| |
| |||||||
Log-Analyse und Auswertung: GVU Win7 64 BitWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.05.2013, 12:23
| #1 |
| |  GVU Win7 64 Bit Hallo Leute, Ich habe mir leider, wie auch immer, auch den GVU Trojaner eingefangen. System - Win7 64Bit Mein Avast hat kurz Alarm geschlagen, dann war es aber leider schon zu spät.
Habe schon gelesen das ihr immer einen OTL log haben wollte: Code:
ATTFilter OTL logfile created on: 13.05.2013 13:04:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrick\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,90 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 80,97% Memory free 15,81 Gb Paging File | 14,32 Gb Available in Paging File | 90,59% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 238,47 Gb Total Space | 142,66 Gb Free Space | 59,83% Space Free | Partition Type: NTFS Drive E: | 14,44 Gb Total Space | 4,66 Gb Free Space | 32,25% Space Free | Partition Type: NTFS Computer Name: PATRICK-PC | User Name: Patrick | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.13 13:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2012.03.25 23:44:18 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.04.15 23:31:49 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.11.19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012.10.01 20:34:38 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2012.10.01 20:34:38 | 000,178,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV - [2012.06.11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate) SRV - [2012.06.11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc) SRV - [2012.03.29 07:57:36 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV - [2012.03.29 07:57:24 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2012.03.29 07:57:14 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2012.03.29 07:57:10 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2012.03.19 13:14:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.01.21 08:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.01.21 08:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.01.21 08:35:08 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012.01.17 16:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV - [2012.01.10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2012.01.09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV - [2011.05.20 16:03:06 | 000,038,926 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\FH-Aachen OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) SRV - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.27 03:29:42 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP3\RpcAgentSrv.exe -- (SandraAgentSrv) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2013.01.09 16:49:20 | 000,211,280 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2012.12.04 17:51:12 | 000,791,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.12.04 17:51:12 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.12.04 17:51:10 | 000,358,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.11.19 12:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012.11.19 12:10:36 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF) DRV:64bit: - [2012.03.26 00:26:40 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.03.25 22:51:16 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.03.20 01:45:54 | 000,032,896 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd) DRV:64bit: - [2012.03.19 13:02:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2012.03.12 14:06:46 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64) DRV:64bit: - [2012.03.09 20:41:16 | 000,685,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2012.02.01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2011.12.06 05:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011.11.10 17:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2011.05.20 16:03:06 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP3\WNt500x64\sandra.sys -- (SANDRA) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E 80 0F 65 1A 3A CE 01 [binary data] IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.04.15 23:20:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 22:58:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.21 22:21:11 | 000,000,000 | ---D | M] [2013.04.15 22:58:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions [2013.04.15 22:58:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.10.01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000..\Run: [Akamai NetSession Interface] C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000..\Run: [AmazonMP3DownloaderHelper] C:\Users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34DCF1F2-A47D-41AC-ADA3-4721043A00D9}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42231763-BD2C-488B-BA32-59446A99D185}: DhcpNameServer = 192.168.10.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{558C1633-B83A-4FDB-AEFF-BFDFAC0D9237}: DhcpNameServer = 149.201.10.30 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3231A1F-4CE3-4007-942C-CFB82ABC96DA}: DhcpNameServer = 192.168.10.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (C:\Users\Patrick\AppData\Roaming\skype.dat) - C:\Users\Patrick\AppData\Roaming\skype.dat (Sftware ) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O31 - SafeBoot: UseAlternatShell - 1 O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.04.12 11:19:49 | 000,000,122 | ---- | M] () - E:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.13 13:04:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe [2013.05.13 12:54:06 | 000,000,000 | ---D | C] -- C:\sata [2013.05.09 23:12:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Amazon [2013.05.09 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Amazon MP3 [2013.05.09 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon [2013.05.09 23:12:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Program Files [2013.05.03 09:07:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.04.30 15:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FH-Aachen OpenVPN [2013.04.30 15:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FH-Aachen OpenVPN [2013.04.25 11:23:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2013.04.21 22:38:04 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Adobe [2013.04.21 22:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013.04.21 22:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013.04.21 21:51:08 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Benutzerdefinierte Office-Vorlagen [2013.04.21 21:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Word Recovery [2013.04.21 21:29:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stellar Phoenix Word Recovery [2013.04.21 21:25:20 | 000,000,000 | ---D | C] -- C:\TokensBackup [2013.04.21 21:23:26 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\KMSpico.v2 [2013.04.21 21:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013.04.21 21:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word [2013.04.21 21:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Remo Repair Word 2.0 [2013.04.21 21:02:18 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\TeamViewer [2013.04.21 21:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2013.04.16 22:49:29 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\TS3Client [2013.04.16 22:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2013.04.16 22:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client [2013.04.16 12:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2013.04.16 12:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.04.16 12:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2013.04.16 12:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013.04.16 12:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2013.04.16 12:12:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2013.04.16 12:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2013.04.16 12:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2013.04.16 12:11:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2013.04.16 12:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2013.04.16 12:10:55 | 000,054,272 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.04.16 12:10:55 | 000,048,128 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.04.16 12:10:54 | 028,992,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll [2013.04.16 12:10:54 | 023,460,864 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll [2013.04.16 12:10:54 | 014,745,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdpmd64.sys [2013.04.16 12:10:54 | 014,745,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys [2013.04.16 12:10:54 | 009,605,632 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll [2013.04.16 12:10:54 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll [2013.04.16 12:10:54 | 008,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll [2013.04.16 12:10:54 | 007,795,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll [2013.04.16 12:10:54 | 006,120,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll [2013.04.16 12:10:54 | 003,749,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll [2013.04.16 12:10:54 | 002,967,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll [2013.04.16 12:10:54 | 002,866,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll [2013.04.16 12:10:54 | 002,321,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll [2013.04.16 12:10:54 | 000,591,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll [2013.04.16 12:10:54 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll [2013.04.16 12:10:54 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll [2013.04.16 12:10:54 | 000,518,144 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll [2013.04.16 12:10:54 | 000,509,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe [2013.04.16 12:10:54 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc [2013.04.16 12:10:54 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc [2013.04.16 12:10:54 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc [2013.04.16 12:10:54 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc [2013.04.16 12:10:54 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc [2013.04.16 12:10:54 | 000,439,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc [2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc [2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc [2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc [2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc [2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc [2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc [2013.04.16 12:10:54 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc [2013.04.16 12:10:54 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc [2013.04.16 12:10:54 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc [2013.04.16 12:10:54 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc [2013.04.16 12:10:54 | 000,434,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll [2013.04.16 12:10:54 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc [2013.04.16 12:10:54 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc [2013.04.16 12:10:54 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc [2013.04.16 12:10:54 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc [2013.04.16 12:10:54 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll [2013.04.16 12:10:54 | 000,386,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll [2013.04.16 12:10:54 | 000,325,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll [2013.04.16 12:10:54 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc [2013.04.16 12:10:54 | 000,276,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013.04.16 12:10:54 | 000,250,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe [2013.04.16 12:10:54 | 000,237,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll [2013.04.16 12:10:54 | 000,236,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll [2013.04.16 12:10:54 | 000,213,504 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll [2013.04.16 12:10:54 | 000,193,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll [2013.04.16 12:10:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll [2013.04.16 12:10:54 | 000,177,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll [2013.04.16 12:10:54 | 000,170,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe [2013.04.16 12:10:54 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll [2013.04.16 12:10:54 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl [2013.04.16 12:10:54 | 000,063,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll [2013.04.16 12:10:54 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll [2013.04.16 12:10:54 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll [2013.04.16 12:10:53 | 026,166,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2013.04.16 12:10:53 | 019,739,136 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2013.04.16 12:10:53 | 016,069,632 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2013.04.16 12:10:53 | 013,715,968 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2013.04.16 12:10:53 | 010,857,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2013.04.16 12:10:53 | 007,646,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2013.04.16 12:10:53 | 007,552,000 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2013.04.16 12:10:53 | 006,200,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2013.04.16 12:10:53 | 005,954,048 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2013.04.16 12:10:53 | 005,888,792 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe [2013.04.16 12:10:53 | 