| |
| |||||||
Log-Analyse und Auswertung: GVU Win7 64 BitWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.05.2013, 12:23
| #1 |
| |  GVU Win7 64 Bit Hallo Leute, Ich habe mir leider, wie auch immer, auch den GVU Trojaner eingefangen. System - Win7 64Bit Mein Avast hat kurz Alarm geschlagen, dann war es aber leider schon zu spät.
Habe schon gelesen das ihr immer einen OTL log haben wollte: Code:
ATTFilter OTL logfile created on: 13.05.2013 13:04:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrick\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,90 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 80,97% Memory free 15,81 Gb Paging File | 14,32 Gb Available in Paging File | 90,59% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 238,47 Gb Total Space | 142,66 Gb Free Space | 59,83% Space Free | Partition Type: NTFS Drive E: | 14,44 Gb Total Space | 4,66 Gb Free Space | 32,25% Space Free | Partition Type: NTFS Computer Name: PATRICK-PC | User Name: Patrick | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.13 13:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2012.03.25 23:44:18 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.04.15 23:31:49 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.11.19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012.10.01 20:34:38 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2012.10.01 20:34:38 | 000,178,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV - [2012.06.11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate) SRV - [2012.06.11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc) SRV - [2012.03.29 07:57:36 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV - [2012.03.29 07:57:24 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2012.03.29 07:57:14 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2012.03.29 07:57:10 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2012.03.19 13:14:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.01.21 08:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.01.21 08:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.01.21 08:35:08 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012.01.17 16:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV - [2012.01.10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2012.01.09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV - [2011.05.20 16:03:06 | 000,038,926 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\FH-Aachen OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) SRV - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.27 03:29:42 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP3\RpcAgentSrv.exe -- (SandraAgentSrv) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2013.01.09 16:49:20 | 000,211,280 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2012.12.04 17:51:12 | 000,791,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.12.04 17:51:12 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.12.04 17:51:10 | 000,358,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.11.19 12:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012.11.19 12:10:36 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF) DRV:64bit: - [2012.03.26 00:26:40 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.03.25 22:51:16 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.03.20 01:45:54 | 000,032,896 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd) DRV:64bit: - [2012.03.19 13:02:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2012.03.12 14:06:46 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64) DRV:64bit: - [2012.03.09 20:41:16 | 000,685,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2012.02.01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2011.12.06 05:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011.11.10 17:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2011.05.20 16:03:06 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP3\WNt500x64\sandra.sys -- (SANDRA) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E 80 0F 65 1A 3A CE 01 [binary data] IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.04.15 23:20:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 22:58:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.21 22:21:11 | 000,000,000 | ---D | M] [2013.04.15 22:58:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions [2013.04.15 22:58:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.10.01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000..\Run: [Akamai NetSession Interface] C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000..\Run: [AmazonMP3DownloaderHelper] C:\Users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34DCF1F2-A47D-41AC-ADA3-4721043A00D9}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42231763-BD2C-488B-BA32-59446A99D185}: DhcpNameServer = 192.168.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{558C1633-B83A-4FDB-AEFF-BFDFAC0D9237}: DhcpNameServer = 149.201.10.30 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3231A1F-4CE3-4007-942C-CFB82ABC96DA}: DhcpNameServer = 192.168.10.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (C:\Users\Patrick\AppData\Roaming\skype.dat) - C:\Users\Patrick\AppData\Roaming\skype.dat (Sftware ) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O31 - SafeBoot: UseAlternatShell - 1 O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.04.12 11:19:49 | 000,000,122 | ---- | M] () - E:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.13 13:04:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe [2013.05.13 12:54:06 | 000,000,000 | ---D | C] -- C:\sata [2013.05.09 23:12:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Amazon [2013.05.09 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Amazon MP3 [2013.05.09 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon [2013.05.09 23:12:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Program Files [2013.05.03 09:07:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.04.30 15:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FH-Aachen OpenVPN [2013.04.30 15:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FH-Aachen OpenVPN [2013.04.25 11:23:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2013.04.21 22:38:04 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Adobe [2013.04.21 22:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013.04.21 22:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013.04.21 21:51:08 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Benutzerdefinierte Office-Vorlagen [2013.04.21 21:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Word Recovery [2013.04.21 