.10.19 11:47:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012.10.19 11:47:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.10.19 11:47:38 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.10.19 11:47:38 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.10.19 11:47:37 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.10.19 11:47:37 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.10.19 11:47:37 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.10.19 11:47:37 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.10.19 11:47:37 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.10.19 11:47:36 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.10.19 11:47:32 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.10.19 11:47:32 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.10.19 11:47:31 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.10.19 11:47:31 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012.10.19 11:47:30 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.10.19 11:47:30 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.10.19 11:47:30 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.10.19 11:47:30 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.10.19 11:47:30 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.10.19 11:47:30 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.10.19 11:47:29 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.10.19 11:47:29 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.10.19 11:47:27 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.10.19 11:47:26 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012.10.19 11:47:26 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012.10.19 11:47:26 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012.10.19 11:47:26 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012.10.19 11:47:26 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012.10.19 11:47:26 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012.10.19 11:47:26 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012.10.19 11:47:26 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012.10.19 11:47:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012.10.19 11:47:25 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012.10.19 11:47:25 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012.10.19 11:47:25 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012.10.19 11:47:25 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012.10.19 11:47:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.10.19 11:47:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.10.19 11:47:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.10.19 11:47:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.10.19 11:47:21 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.10.19 11:47:21 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.10.19 11:47:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.10.19 11:47:19 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012.10.19 11:47:19 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012.10.19 11:47:12 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.19 11:47:12 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.19 11:47:12 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.19 11:47:10 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012.10.19 11:47:10 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.10.19 11:47:10 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012.10.19 11:47:09 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.10.19 11:47:09 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.10.19 11:47:09 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.10.19 11:47:05 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.19 11:47:05 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.19 11:47:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.19 11:47:05 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.19 11:47:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.19 11:47:05 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.19 11:47:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.19 11:47:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.19 11:47:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.19 11:47:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.19 11:47:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.19 11:47:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.19 11:47:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.19 11:47:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.19 11:47:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.19 11:47:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.19 11:47:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.19 11:47:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.19 11:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.19 11:47:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.19 11:47:01 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.10.19 11:47:00 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.10.19 11:46:59 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.10.19 11:46:59 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.10.19 11:46:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.10.19 11:46:55 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.10.19 11:46:55 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.10.19 11:46:55 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.10.19 11:46:55 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.10.19 11:46:55 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.10.19 11:46:54 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.10.19 11:46:54 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.10.19 11:46:52 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.10.19 11:46:52 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.10.19 11:46:52 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.10.19 11:46:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.10.19 11:46:52 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.10.19 11:46:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.10.19 11:46:49 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012.10.19 11:46:48 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.10.19 11:46:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.10.19 11:46:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.10.19 11:46:43 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.19 11:46:38 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.10.19 11:46:22 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012.10.19 11:46:21 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.10.19 11:46:21 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.10.19 11:46:21 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.10.19 11:46:21 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.10.19 11:46:18 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.10.19 11:46:16 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.10.19 11:46:16 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.10.19 11:46:16 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.10.19 11:46:16 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.10.19 11:46:16 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.10.19 11:46:16 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.10.19 11:46:16 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.10.19 11:46:11 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.10.19 11:46:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.10.19 11:46:10 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.10.19 11:46:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.10.19 11:46:10 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.10.19 11:46:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012.10.19 11:46:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012.10.19 11:46:09 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.10.19 11:45:54 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.10.19 11:45:53 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.10.19 11:45:50 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.10.19 11:45:48 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.10.19 11:45:48 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.10.19 11:45:48 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.10.19 11:45:48 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.10.19 11:45:44 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.10.19 11:45:44 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.10.19 11:45:42 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.10.19 11:45:40 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.10.19 11:45:40 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.10.19 11:45:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.10.19 11:45:33 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.19 11:45:32 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.19 11:45:18 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.10.19 11:45:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.10.19 11:44:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool
[2012.10.19 11:44:16 | 000,015,648 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\SysWow64\drivers\TBPanelx64.sys
[2012.10.19 11:44:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EXPERTool
[2012.10.19 11:43:24 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\ElevatedDiagnostics
[2012.10.19 11:40:30 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\DoNotTrackPlus
[2012.10.19 11:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.19 11:36:23 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.10.19 11:36:23 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.10.19 11:35:23 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.10.19 11:35:23 | 000,098,888 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.10.19 11:35:23 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.10.19 11:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.19 11:35:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.10.19 11:32:15 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.10.19 11:32:15 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.10.19 11:32:15 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.10.19 11:32:09 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.10.19 11:32:09 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.10.19 11:32:09 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.10.19 11:32:01 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.10.19 11:32:01 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.10.19 11:31:08 | 000,646,248 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012.10.19 11:31:08 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012.10.19 11:30:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012.10.19 11:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2012.10.19 11:30:18 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.10.19 11:28:58 | 000,058,472 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys
[2012.10.19 11:28:58 | 000,032,360 | ---- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtVlan620.sys
[2012.10.19 11:28:58 | 000,027,136 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\RtNdPt60.sys
[2012.10.19 11:28:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