005,062,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2013.04.16 12:10:53 | 004,958,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2013.04.16 12:10:53 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll [2013.04.16 12:10:53 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll [2013.04.16 12:10:53 | 000,958,464 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2013.04.16 12:10:53 | 000,791,552 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2013.04.16 12:10:53 | 000,512,000 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2013.04.16 12:10:53 | 000,496,128 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2013.04.16 12:10:53 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2013.04.16 12:10:53 | 000,398,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe [2013.04.16 12:10:53 | 000,356,352 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2013.04.16 12:10:53 | 000,328,704 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2013.04.16 12:10:53 | 000,235,520 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2013.04.16 12:10:53 | 000,184,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe [2013.04.16 12:10:53 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll [2013.04.16 12:10:53 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2013.04.16 12:10:53 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2013.04.16 12:10:53 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll [2013.04.16 12:10:53 | 000,071,680 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll [2013.04.16 12:10:53 | 000,070,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll [2013.04.16 12:10:53 | 000,070,144 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll [2013.04.16 12:10:53 | 000,065,536 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\atisamu32.dll [2013.04.16 12:10:53 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2013.04.16 12:10:53 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2013.04.16 12:10:53 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2013.04.16 12:10:53 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2013.04.16 12:10:53 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2013.04.16 12:10:53 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2013.04.16 12:10:53 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2013.04.16 12:10:53 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2013.04.16 12:10:53 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2013.04.16 12:10:53 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2013.04.16 12:10:53 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2013.04.16 12:10:53 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2013.04.16 12:10:53 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2013.04.16 12:10:53 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2013.04.16 12:10:53 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2013.04.16 12:10:53 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2013.04.16 12:10:53 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2013.04.16 12:10:53 | 000,032,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\amdkmpfd.sys [2013.04.16 12:10:53 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2013.04.16 12:10:53 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2013.04.16 12:10:53 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2013.04.16 12:10:53 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2013.04.16 11:47:53 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Dropbox [2013.04.16 11:47:00 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2013.04.16 11:46:43 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Dropbox [2013.04.16 11:23:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Diagnostics [2013.04.16 10:40:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Intel Corporation [2013.04.16 10:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2013.04.16 10:37:15 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2013.04.16 10:37:05 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Dell [2013.04.16 10:34:14 | 000,652,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys [2013.04.16 10:34:14 | 000,028,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys [2013.04.16 10:22:04 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys [2013.04.16 10:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel [2013.04.16 10:17:40 | 000,331,264 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys [2013.04.16 10:17:40 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll [2013.04.16 00:22:43 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\WLANProfiles [2013.04.16 00:22:20 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Intel [2013.04.16 00:22:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Roaming [2013.04.16 00:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming [2013.04.16 00:21:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless [2013.04.16 00:21:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2013.04.16 00:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2013.04.16 00:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel.sav [2013.04.16 00:12:03 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\ATI [2013.04.16 00:12:03 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\ATI [2013.04.16 00:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2013.04.16 00:11:47 | 000,000,000 | ---D | C] -- C:\Users\Patrick\SystemRequirementsLab [2013.04.16 00:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013.04.16 00:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.04.16 00:11:14 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.04.16 00:11:14 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013.04.16 00:11:14 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.04.16 00:11:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.04.16 00:11:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.04.16 00:11:12 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.16 00:11:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013.04.15 23:58:23 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2013.04.15 23:58:23 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2013.04.15 23:58:23 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2013.04.15 23:58:23 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2013.04.15 23:58:23 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2013.04.15 23:58:23 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2013.04.15 23:58:23 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2013.04.15 23:58:23 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2013.04.15 23:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2013.04.15 23:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2013.04.15 23:57:01 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2013.04.15 23:57:01 