21:29:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stellar Phoenix Word Recovery [2013.04.21 21:25:20 | 000,000,000 | ---D | C] -- C:\TokensBackup [2013.04.21 21:23:26 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\KMSpico.v2 [2013.04.21 21:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013.04.21 21:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word [2013.04.21 21:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Remo Repair Word 2.0 [2013.04.21 21:02:18 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\TeamViewer [2013.04.21 21:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2013.04.16 22:49:29 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\TS3Client [2013.04.16 22:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2013.04.16 22:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client [2013.04.16 12:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2013.04.16 12:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.04.16 12:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2013.04.16 12:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013.04.16 12:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2013.04.16 12:12:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2013.04.16 12:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2013.04.16 12:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2013.04.16 12:11:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2013.04.16 12:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2013.04.16 12:10:55 | 000,054,272 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.04.16 12:10:55 | 000,048,128 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.04.16 12:10:54 | 028,992,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll [2013.04.16 12:10:54 | 023,460,864 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll [2013.04.16 12:10:54 | 014,745,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdpmd64.sys [2013.04.16 12:10:54 | 014,745,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys [2013.04.16 12:10:54 | 009,605,632 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll [2013.04.16 12:10:54 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll [2013.04.16 12:10:54 | 008,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll [2013.04.16 12:10:54 | 007,795,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll [2013.04.16 12:10:54 | 006,120,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll [2013.04.16 12:10:54 | 003,749,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll [2013.04.16 12:10:54 | 002,967,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll [2013.04.16 12:10:54 | 002,866,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll [2013.04.16 12:10:54 | 002,321,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll [2013.04.16 12:10:54 | 000,591,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll [2013.04.16 12:10:54 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll [2013.04.16 12:10:54 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll [2013.04.16 12:10:54 | 000,518,144 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll [2013.04.16 12:10:54 | 000,509,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe [2013.04.16 12:10:54 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc [2013.04.16 12:10:54 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc [2013.04.16 12:10:54 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc [2013.04.16 12:10:54 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc [2013.04.16 12:10:54 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc [2013.04.16 12:10:54 | 000,439,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc [2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc [2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc [2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc [2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc [2013.04.16 12:10:54 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc [2013.04.16 12:10:54 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc [2013.04.16 12:10:54 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc [2013.04.16 12:10:54 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc [2013.04.16 12:10:54 | 000,434,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll [2013.04.16 12:10:54 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc [2013.04.16 12:10:54 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc [2013.04.16 12:10:54 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc [2013.04.16 12:10:54 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc [2013.04.16 12:10:54 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll [2013.04.16 12:10:54 | 000,386,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll [2013.04.16 12:10:54 | 000,325,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll [2013.04.16 12:10:54 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc [2013.04.16 12:10:54 | 000,276,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013.04.16 12:10:54 | 000,250,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe [2013.04.16 12:10:54 | 000,237,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll [2013.04.16 12:10:54 | 000,236,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll [2013.04.16 12:10:54 | 000,213,504 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll [2013.04.16 12:10:54 | 000,193,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll [2013.04.16 12:10:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll [2013.04.16 12:10:54 | 000,177,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll [2013.04.16 12:10:54 | 000,170,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe [2013.04.16 12:10:54 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll [2013.04.16 12:10:54 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl [2013.04.16 12:10:54 | 000,063,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll [2013.04.16 12:10:54 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll [2013.04.16 12:10:54 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll [2013.04.16 12:10:53 | 026,166,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2013.04.16 12:10:53 | 019,739,136 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2013.04.16 12:10:53 | 016,069,632 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2013.04.16 12:10:53 | 013,715,968 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2013.04.16 12:10:53 | 010,857,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2013.04.16 12:10:53 | 007,646,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2013.04.16 12:10:53 | 007,552,000 