[2012.10.19 11:28:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.10.19 11:28:04 | 000,645,952 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2012.10.19 11:28:04 | 000,027,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2012.10.19 11:27:27 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.10.19 11:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.10.19 11:26:46 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012.10.19 11:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.10.19 11:26:46 | 000,000,000 | ---D | C] -- C:\Intel
[2012.10.19 11:26:46 | 000,000,000 | ---D | C] -- \Intel
[2012.10.19 11:25:36 | 000,000,000 | ---D | C] -- C:\Treiber
[2012.10.19 11:25:36 | 000,000,000 | ---D | C] -- \Treiber
[2012.10.19 11:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.10.19 11:22:39 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.10.19 11:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.10.19 11:22:32 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.10.19 11:22:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.10.18 18:26:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.10.18 17:34:30 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.10.18 17:34:30 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Searches
[2012.10.18 17:34:30 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.10.18 17:34:17 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Contacts
[2012.10.18 17:34:15 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\VirtualStore
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Videos
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Saved Games
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Pictures
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Music
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Links
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Favorites
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Downloads
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Documents
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\Desktop
[2012.10.18 17:34:06 | 000,000,000 | R--D | C] -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Vorlagen
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\AppData\Local\Verlauf
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\AppData\Local\Temporary Internet Files
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Startmenü
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\SendTo
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Recent
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Netzwerkumgebung
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Lokale Einstellungen
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Documents\Eigene Videos
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Documents\Eigene Musik
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Eigene Dateien
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Documents\Eigene Bilder
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Druckumgebung
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Cookies
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\AppData\Local\Anwendungsdaten
[2012.10.18 17:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Cl3ncy\Anwendungsdaten
[2012.10.18 17:34:06 | 000,000,000 | -H-D | C] -- C:\Users\Cl3ncy\AppData
[2012.10.18 17:34:06 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\Temp
[2012.10.18 17:34:06 | 000,000,000 | ---D | C] -- C:\Users\Cl3ncy\AppData\Local\Microsoft
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- \Recovery
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- \Programme
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- \Dokumente und Einstellungen
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.10.18 17:33:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.10.18 17:33:57 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.10.18 17:27:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.10.18 17:27:12 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.10.18 17:27:12 | 000,000,000 | -HSD | C] -- \System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.16 09:43:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.16 07:47:24 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 07:47:24 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 07:44:25 | 001,501,928 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.16 07:44:25 | 000,654,966 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.16 07:44:25 | 000,616,848 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.16 07:44:25 | 000,130,336 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.16 07:44:25 | 000,106,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.16 07:39:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.16 07:39:51 | 2134,495,231 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.15 20:59:47 | 000,275,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.14 13:49:27 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.11.14 13:49:27 | 000,098,888 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.11.10 07:40:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cl3ncy\Desktop\OTL.exe
[2012.10.19 15:34:25 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.19 15:34:25 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.19 13:05:16 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.10.19 13:05:16 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.10.19 13:05:16 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.10.19 13:05:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.10.19 13:05:16 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.10.19 13:05:16 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.10.19 13:05:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.10.19 13:05:16 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.10.19 13:05:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.10.19 13:05:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.10.19 13:05:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.10.19 13:05:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.10.19 13:05:16 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.19 13:05:16 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.10.19 13:05:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.10.19 13:05:16 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.10.19 13:05:16 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.10.19 13:05:15 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.10.19 13:05:15 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.10.19 13:05:15 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.10.19 13:05:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.10.19 13:05:15 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.10.19 13:05:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.10.19 13:05:15 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.10.19 13:05:15 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.10.19 13:05:15 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.10.19 13:05:15 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.10.19 13:05:15 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.10.19 13:05:15 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.10.19 13:05:15 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.10.19 13:05:14 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.10.19 13:05:14 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.10.19 13:05:14 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.10.19 13:05:14 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.10.19 13:05:14 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.10.19 13:05:14 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.10.19 13:05:14 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.10.19 13:05:14 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.10.19 13:05:14 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.10.19 13:05:14 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.10.19 13:05:14 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.10.19 13:05:14 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.10.19 13:05:14 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.10.19 13:05:14 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.10.19 13:05:14 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.10.19 13:05:14 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.10.19 13:05:14 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.10.19 13:05:14 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.10.19 13:05:14 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.10.19 13:05:14 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.10.19 13:05:14 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.10.19 13:05:14 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.19 13:05:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.10.19 13:05:14 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.10.19 13:05:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.10.19 13:05:14 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.10.19 13:05:14 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.10.19 13:05:14 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.10.19 13:05:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.10.19 12:00:05 | 001,472,002 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.18 17:30:36 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.10.18 17:30:36 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2012.11.15 08:40:26 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.15 08:35:17 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.10.19 13:23:12 | 003,536,817 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.10.19 13:05:16 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.10.19 13:05:14 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.10.19 12:05:42 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.19 12:00:21 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.10.19 12:00:05 | 001,472,002 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.19 11:55:28 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012.10.19 11:50:43 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.10.19 11:31:08 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012.10.19 11:27:08 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.10.18 17:34:36 | 000,001,405 | ---- | C] () -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.10.18 17:34:32 | 000,001,439 | ---- | C] () -- C:\Users\Cl3ncy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.10.18 17:30:27 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.10.18 17:30:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.10.18 17:27:12 | 2134,495,231 | -HS- | C] () -- C:\hiberfil.sys
[2012.10.18 17:27:12 | 2134,495,231 | -HS- | C] () -- \hiberfil.sys
[2011.01.07 11:16:58 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 16.11.2012 10:06:54 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Cl3ncy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,49 Gb Available Physical Memory | 81,35% Memory free
15,97 Gb Paging File | 14,38 Gb Available in Paging File | 90,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 157,50 Gb Free Space | 80,68% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 827,49 Gb Free Space | 99,24% Space Free | Partition Type: NTFS
Drive E: | 833,85 Gb Total Space | 810,74 Gb Free Space | 97,23% Space Free | Partition Type: NTFS
 