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2013.04.15 23:57:01 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2013.04.15 23:57:01 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2013.04.15 23:57:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2013.04.15 23:57:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2013.04.15 23:57:01 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2013.04.15 23:57:01 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2013.04.15 23:57:00 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2013.04.15 23:57:00 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2013.04.15 23:57:00 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2013.04.15 23:57:00 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2013.04.15 23:57:00 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2013.04.15 23:57:00 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2013.04.15 23:57:00 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2013.04.15 23:57:00 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2013.04.15 23:57:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2013.04.15 23:57:00 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2013.04.15 23:57:00 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2013.04.15 23:57:00 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2013.04.15 23:57:00 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2013.04.15 23:57:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2013.04.15 23:56:59 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2013.04.15 23:56:59 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2013.04.15 23:56:59 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2013.04.15 23:56:59 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2013.04.15 23:56:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2013.04.15 23:56:59 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2013.04.15 23:56:59 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2013.04.15 23:56:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2013.04.15 23:56:58 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2013.04.15 23:56:58 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2013.04.15 23:56:58 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2013.04.15 23:56:58 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2013.04.15 23:56:58 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2013.04.15 23:56:58 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2013.04.15 23:56:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2013.04.15 23:56:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2013.04.15 23:56:57 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2013.04.15 23:56:57 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2013.04.15 23:56:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2013.04.15 23:56:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2013.04.15 23:56:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2013.04.15 23:56:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2013.04.15 23:56:56 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2013.04.15 23:56:56 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2013.04.15 23:56:56 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2013.04.15 23:56:56 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2013.04.15 23:56:56 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2013.04.15 23:56:56 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2013.04.15 23:56:56 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2013.04.15 23:56:56 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2013.04.15 23:56:56 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2013.04.15 23:56:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2013.04.15 23:56:56 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2013.04.15 23:56:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2013.04.15 23:56:55 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2013.04.15 23:56:55 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2013.04.15 23:56:55 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2013.04.15 23:56:55 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2013.04.15 23:56:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2013.04.15 23:56:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2013.04.15 23:56:55 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2013.04.15 23:56:55 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2013.04.15 23:56:54 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2013.04.15 23:56:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2013.04.15 23:56:54 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2013.04.15 23:56:54 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2013.04.15 23:56:54 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2013.04.15 23:56:54 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2013.04.15 23:56:54 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2013.04.15 23:56:54 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2013.04.15 23:56:54 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2013.04.15 23:56:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2013.04.15 23:56:53 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2013.04.15 23:56:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2013.04.15 23:56:53 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2013.04.15 23:56:53 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2013.04.15 23:56:53 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2013.04.15 23:56:53 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2013.04.15 23:56:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2013.04.15 23:56:53 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2013.04.15 23:56:53 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2013.04.15 23:56:53 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2013.04.15 23:56:52 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2013.04.15 23:56:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2013.04.15 23:56:52 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2013.04.15 23:56:52 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2013.04.15 23:56:51 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2013.04.15 23:56:51 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2013.04.15 23:56:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2013.04.15 23:56:51 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2013.04.15 23:56:51 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2013.04.15 23:56:51 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2013.04.15 23:56:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2013.04.15 23:56:51 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2013.04.15 23:56:50 