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2013.04.16 12:10:53 | 006,200,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2013.04.16 12:10:53 | 005,954,048 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2013.04.16 12:10:53 | 005,888,792 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe [2013.04.16 12:10:53 | 005,062,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2013.04.16 12:10:53 | 004,958,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2013.04.16 12:10:53 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll [2013.04.16 12:10:53 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll [2013.04.16 12:10:53 | 000,958,464 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2013.04.16 12:10:53 | 000,791,552 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2013.04.16 12:10:53 | 000,512,000 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2013.04.16 12:10:53 | 000,496,128 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2013.04.16 12:10:53 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2013.04.16 12:10:53 | 000,398,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe [2013.04.16 12:10:53 | 000,356,352 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2013.04.16 12:10:53 | 000,328,704 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2013.04.16 12:10:53 | 000,235,520 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2013.04.16 12:10:53 | 000,184,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe [2013.04.16 12:10:53 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll [2013.04.16 12:10:53 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2013.04.16 12:10:53 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2013.04.16 12:10:53 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll [2013.04.16 12:10:53 | 000,071,680 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll [2013.04.16 12:10:53 | 000,070,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll [2013.04.16 12:10:53 | 000,070,144 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll [2013.04.16 12:10:53 | 000,065,536 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\atisamu32.dll [2013.04.16 12:10:53 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2013.04.16 12:10:53 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2013.04.16 12:10:53 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2013.04.16 12:10:53 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2013.04.16 12:10:53 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2013.04.16 12:10:53 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2013.04.16 12:10:53 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2013.04.16 12:10:53 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2013.04.16 12:10:53 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2013.04.16 12:10:53 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2013.04.16 12:10:53 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2013.04.16 12:10:53 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2013.04.16 12:10:53 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2013.04.16 12:10:53 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2013.04.16 12:10:53 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2013.04.16 12:10:53 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2013.04.16 12:10:53 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2013.04.16 12:10:53 | 000,032,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\amdkmpfd.sys [2013.04.16 12:10:53 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2013.04.16 12:10:53 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2013.04.16 12:10:53 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2013.04.16 12:10:53 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2013.04.16 11:47:53 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Dropbox [2013.04.16 11:47:00 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2013.04.16 11:46:43 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Dropbox [2013.04.16 11:23:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Diagnostics [2013.04.16 10:40:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Intel Corporation [2013.04.16 10:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2013.04.16 10:37:15 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2013.04.16 10:37:05 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Dell [2013.04.16 10:34:14 | 000,652,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys [2013.04.16 10:34:14 | 000,028,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys [2013.04.16 10:22:04 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys [2013.04.16 10:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel [2013.04.16 10:17:40 | 000,331,264 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys [2013.04.16 10:17:40 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll [2013.04.16 00:22:43 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\WLANProfiles [2013.04.16 00:22:20 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Intel [2013.04.16 00:22:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Roaming [2013.04.16 00:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming [2013.04.16 00:21:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless [2013.04.16 00:21:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2013.04.16 00:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2013.04.16 00:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel.sav [2013.04.16 00:12:03 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\ATI [2013.04.16 00:12:03 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\ATI [2013.04.16 00:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2013.04.16 00:11:47 | 000,000,000 | ---D | C] -- C:\Users\Patrick\SystemRequirementsLab [2013.04.16 00:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013.04.16 00:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.04.16 00:11:14 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.04.16 00:11:14 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013.04.16 00:11:14 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.04.16 00:11:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.04.16 00:11:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.04.16 00:11:12 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.16 00:11:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013.04.15 23:58:23 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2013.04.15 23:58:23 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2013.04.15 23:58:23 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2013.04.15 23:58:23 