Computer Name: CL3NCY-PC | User Name: Cl3ncy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C0320D7-DDFA-41E6-9E74-194EA1E63C8A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{240B88D9-5F17-41EF-A069-DC366828BAB0}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{30BE8DB9-6577-402C-BBD8-7F2724153386}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{5C04AFD0-8206-4A8E-B447-20F72E61EB00}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{61F2CD75-5918-4D8B-B724-1E8C4733B275}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{C7C45FBB-73C6-4118-8F64-163EF65FBBE6}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{EED5DE4E-33CF-4FB4-A3E7-8EC48625B49A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"TCP Query User{A37C9C66-09A2-4955-998B-E59A540545A1}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe | 
"UDP Query User{33015438-669E-4D4B-8045-021EFCB98924}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MySSID_is1" = EXPERTool 7.16
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.10.1652" = Opera 12.10
"Warcraft III" = Warcraft III
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.11.2012 02:32:17 | Computer Name = Cl3ncy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.11.2012 02:46:52 | Computer Name = Cl3ncy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.11.2012 02:51:30 | Computer Name = Cl3ncy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.11.2012 16:11:24 | Computer Name = Cl3ncy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.11.2012 02:45:49 | Computer Name = Cl3ncy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.11.2012 03:22:49 | Computer Name = Cl3ncy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.11.2012 03:00:25 | Computer Name = Cl3ncy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.11.2012 03:26:05 | Computer Name = Cl3ncy-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 15.11.2012 16:01:11 | Computer Name = Cl3ncy-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.11.2012 02:41:44 | Computer Name = Cl3ncy-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 19.10.2012 08:50:34 | Computer Name = Cl3ncy-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies
 ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 19.10.2012 08:50:37 | Computer Name = Cl3ncy-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Avira Planer" wurde unerwartet beendet. Dies ist bereits 3
 Mal passiert.
 