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2013.04.15 23:56:50 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2013.04.15 23:56:50 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2013.04.15 23:56:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2013.04.15 23:56:50 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2013.04.15 23:56:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2013.04.15 23:56:50 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2013.04.15 23:56:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2013.04.15 23:56:49 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2013.04.15 23:56:49 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2013.04.15 23:56:49 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2013.04.15 23:56:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2013.04.15 23:56:48 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2013.04.15 23:56:48 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2013.04.15 23:56:48 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2013.04.15 23:56:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2013.04.15 23:56:48 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2013.04.15 23:56:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2013.04.15 23:56:19 | 000,000,000 | ---D | C] -- C:\AMD [2013.04.15 23:54:14 | 000,685,160 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2013.04.15 23:54:14 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2013.04.15 23:54:14 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll [2013.04.15 23:54:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2013.04.15 23:51:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2013.04.15 23:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware [2013.04.15 23:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware [2013.04.15 23:50:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Programs [2013.04.15 23:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2013.04.15 23:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013.04.15 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013.04.15 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2013.04.15 23:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft [2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2013.04.15 23:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2013.04.15 23:39:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.04.15 23:39:23 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft Help [2013.04.15 23:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.04.15 23:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.04.15 23:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.04.15 23:39:15 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013.04.15 23:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2013.04.15 23:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2013.04.15 23:36:46 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys [2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Macromedia [2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Macromedia [2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Adobe [2013.04.15 23:34:54 | 000,000,000 | ---D | C] -- C:\Vorformat [2013.04.15 23:33:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2013.04.15 23:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2013.04.15 23:33:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2013.04.15 23:33:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\InstallShield [2013.04.15 23:31:49 | 000,691,592 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.15 23:31:49 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.15 23:31:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2013.04.15 23:31:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013.04.15 23:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.04.15 23:28:56 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\PCDr [2013.04.15 23:28:54 | 000,000,000 | ---D | C] -- C:\temp [2013.04.15 23:24:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Deployment [2013.04.15 23:24:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Apps [2013.04.15 23:20:32 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.04.15 23:20:32 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.04.15 23:20:32 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.04.15 23:20:32 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.04.15 23:20:32 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.04.15 23:20:32 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.04.15 23:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.04.15 23:20:31 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.04.15 23:20:18 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.04.15 23:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.04.15 23:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013.04.15 22:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\Dell [2013.04.15 22:58:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Mozilla [2013.04.15 22:58:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Mozilla [2013.04.15 22:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.04.15 22:58:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.04.15 22:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\WinRAR [2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.04.15 22:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013.04.15 22:54:04 | 000,000,000 | ---D | C] -- C:\Intel [2013.04.15 22:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech [2013.04.15 22:53:47 | 000,211,280 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\drivers\ETD.sys [2013.04.15 22:53:29 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll [2013.04.15 22:53:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2013.04.15 22:53:26 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll [2013.04.15 22:53:26 | 000,791,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys [2013.04.15 22:53:26 | 000,358,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys [2013.04.15 22:53:26 | 000,020,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys [2013.04.15 22:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell [2013.04.15 22:52:08 | 000,000,000 | ---D | C] -- C:\Dell Driver [2013.04.15 22:51:30 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Akamai [2013.04.15 22:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2013.04.15 22:46:20 | 000,000,000 | -HSD | C] -- C:\Boot [2013.04.15 22:32:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013.04.15 22:32:18 | 000,000,000 | ---D | C] -- C:\Dell [2013.04.15 21:51:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Searches [2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.04.15 21:49:54 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Identities [2013.04.15 21:49:53 