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2013.04.15 23:58:23 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2013.04.15 23:58:23 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2013.04.15 23:58:23 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2013.04.15 23:58:23 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2013.04.15 23:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2013.04.15 23:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2013.04.15 23:57:01 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2013.04.15 23:57:01 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2013.04.15 23:57:01 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2013.04.15 23:57:01 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2013.04.15 23:57:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2013.04.15 23:57:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2013.04.15 23:57:01 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2013.04.15 23:57:01 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2013.04.15 23:57:00 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2013.04.15 23:57:00 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2013.04.15 23:57:00 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2013.04.15 23:57:00 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2013.04.15 23:57:00 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2013.04.15 23:57:00 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2013.04.15 23:57:00 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2013.04.15 23:57:00 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2013.04.15 23:57:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2013.04.15 23:57:00 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2013.04.15 23:57:00 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2013.04.15 23:57:00 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2013.04.15 23:57:00 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2013.04.15 23:57:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2013.04.15 23:56:59 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2013.04.15 23:56:59 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2013.04.15 23:56:59 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2013.04.15 23:56:59 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2013.04.15 23:56:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2013.04.15 23:56:59 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2013.04.15 23:56:59 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2013.04.15 23:56:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2013.04.15 23:56:58 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2013.04.15 23:56:58 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2013.04.15 23:56:58 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2013.04.15 23:56:58 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2013.04.15 23:56:58 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2013.04.15 23:56:58 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2013.04.15 23:56:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2013.04.15 23:56:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2013.04.15 23:56:57 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2013.04.15 23:56:57 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2013.04.15 23:56:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2013.04.15 23:56:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2013.04.15 23:56:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2013.04.15 23:56:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2013.04.15 23:56:56 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2013.04.15 23:56:56 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2013.04.15 23:56:56 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2013.04.15 23:56:56 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2013.04.15 23:56:56 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2013.04.15 23:56:56 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2013.04.15 23:56:56 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2013.04.15 23:56:56 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2013.04.15 23:56:56 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2013.04.15 23:56:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2013.04.15 23:56:56 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2013.04.15 23:56:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2013.04.15 23:56:55 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2013.04.15 23:56:55 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2013.04.15 23:56:55 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2013.04.15 23:56:55 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2013.04.15 23:56:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2013.04.15 23:56:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2013.04.15 23:56:55 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2013.04.15 23:56:55 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2013.04.15 23:56:54 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2013.04.15 23:56:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2013.04.15 23:56:54 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2013.04.15 23:56:54 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2013.04.15 23:56:54 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2013.04.15 23:56:54 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2013.04.15 23:56:54 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2013.04.15 23:56:54 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2013.04.15 23:56:54 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2013.04.15 23:56:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2013.04.15 23:56:53 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2013.04.15 23:56:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2013.04.15 23:56:53 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2013.04.15 23:56:53 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2013.04.15 23:56:53 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2013.04.15 23:56:53 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2013.04.15 23:56:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2013.04.15 23:56:53 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2013.04.15 23:56:53 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2013.04.15 23:56:53 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2013.04.15 23:56:52 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2013.04.15 