Error - 19.10.2012 08:50:37 | Computer Name = Cl3ncy-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist
 bereits 3 Mal passiert.
 
Error - 19.10.2012 08:50:37 | Computer Name = Cl3ncy-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Intel(R) Management and Security Application Local Management
 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende
 Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 19.10.2012 08:53:19 | Computer Name = Cl3ncy-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler 
beendet:   %%16405
 
Error - 19.10.2012 08:55:43 | Computer Name = Cl3ncy-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Internet Explorer 8 unter
 Windows 7 für x64-basierte Systeme (KB2544521)
 
Error - 19.10.2012 08:55:43 | Computer Name = Cl3ncy-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für
 Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)
 
Error - 10.11.2012 10:33:29 | Computer Name = Cl3ncy-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1073473535.
 
Error - 10.11.2012 10:33:29 | Computer Name = Cl3ncy-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 15.11.2012 03:40:22 | Computer Name = Cl3ncy-PC | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >

--- --- ---

und bis jetzt sind keine Probleme aufgetreten.

MfG Paul

kira · 17.11.2012, 03:45

1.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript also - nach dem "Code", alles was in der Codebox steht - (also beginnend mit :OTL und am Ende [emptytemp]), alles was in der Codebox steht (ohne "code"!) :

Code:

ATTFilter

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{8A4C76EA-1A4C-4AD3-AB70-0B89CF7BFC52}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=3a4e08ab-0f19-4cd6-a004-817b29cf7bca&apn_sauid=A98F7A59-42A3-4ACB-B6D4-57CE99A17748
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

2.
[u]Deaktiviere alle nicht Erweiterungen (Toolbars/Addons/Plungins), bis auf Java und Microsoft .NET Framework Assistant):
Im Internet Explorer alle Erweiterungen deaktivieren (nachdem Onlinscan kannst wieder aktivieren):
-> http://windows.microsoft.com/de-AT/w...sked-questions
-> http://iefaq.info/index.php?action=a...=59&artlang=de
-> http://support.microsoft.com/kb/936213/de

3.
Punkt 5. nochmal versuchen:-> http://www.trojaner-board.de/126707-...tml#post954235

Paul89 · 18.11.2012, 10:18

Code:

ATTFilter

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A4C76EA-1A4C-4AD3-AB70-0B89CF7BFC52}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A4C76EA-1A4C-4AD3-AB70-0B89CF7BFC52}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Cl3ncy\Desktop\cmd.bat deleted successfully.
C:\Users\Cl3ncy\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Cl3ncy
->Temp folder emptied: 67425 bytes
->Temporary Internet Files folder emptied: 17494723 bytes
->Opera cache emptied: 40388857 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40465197 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 94,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 11182012_101550

Files\Folders moved on Reboot...
C:\Users\Cl3ncy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