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Contacts [2013.04.15 21:49:51 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\VirtualStore [2013.04.15 21:49:49 | 000,000,000 | --SD | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Videos [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Saved Games [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Pictures [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Music [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Links [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Favorites [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Downloads [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Documents [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Desktop [2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Vorlagen [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Verlauf [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Temporary Internet Files [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Startmenü [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\SendTo [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Recent [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Netzwerkumgebung [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Lokale Einstellungen [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Videos [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Musik [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Eigene Dateien [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Bilder [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Druckumgebung [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Cookies [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Anwendungsdaten [2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Anwendungsdaten [2013.04.15 21:49:49 | 000,000,000 | -H-D | C] -- C:\Users\Patrick\AppData [2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Temp [2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft [2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Media Center Programs [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Recovery [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Programme [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.04.15 21:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013.04.15 21:46:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2009.07.14 01:12:11 | 000,130,560 | ---- | C] (Sftware ) -- C:\Users\Patrick\AppData\Roaming\skype.dat [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.13 13:06:07 | 001,614,582 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.13 13:06:07 | 000,697,170 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.13 13:06:07 | 000,652,488 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.13 13:06:07 | 000,147,964 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.13 13:06:07 | 000,120,918 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.13 13:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe [2013.05.13 13:01:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.13 13:01:48 | 2070,691,839 | -HS- | M] () -- C:\hiberfil.sys [2013.05.13 12:53:41 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.13 12:53:41 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.13 12:49:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.13 12:18:19 | 000,000,162 | -H-- | M] () -- C:\Users\Patrick\Desktop\~$inal-3.odt [2013.05.13 12:16:31 | 000,000,004 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\skype.ini [2013.05.07 16:27:19 | 005,423,019 | ---- | M] () -- C:\Users\Patrick\Desktop\lisa mitchell - neopolitan.mp3 [2013.05.07 16:24:01 | 005,373,282 | ---- | M] () -- C:\Users\Patrick\Desktop\natural born jane.mp3 [2013.05.07 16:21:25 | 005,756,968 | ---- | M] () -- C:\Users\Patrick\Desktop\Martin Solveig - The Night Our.mp3 [2013.05.07 16:20:45 | 005,032,227 | ---- | M] () -- C:\Users\Patrick\Desktop\theophilus London - Why Even Try.mp3 [2013.05.03 09:07:03 | 592,718,937 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.01 19:14:24 | 000,129,024 | ---- | M] () -- C:\Users\Patrick\Desktop\IMG_20130501_190258.JPG [2013.04.30 15:51:13 | 000,016,106 | ---- | M] () -- C:\Users\Patrick\Desktop\mcfit kram.odt [2013.04.30 15:26:29 | 000,001,201 | ---- | M] () -- C:\Users\Public\Desktop\FH-Aachen OpenVPN GUI.lnk [2013.04.30 15:04:43 | 000,000,345 | ---- | M] () -- C:\Users\Patrick\Desktop\0VBPqgZG8l3Y.128.mp3 [2013.04.28 15:53:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.04.28 11:02:13 | 004,016,640 | ---- | M] () -- C:\Users\Patrick\Desktop\KMSpico.v2.rar [2013.04.27 13:17:19 | 003,735,300 | ---- | M] () -- C:\Users\Patrick\Desktop\Laid Blak - Lava Timmokk.mp3 [2013.04.27 12:58:49 | 004,745,507 | ---- | M] () -- C:\Users\Patrick\Desktop\bosse- schönste zeit zwette edit.mp3 [2013.04.27 12:58:17 | 005,807,959 | ---- | M] () -- C:\Users\Patrick\Desktop\another love zwette remix.mp3 [2013.04.26 23:25:36 | 000,210,023 | ---- | M] () -- C:\Users\Patrick\Desktop\bild2.jpg [2013.04.26 19:01:06 | 000,279,378 | ---- | M] () -- C:\Users\Patrick\Desktop\473080_579327928758742_1090916865_o.jpg [2013.04.26 17:48:24 | 001,947,404 | ---- | M] () -- C:\Users\Patrick\Desktop\bild.jpg [2013.04.25 11:36:49 | 000,003,640 | ---- | M] () -- C:\Users\Patrick\Desktop\sven paddel.ods [2013.04.24 12:13:58 | 000,441,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.23 19:49:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.04.21 22:47:39 | 000,205,728 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-3.pdf [2013.04.21 22:46:46 | 000,444,316 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-3.odt [2013.04.21 22:37:29 | 000,206,545 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-2.pdf [2013.04.21 22:26:07 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2013.04.21 22:21:11 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.04.21 22:17:46 | 000,192,849 | ---- | M] () -- C:\Users\Patrick\Desktop\marc kniese.pdf [2013.04.21 21:13:34 | 000,001,117 | ---- | M] () -- C:\Users\Patrick\Desktop\Remo Repair Word.lnk [2013.04.21 21:01:31 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk [2013.04.16 12:12:54 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2013.04.16 11:47:53 | 000,001,003 | ---- | M] () -- C:\Users\Patrick\Desktop\Dropbox.lnk [2013.04.16 11:47:10 | 000,001,013 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.04.16 10:45:24 | 013,479,936 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Sandra.mdb [2013.04.16 10:41:19 | 000,001,108 | ---- | M] () -- C:\Users\Patrick\Desktop\Wow-64 - Verknüpfung.lnk [2013.04.16 10:35:52 | 001,639,602 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.04.16 00:22:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf [2013.04.16 00:11:10 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.16 00:11:09 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.04.16 