23:56:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2013.04.15 23:56:52 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2013.04.15 23:56:52 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2013.04.15 23:56:51 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2013.04.15 23:56:51 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2013.04.15 23:56:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2013.04.15 23:56:51 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2013.04.15 23:56:51 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2013.04.15 23:56:51 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2013.04.15 23:56:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2013.04.15 23:56:51 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2013.04.15 23:56:50 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2013.04.15 23:56:50 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2013.04.15 23:56:50 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2013.04.15 23:56:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2013.04.15 23:56:50 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2013.04.15 23:56:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2013.04.15 23:56:50 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2013.04.15 23:56:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2013.04.15 23:56:49 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2013.04.15 23:56:49 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2013.04.15 23:56:49 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2013.04.15 23:56:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2013.04.15 23:56:48 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2013.04.15 23:56:48 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2013.04.15 23:56:48 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2013.04.15 23:56:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2013.04.15 23:56:48 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2013.04.15 23:56:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2013.04.15 23:56:19 | 000,000,000 | ---D | C] -- C:\AMD [2013.04.15 23:54:14 | 000,685,160 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2013.04.15 23:54:14 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2013.04.15 23:54:14 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll [2013.04.15 23:54:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2013.04.15 23:51:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2013.04.15 23:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware [2013.04.15 23:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware [2013.04.15 23:50:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Programs [2013.04.15 23:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2013.04.15 23:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013.04.15 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013.04.15 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2013.04.15 23:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft [2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2013.04.15 23:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2013.04.15 23:39:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.04.15 23:39:23 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft Help [2013.04.15 23:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.04.15 23:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.04.15 23:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.04.15 23:39:15 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013.04.15 23:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2013.04.15 23:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2013.04.15 23:36:46 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys [2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Macromedia [2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Macromedia [2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Adobe [2013.04.15 23:34:54 | 000,000,000 | ---D | C] -- C:\Vorformat [2013.04.15 23:33:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2013.04.15 23:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2013.04.15 23:33:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2013.04.15 23:33:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\InstallShield [2013.04.15 23:31:49 | 000,691,592 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.15 23:31:49 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.15 23:31:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2013.04.15 23:31:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013.04.15 23:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.04.15 23:28:56 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\PCDr [2013.04.15 23:28:54 | 000,000,000 | ---D | C] -- C:\temp [2013.04.15 23:24:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Deployment [2013.04.15 23:24:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Apps [2013.04.15 23:20:32 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.04.15 23:20:32 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.04.15 23:20:32 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.04.15 23:20:32 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.04.15 23:20:32 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.04.15 23:20:32 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.04.15 23:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.04.15 23:20:31 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.04.15 23:20:18 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.04.15 23:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.04.15 23:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013.04.15 22:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\Dell [2013.04.15 22:58:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Mozilla [2013.04.15 22:58:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Mozilla [2013.04.15 22:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.04.15 22:58:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.04.15 22:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\WinRAR [2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.04.15 22:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013.04.15 22:54:04 | 000,000,000 | ---D | C] -- C:\Intel [2013.04.15 22:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech [2013.04.15 22:53:47 | 000,211,280 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\drivers\ETD.sys [2013.04.15 22:53:29 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll [2013.04.15 22:53:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2013.04.15 22:53:26 