MfG Paul

kira · 20.11.2012, 04:17

** Lass dein System in der nächste Zeit noch unter Beobachtung!
wenn alles gut verlaufen ist und dein System läuft stabil,mache folgendes:

1.
Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf:

Code:

ATTFilter

CCleaner

- Zeitweise laufen lassen:-> Anleitung

2.
Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
Speichere es auf Deinem Desktop.
Doppelklick auf OTL.exe um das Programm auszuführen.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Klicke auf den Button "Bereinigung"
OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

3.
Windows legt beispielsweise regelmäßig Schattenkopien an (mindestens einmal täglich), die im Notfall zur Wiederherstellung des Systems und zum Zugriff auf ältere Dateiversionen dienen. Diese Funktion belegt sehr viel Speicherplatz. Standardmäßig beträgt der für Schattenkopien reservierte Speicherplatz 15 % der Volumegröße, so dass die Systemleistung auch beeinträchtigt wird. Außerdem gelöschte und ev. schädliche Objekte, die in der Systemwiederherstellung sitzen, müssen auch entfernt werden:
Also mach bitte folgendes:

*Systemwiederherstellung deaktivieren: Windows 7 und Vista*
PC runterfahren
wieder einschalten
Systemwiederherstellung aktivieren

also zuerst deaktivieren-> dann aktivieren - also am Ende soll wieder "aktiviert" sein!

4.
Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern (man sollte alle 3-4 Monate machen)
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

5.
► Schaue bitte nach, ob für Windows neue Update gibt?!:-> - Microsoft Update hält Ihren Computer auf dem neuesten Stand!
-> Installiere jedes Update das Dir angeboten wird, wiederhole den Vorgang so oft, bis nicht mehr gibt

Lesestoff Nr.1:
Gib Kriminellen Handlungen keine Chance!

Zitat:

Sichere regelmäßig deine Daten (Bilder Musik, Dokumente, Mails (als Textdatei), im Browser Lesezeichen usw) auf CD/DVD, USB-Sticks oder externe Festplatten! Am besten 2x an verschiedenen Orten sichern!

Wie erstelle ich ein eingeschränktes Benutzerkonto?
Software immer auf dem neuesten Stand halten!:
ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
Firefox - FirefoxWiki/Einstellungen - Erweiterungen für Firefox
Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird
- Unbekannten E-Mail-Anhang NICHT öffnen!
- Mails besonders mit Anhang, nicht anklicken, sondern als Text oder in Druckversion anzeigen lassen
Sichere Paswort - Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)
Die fünf häufigsten Passwort-Fehler

"Never accept software from strangers" - Installiere grundsätzlich immer nur Programme, die Du auch wirklich benötigst und von denen Du überzeugt bist, dass sie seriös sind.
Du hast die Wahl!, welche zusätzlichen Komponenten noch installiert werden sollen? -> Während der Installation immer mitlesen, Sponsoren und Partnerprogramme, Toolbars oder eventuell noch andere extra angebotene Programme möglichst abwählen!
so wird oft Art von Adware/Spyware mitinstalliert!

NICHT irgendwelche Programme aus dem Netz laden, wenn nicht zu 100% fest steht, dass es sich dabei um saubere Software handelt. Nette Versprechen der Hersteller garantieren noch lange keine einwandfreie Funktionsweise, also vorher blättere die Seiten bei GOOGLE, da kannst Du Dir wertvolle Informationen holen!!!

Programme und Treiber:
Nur vom Hersteller!

Onlinebanking:
Gib deine Passwörter niemals preis!
Seriöse Bankinstitute, E- Mail- Provider oder Online- Shops versenden grundsätzlich keine E- Mails, in denen Kunden aufgefordert werden, vertrauliche Daten wie Passwörter, Verfügernummer, PINs oder TANs preiszugeben. Bei dieser Art von E- Mails handelt es sich immer um Betrugsversuche, weshalb entsprechende Anfragen nicht beantwortet werden sollten. Sobald der Verdacht auf Betrug entsteht, melde deinen Verdacht der jeweiligen Bank- Hotline.