00:11:09 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013.04.16 00:11:09 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.04.16 00:11:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.04.16 00:11:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.04.15 23:33:22 | 000,001,063 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk [2013.04.15 23:31:49 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.15 23:31:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.15 23:20:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.04.15 22:53:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2013.04.15 22:46:21 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2013.04.15 22:31:48 | 000,182,856 | ---- | M] () -- C:\Users\Patrick\Documents\Pricing_Nov2012_2web 1-1.pdf [2013.04.15 22:30:23 | 011,711,800 | ---- | M] () -- C:\Users\Patrick\Documents\Intel6150_WIMAX_FICI_DRVR_W7_64_A00_4MVDF_setup_ZPE.exe [2013.04.15 21:48:27 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013.04.15 21:48:27 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.13 12:18:19 | 000,000,162 | -H-- | C] () -- C:\Users\Patrick\Desktop\~$inal-3.odt [2013.05.13 11:13:19 | 000,000,004 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\skype.ini [2013.05.07 16:27:14 | 005,423,019 | ---- | C] () -- C:\Users\Patrick\Desktop\lisa mitchell - neopolitan.mp3 [2013.05.07 16:23:57 | 005,373,282 | ---- | C] () -- C:\Users\Patrick\Desktop\natural born jane.mp3 [2013.05.07 16:21:20 | 005,756,968 | ---- | C] () -- C:\Users\Patrick\Desktop\Martin Solveig - The Night Our.mp3 [2013.05.07 16:20:39 | 005,032,227 | ---- | C] () -- C:\Users\Patrick\Desktop\theophilus London - Why Even Try.mp3 [2013.05.03 09:07:03 | 592,718,937 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.05.01 19:14:23 | 000,129,024 | ---- | C] () -- C:\Users\Patrick\Desktop\IMG_20130501_190258.JPG [2013.04.30 15:51:10 | 000,016,106 | ---- | C] () -- C:\Users\Patrick\Desktop\mcfit kram.odt [2013.04.30 15:26:29 | 000,001,201 | ---- | C] () -- C:\Users\Public\Desktop\FH-Aachen OpenVPN GUI.lnk [2013.04.30 15:03:52 | 000,000,345 | ---- | C] () -- C:\Users\Patrick\Desktop\0VBPqgZG8l3Y.128.mp3 [2013.04.28 15:53:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.04.28 11:02:13 | 004,016,640 | ---- | C] () -- C:\Users\Patrick\Desktop\KMSpico.v2.rar [2013.04.27 13:17:11 | 003,735,300 | ---- | C] () -- C:\Users\Patrick\Desktop\Laid Blak - Lava Timmokk.mp3 [2013.04.27 12:58:38 | 004,745,507 | ---- | C] () -- C:\Users\Patrick\Desktop\bosse- schönste zeit zwette edit.mp3 [2013.04.27 12:57:52 | 005,807,959 | ---- | C] () -- C:\Users\Patrick\Desktop\another love zwette remix.mp3 [2013.04.26 23:25:36 | 000,210,023 | ---- | C] () -- C:\Users\Patrick\Desktop\bild2.jpg [2013.04.26 19:01:06 | 000,279,378 | ---- | C] () -- C:\Users\Patrick\Desktop\473080_579327928758742_1090916865_o.jpg [2013.04.26 17:48:23 | 001,947,404 | ---- | C] () -- C:\Users\Patrick\Desktop\bild.jpg [2013.04.26 17:46:15 | 004,922,282 | ---- | C] () -- C:\Users\Patrick\Desktop\Pixlromatic.air [2013.04.25 11:36:45 | 000,003,640 | ---- | C] () -- C:\Users\Patrick\Desktop\sven paddel.ods [2013.04.23 19:49:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.04.21 22:47:39 | 000,205,728 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-3.pdf [2013.04.21 22:46:45 | 000,444,316 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-3.odt [2013.04.21 22:37:28 | 000,206,545 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-2.pdf [2013.04.21 22:21:11 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.04.21 22:21:11 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.04.21 22:17:46 | 000,192,849 | ---- | C] () -- C:\Users\Patrick\Desktop\marc kniese.pdf [2013.04.21 21:13:34 | 000,001,117 | ---- | C] () -- C:\Users\Patrick\Desktop\Remo Repair Word.lnk [2013.04.21 21:01:31 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk [2013.04.21 21:01:31 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk [2013.04.16 22:49:16 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2013.04.16 12:12:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013.04.16 12:12:12 | 000,002,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Umschaltbare Grafik.lnk [2013.04.16 12:12:01 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2013.04.16 12:12:01 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat [2013.04.16 12:10:54 | 017,226,240 | ---- | C] () -- C:\Windows\SysNative\ig7icd64.dll [2013.04.16 12:10:54 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa [2013.04.16 12:10:54 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2013.04.16 12:10:54 | 000,755,188 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin [2013.04.16 12:10:54 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2013.04.16 12:10:54 | 000,561,508 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin [2013.04.16 12:10:54 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll [2013.04.16 12:10:54 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp [2013.04.16 12:10:54 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp [2013.04.16 12:10:54 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp [2013.04.16 12:10:54 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp [2013.04.16 12:10:54 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2013.04.16 12:10:54 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp [2013.04.16 12:10:54 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp [2013.04.16 12:10:54 | 000,018,660 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp [2013.04.16 12:10:54 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll [2013.04.16 12:10:54 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp [2013.04.16 12:10:53 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll [2013.04.16 12:10:53 | 002,427,392 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2013.04.16 12:10:53 | 002,425,664 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2013.04.16 12:10:53 | 000,601,728 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat [2013.04.16 12:10:53 | 000,235,144 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb [2013.04.16 12:10:53 | 000,235,144 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2013.04.16 12:10:53 | 000,221,877 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources [2013.04.16 12:10:53 | 000,208,522 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources [2013.04.16 12:10:53 | 000,192,378 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources [2013.04.16 12:10:53 | 000,164,821 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources [2013.04.16 12:10:53 | 000,162,150 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources [2013.04.16 12:10:53 | 000,157,713 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources [2013.04.16 12:10:53 | 000,148,461 