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll [2013.04.15 22:53:26 | 000,791,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys [2013.04.15 22:53:26 | 000,358,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys [2013.04.15 22:53:26 | 000,020,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys [2013.04.15 22:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell [2013.04.15 22:52:08 | 000,000,000 | ---D | C] -- C:\Dell Driver [2013.04.15 22:51:30 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Akamai [2013.04.15 22:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2013.04.15 22:46:20 | 000,000,000 | -HSD | C] -- C:\Boot [2013.04.15 22:32:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013.04.15 22:32:18 | 000,000,000 | ---D | C] -- C:\Dell [2013.04.15 21:51:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Searches [2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.04.15 21:49:54 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Identities [2013.04.15 21:49:53 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Contacts [2013.04.15 21:49:51 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\VirtualStore [2013.04.15 21:49:49 | 000,000,000 | --SD | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Videos [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Saved Games [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Pictures [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Music [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Links [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Favorites [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Downloads [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Documents [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Desktop [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Vorlagen [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Verlauf [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Temporary Internet Files [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Startmenü [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\SendTo [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Recent [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Netzwerkumgebung [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Lokale Einstellungen [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Videos [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Musik [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Eigene Dateien [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Bilder [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Druckumgebung [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Cookies [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Anwendungsdaten [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Anwendungsdaten [2013.04.15 21:49:49 | 000,000,000 | -H-D | C] -- C:\Users\Patrick\AppData [2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Temp [2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft [2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Media Center Programs [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Recovery [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Programme [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.04.15 21:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013.04.15 21:46:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2009.07.14 01:12:11 | 000,130,560 | ---- | C] (Sftware ) -- C:\Users\Patrick\AppData\Roaming\skype.dat [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.13 13:06:07 | 001,614,582 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.13 13:06:07 | 000,697,170 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.13 13:06:07 | 000,652,488 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.13 13:06:07 | 000,147,964 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.13 13:06:07 | 000,120,918 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.13 13:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe [2013.05.13 13:01:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.13 13:01:48 | 2070,691,839 | -HS- | M] () -- C:\hiberfil.sys [2013.05.13 12:53:41 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.13 12:53:41 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.13 12:49:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.13 12:18:19 | 000,000,162 | -H-- | M] () -- C:\Users\Patrick\Desktop\~$inal-3.odt [2013.05.13 12:16:31 | 000,000,004 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\skype.ini [2013.05.07 16:27:19 | 005,423,019 | ---- | M] () -- C:\Users\Patrick\Desktop\lisa mitchell - neopolitan.mp3 [2013.05.07 16:24:01 | 005,373,282 | ---- | M] () -- C:\Users\Patrick\Desktop\natural born jane.mp3 [2013.05.07 16:21:25 | 005,756,968 | ---- | M] () -- C:\Users\Patrick\Desktop\Martin Solveig - The Night Our.mp3 [2013.05.07 16:20:45 | 005,032,227 | ---- | M] () -- C:\Users\Patrick\Desktop\theophilus London - Why Even Try.mp3 [2013.05.03 09:07:03 | 592,718,937 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.01 19:14:24 | 000,129,024 | ---- | M] () -- C:\Users\Patrick\Desktop\IMG_20130501_190258.JPG [2013.04.30 15:51:13 | 000,016,106 | ---- | M] () -- C:\Users\Patrick\Desktop\mcfit kram.odt [2013.04.30 15:26:29 | 000,001,201 | ---- | M] () -- C:\Users\Public\Desktop\FH-Aachen OpenVPN GUI.lnk [2013.04.30 15:04:43 | 000,000,345 | ---- | M] () -- C:\Users\Patrick\Desktop\0VBPqgZG8l3Y.128.mp3 [2013.04.28 15:53:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.04.28 11:02:13 | 004,016,640 | ---- | M] () -- C:\Users\Patrick\Desktop\KMSpico.v2.rar [2013.04.27 13:17:19 | 003,735,300 | ---- | M] () -- C:\Users\Patrick\Desktop\Laid Blak - Lava Timmokk.mp3 [2013.04.27 12:58:49 | 004,745,507 | ---- | M] () -- C:\Users\Patrick\Desktop\bosse- schönste zeit zwette edit.mp3 [2013.04.27 12:58:17 | 005,807,959 | ---- | M] () -- C:\Users\Patrick\Desktop\another love zwette remix.mp3 [2013.04.26 23:25:36 | 000,210,023 | ---- | M] () -- C:\Users\Patrick\Desktop\bild2.jpg [2013.04.26 19:01:06 | 000,279,378 | ---- | M] () -- C:\Users\Patrick\Desktop\473080_579327928758742_1090916865_o.jpg [2013.04.26 17:48:24 | 001,947,404 | ---- | M] () -- C:\Users\Patrick\Desktop\bild.jpg [2013.04.25 11:36:49 | 000,003,640 | ---- | M] () -- C:\Users\Patrick\Desktop\sven paddel.ods [2013.04.24 12:13:58 | 000,441,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.23 19:49:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.04.21 22:47:39 | 000,205,728 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-3.pdf [2013.04.21 22:46:46 | 000,444,316 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-3.odt [2013.04.21 22:37:29 | 000,206,545 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-2.pdf [2013.04.21 22:26:07 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2013.04.21 22:21:11 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.04.21 22:17:46 | 000,192,849 | ---- | M] () -- C:\Users\Patrick\Desktop\marc kniese.pdf [2013.04.21 21:13:34 | 000,001,117 | ---- | M] () -- C:\Users\Patrick\Desktop\Remo Repair Word.lnk [2013.04.21 21:01:31 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk [2013.04.16 12:12:54 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2013.04.16 11:47:53 | 000,001,003 | ---- | M] () -- C:\Users\Patrick\Desktop\Dropbox.lnk [2013.04.16 11:47:10 | 000,001,013 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.04.16 10:45:24 | 013,479,936 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Sandra.mdb [2013.04.16 10:41:19 | 000,001,108 | ---- | M] () -- C:\Users\Patrick\Desktop\Wow-64 - Verknüpfung.lnk [2013.04.16 10:35:52 | 001,639,602 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.04.16 00:22:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf [2013.04.16 00:11:10 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.16 00:11:09 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.04.16 00:11:09 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013.04.16 00:11:09 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.04.16 00:11:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.04.16 00:11:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.04.15 23:33:22 | 000,001,063 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk [2013.04.15 23:31:49 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.15 23:31:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.15 23:20:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.04.15 22:53:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2013.04.15 22:46:21 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2013.04.15 22:31:48 | 000,182,856 | ---- | M] () -- C:\Users\Patrick\Documents\Pricing_Nov2012_2web 1-1.pdf [2013.04.15 22:30:23 | 011,711,800 | ---- | M] () -- C:\Users\Patrick\Documents\Intel6150_WIMAX_FICI_DRVR_W7_64_A00_4MVDF_setup_ZPE.exe [2013.04.15 21:48:27 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013.04.15 21:48:27 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.13 12:18:19 | 000,000,162 | -H-- | C] () -- C:\Users\Patrick\Desktop\~$inal-3.odt [2013.05.13 11:13:19 | 000,000,004 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\skype.ini [2013.05.07 16:27:14 | 005,423,019 | ---- | C] () -- C:\Users\Patrick\Desktop\lisa mitchell - neopolitan.mp3 [2013.05.07 16:23:57 | 005,373,282 | ---- | C] () -- C:\Users\Patrick\Desktop\natural born jane.mp3 [2013.05.07 16:21:20 | 005,756,968 | ---- | C] () -- C:\Users\Patrick\Desktop\Martin Solveig - The Night Our.mp3 [2013.05.07 16:20:39 | 005,032,227 | ---- | C] () -- C:\Users\Patrick\Desktop\theophilus London - Why Even Try.mp3 [2013.05.03 09:07:03 | 592,718,937 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.05.01 19:14:23 | 000,129,024 | ---- | C] () -- C:\Users\Patrick\Desktop\IMG_20130501_190258.JPG [2013.04.30 15:51:10 | 000,016,106 | ---- | C] () -- C:\Users\Patrick\Desktop\mcfit kram.odt [2013.04.30 15:26:29 | 000,001,201 | ---- | C] () -- C:\Users\Public\Desktop\FH-Aachen OpenVPN GUI.lnk [2013.04.30 15:03:52 | 000,000,345 | ---- | C] () -- C:\Users\Patrick\Desktop\0VBPqgZG8l3Y.128.mp3 [2013.04.28 15:53:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.04.28 11:02:13 | 004,016,640 | ---- | C] () -- C:\Users\Patrick\Desktop\KMSpico.v2.rar [2013.04.27 13:17:11 | 003,735,300 | ---- | C] () -- C:\Users\Patrick\Desktop\Laid Blak - Lava Timmokk.mp3 [2013.04.27 12:58:38 | 004,745,507 | ---- | C] () -- C:\Users\Patrick\Desktop\bosse- schönste zeit zwette edit.mp3 [2013.04.27 12:57:52 | 005,807,959 | ---- | C] () -- C:\Users\Patrick\Desktop\another love zwette remix.mp3 [2013.04.26 23:25:36 | 000,210,023 | ---- | C] () -- C:\Users\Patrick\Desktop\bild2.jpg [2013.04.26 19:01:06 | 000,279,378 | ---- | C] () -- C:\Users\Patrick\Desktop\473080_579327928758742_1090916865_o.jpg [2013.04.26 17:48:23 | 001,947,404 | ---- | C] () -- C:\Users\Patrick\Desktop\bild.jpg [2013.04.26 17:46:15 | 004,922,282 | ---- | C] () -- C:\Users\Patrick\Desktop\Pixlromatic.air [2013.04.25 11:36:45 | 000,003,640 | ---- | C] () -- C:\Users\Patrick\Desktop\sven paddel.ods [2013.04.23 19:49:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.04.21 22:47:39 | 000,205,728 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-3.pdf [2013.04.21 22:46:45 | 000,444,316 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-3.odt [2013.04.21 22:37:28 | 000,206,545 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-2.pdf [2013.04.21 22:21:11 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.04.21 22:21:11 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.04.21 22:17:46 | 000,192,849 | ---- | C] () -- C:\Users\Patrick\Desktop\marc kniese.pdf [2013.04.21 21:13:34 | 000,001,117 | ---- | C] () -- C:\Users\Patrick\Desktop\Remo Repair Word.lnk [2013.04.21 21:01:31 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk [2013.04.21 21:01:31 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk [2013.04.16 22:49:16 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2013.04.16 12:12:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013.04.16 12:12:12 | 000,002,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Umschaltbare Grafik.lnk [2013.04.16 12:12:01 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2013.04.16 12:12:01 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat [2013.04.16 12:10:54 | 017,226,240 | ---- | C] () -- C:\Windows\SysNative\ig7icd64.dll [2013.04.16 12:10:54 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa [2013.04.16 12:10:54 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2013.04.16 12:10:54 | 000,755,188 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin [2013.04.16 12:10:54 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2013.04.16 12:10:54 | 000,561,508 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin [2013.04.16 12:10:54 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll [2013.04.16 12:10:54 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp [2013.04.16 12:10:54 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp [2013.04.16 12:10:54 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp [2013.04.16 12:10:54 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp [2013.04.16 12:10:54 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2013.04.16 12:10:54 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp [2013.04.16 12:10:54 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp [2013.04.16 12:10:54 | 000,018,660 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp [2013.04.16 12:10:54 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll [2013.04.16 12:10:54 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp [2013.04.16 12:10:53 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll [2013.04.16 12:10:53 | 002,427,392 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2013.04.16 12:10:53 | 002,425,664 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2013.04.16 12:10:53 | 000,601,728 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat [2013.04.16 12:10:53 | 000,235,144 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb [2013.04.16 12:10:53 | 000,235,144 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2013.04.16 12:10:53 | 000,221,877 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources [2013.04.16 12:10:53 | 000,208,522 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources [2013.04.16 12:10:53 | 000,192,378 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources [2013.04.16 12:10:53 | 000,164,821 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources [2013.04.16 12:10:53 | 000,162,150 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources [2013.04.16 12:10:53 | 000,157,713 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources [2013.04.16 12:10:53 | 000,148,461 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources [2013.04.16 12:10:53 | 000,147,116 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources [2013.04.16 12:10:53 | 000,146,125 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources [2013.04.16 12:10:53 | 000,146,008 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources [2013.04.16 12:10:53 | 000,144,790 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources [2013.04.16 12:10:53 | 000,144,267 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources [2013.04.16 12:10:53 | 000,143,564 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources [2013.04.16 12:10:53 | 000,143,112 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources [2013.04.16 12:10:53 | 000,142,797 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources [2013.04.16 12:10:53 | 000,142,606 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources [2013.04.16 12:10:53 | 000,142,079 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources [2013.04.16 12:10:53 | 000,141,854 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources [2013.04.16 12:10:53 | 000,141,421 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources [2013.04.16 12:10:53 | 000,141,297 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources [2013.04.16 12:10:53 | 000,140,949 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources [2013.04.16 12:10:53 | 000,140,548 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources [2013.04.16 12:10:53 | 000,139,901 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources [2013.04.16 12:10:53 | 000,136,850 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources [2013.04.16 12:10:53 | 000,136,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources [2013.04.16 12:10:53 | 000,136,261 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources [2013.04.16 12:10:53 | 000,131,674 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources [2013.04.16 12:10:53 | 000,125,306 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources [2013.04.16 12:10:53 | 000,123,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources [2013.04.16 12:10:53 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll [2013.04.16 12:10:53 | 000,037,533 | ---- | C] () -- C:\Windows\atiogl.xml [2013.04.16 12:10:53 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config [2013.04.16 11:47:53 | 000,001,003 | ---- | C] () -- C:\Users\Patrick\Desktop\Dropbox.lnk [2013.04.16 11:47:10 | 000,001,013 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.04.16 10:41:19 | 000,001,108 | ---- | C] () -- C:\Users\Patrick\Desktop\Wow-64 - Verknüpfung.lnk [2013.04.16 00:22:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf [2013.04.16 00:00:59 | 001,639,602 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.04.16 00:00:02 | 013,479,936 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Sandra.mdb [2013.04.15 23:37:41 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll [2013.04.15 23:33:23 | 000,001,063 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk [2013.04.15 23:31:49 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.15 23:20:32 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.04.15 23:20:32 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.04.15 23:20:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2013.04.15 22:58:17 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.04.15 22:53:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2013.04.15 22:46:21 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2013.04.15 22:46:20 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2013.04.15 22:31:45 | 000,182,856 | ---- | C] () -- C:\Users\Patrick\Documents\Pricing_Nov2012_2web 1-1.pdf [2013.04.15 22:28:24 | 011,711,800 | ---- | C] () -- C:\Users\Patrick\Documents\Intel6150_WIMAX_FICI_DRVR_W7_64_A00_4MVDF_setup_ZPE.exe [2013.04.15 21:50:03 | 000,001,409 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2013.04.15 21:50:00 | 000,001,443 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.04.15 21:48:26 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013.04.15 21:48:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013.04.15 21:46:57 | 2070,691,839 | -HS- | C] () -- C:\hiberfil.sys [2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.01.10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.05.09 23:12:13 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Amazon [2013.05.13 12:56:42 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dropbox [2013.04.15 23:28:57 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\PCDr [2013.04.21 21:08:49 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TeamViewer [2013.04.26 23:38:33 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TS3Client ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9A78FF1A < End of report > |
| Themen zu GVU Win7 64 Bit |
| adobe, akamai, antivirus, aswrvrt.sys, autorun, avast, bho, bingbar, firefox, flash player, format, helper, igdpmd64.sys, installation, log, logfile, mausklick, mozilla, netzwerk, plug-in, programme, realtek, registry, scan, senden, software, teamspeak, trojaner, win7 64, windows, windows xp, wscript.exe |
Baum-Darstellung