Computer, anderen (Gästen/Freunden) zur Nutzung überlassen überlassen - Nutze nur vertrauenswürdige Computer!
Vergewissere dich, dass nur Personen deines Vertrauens deinen Computer nutzen oder verwalten und wickel niemals Bankgeschäfte über nicht vertrauenswürdige Computer - beispielsweise aus einem Internetcafé während des Urlaubs - ab

Wichtige Daten Regelmäßig sichern! - aber denk daran: dein Hauptsystem ist doch kein Lagerhalle!

Vorsicht bei der Nutzung fremder Computer und anschliessbare Externe Speichermedien wie Festplatte, USB Sticks, Speicherkarten usw![/color] - auch zeitweise anschließen und scannen lassen (sehe unter `kostenlose Online-Viren-Scanner`)
Webseiten ohne Gültiges Impressum nicht besuchen
- Externe Geräte (Festplatte USB-Stick) nicht ständig am PC anschließen, sondern nur kurzfristig während Du etwas sichern möchtest
Lizenzkosten sparen? - Vorsicht bei Dateien/Programmen aus nicht vertrauenswürdigen Quellen! - "full Keygen, Crack, Serial, Warez, keygenerators" etc.
Sind immer verseucht mit diverse Malware/Schadprogramme/Code, es gibt keine seite wo Viren frei ist. (Man sollte nicht absitlich der Teufel holen) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörse.
► Ausserdem machst Du dich damit strafbar!
Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
Das Installieren von `zuviel` Software beeinträchtigt die Systemleistung und Sicherheit, verlangsamt den Start-Vorgang enorm und belastet den Arbeitsspeicher (weil laufen ja die Programme nebeneinander gleichzeitig, die viel Performance fressen, aber wenig Qualität bringen). Im Laufe der Zeit wird der rechner durch zu viel unnötigen Ballast immer langsamer, und unsicherer. Um so mehr Programme installiert sind, um so häufiger treten Probleme auf, die dann unter Umständen nur schwer lösen können. Dazu kommt noch, das einige Programme große Sicherheitsrisiken mit sich bringen
Virenscanner
BSI für Bürger
SETI@home - [Sicherheit] Sicherheitskonzept

** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !!

Zitat:

Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen - Die auf dem Speichermedium gesicherten Daten sollten auch mit einbezogen werden!
(benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner -

Lesestoff Nr.2:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:

Verlauf, Cache und Cookies: Spuren beseitigen nach dem Surfen
hier nachlesen und hier microsoft.com
Wenn dein System reibungslos läuft, kannst zeitweise die alte Wiederherstellungspunkte entfernen: -> Alle Systemwiederherstellungspunkte bis auf den Letzten löschen
Oft den PC zu optimieren nütz wenig, der braucht jetzt eine Radikalkur (nach ca. 3-4 jahren, aber hängt von der Häufigkeit der Nutzung bzw Belastung ab): Anleitung: Neuaufsetzen des Systems + Absicherung
Staub, Fingerabdrücke, Handschweiß – PC und Peripherie sehen mit der Zeit ganz schön eklig aus, ausserdem laut, reagiert langsam und wird schnell heiß:
-> Frühjahrsputz für den PC: Tipps zur Reinigung und Entrümpelung

wünsch Dir alles Gute

Wenn Du uns unterstützen möchtest→ Spendekonto

gruß
kira

09.11.2012, 04:42	#2
kira /// Helfer-Team	tr/crypt.xpack.gen7 auf wc3 tft cd Hallo und Herzlich Willkommen! ► schaue nach ob, im Konfiguration/Expertenmodus ein Haken (bei "Aktion bei Fund -> Autostart-Funktion blockieren) drin ist? gruß kira __________________ __________________

tr/crypt.xpack.gen7 auf wc3 tft cd

Log-Analyse und Auswertung: tr/crypt.xpack.gen7 auf wc3 tft cd