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources [2013.04.16 12:10:53 | 000,147,116 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources [2013.04.16 12:10:53 | 000,146,125 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources [2013.04.16 12:10:53 | 000,146,008 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources [2013.04.16 12:10:53 | 000,144,790 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources [2013.04.16 12:10:53 | 000,144,267 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources [2013.04.16 12:10:53 | 000,143,564 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources [2013.04.16 12:10:53 | 000,143,112 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources [2013.04.16 12:10:53 | 000,142,797 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources [2013.04.16 12:10:53 | 000,142,606 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources [2013.04.16 12:10:53 | 000,142,079 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources [2013.04.16 12:10:53 | 000,141,854 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources [2013.04.16 12:10:53 | 000,141,421 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources [2013.04.16 12:10:53 | 000,141,297 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources [2013.04.16 12:10:53 | 000,140,949 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources [2013.04.16 12:10:53 | 000,140,548 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources [2013.04.16 12:10:53 | 000,139,901 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources [2013.04.16 12:10:53 | 000,136,850 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources [2013.04.16 12:10:53 | 000,136,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources [2013.04.16 12:10:53 | 000,136,261 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources [2013.04.16 12:10:53 | 000,131,674 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources [2013.04.16 12:10:53 | 000,125,306 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources [2013.04.16 12:10:53 | 000,123,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources [2013.04.16 12:10:53 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll [2013.04.16 12:10:53 | 000,037,533 | ---- | C] () -- C:\Windows\atiogl.xml [2013.04.16 12:10:53 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config [2013.04.16 11:47:53 | 000,001,003 | ---- | C] () -- C:\Users\Patrick\Desktop\Dropbox.lnk [2013.04.16 11:47:10 | 000,001,013 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.04.16 10:41:19 | 000,001,108 | ---- | C] () -- C:\Users\Patrick\Desktop\Wow-64 - Verknüpfung.lnk [2013.04.16 00:22:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf [2013.04.16 00:00:59 | 001,639,602 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.04.16 00:00:02 | 013,479,936 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Sandra.mdb [2013.04.15 23:37:41 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll [2013.04.15 23:33:23 | 000,001,063 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk [2013.04.15 23:31:49 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.15 23:20:32 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.04.15 23:20:32 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.04.15 23:20:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2013.04.15 22:58:17 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.04.15 22:53:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2013.04.15 22:46:21 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2013.04.15 22:46:20 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2013.04.15 22:31:45 | 000,182,856 | ---- | C] () -- C:\Users\Patrick\Documents\Pricing_Nov2012_2web 1-1.pdf [2013.04.15 22:28:24 | 011,711,800 | ---- | C] () -- C:\Users\Patrick\Documents\Intel6150_WIMAX_FICI_DRVR_W7_64_A00_4MVDF_setup_ZPE.exe [2013.04.15 21:50:03 | 000,001,409 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2013.04.15 21:50:00 | 000,001,443 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.04.15 21:48:26 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013.04.15 21:48:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013.04.15 21:46:57 | 2070,691,839 | -HS- | C] () -- C:\hiberfil.sys [2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.01.10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.05.09 23:12:13 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Amazon [2013.05.13 12:56:42 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dropbox [2013.04.15 23:28:57 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\PCDr [2013.04.21 21:08:49 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TeamViewer [2013.04.26 23:38:33 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TS3Client ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9A78FF1A < End of report > |
|
13.05.2013, 12:52
| #2 |
| /// Malware-holic   | GVU Win7 64 Bit Hi,
__________________wer sein System nicht aktuell hält, muss sich nicht wundern, fehlene Win-Updates zb otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (C:\Users\Patrick\AppData\Roaming\skype.dat) - C:\Users\Patrick\AppData\Roaming\skype.dat
(Sftware )
[2013.05.13 12:16:31 | 000,000,004 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\skype.ini
:files
C:\Users\Patrick\AppData\Roaming\skype.dat
:Commands
[emptytemp]
starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ |
|
13.05.2013, 13:04
| #3 |
| | GVU Win7 64 Bit Hier der neue log.
__________________Upload auch erfolgreich. Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Patrick\AppData\Roaming\skype.dat deleted successfully.
C:\Users\Patrick\AppData\Roaming\skype.dat moved successfully.
C:\Users\Patrick\AppData\Roaming\skype.ini moved successfully.
========== FILES ==========
File\Folder C:\Users\Patrick\AppData\Roaming\skype.dat not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Patrick
->Temp folder emptied: 734168292 bytes
->Temporary Internet Files folder emptied: 40060645 bytes
->Java cache emptied: 475253 bytes
->FireFox cache emptied: 389496588 bytes
->Flash cache emptied: 30283 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2165039452 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 9780292957 bytes
Total Files Cleaned = 12.502,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05132013_135723
Files\Folders moved on Reboot...
C:\Users\Patrick\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
13.05.2013, 13:16
| #4 |
| /// Malware-holic | GVU Win7 64 Bit Normaler Modus geht? dann bitte folgenes: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.05.2013, 14:33
| #5 |
| | GVU Win7 64 Bit Hey hier der nächste Log aus dem normal ModusCode:
ATTFilter 15:30:58.0944 3660 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:30:59.0093 3660 ============================================================
15:30:59.0093 3660 Current date / time: 2013/05/13 15:30:59.0093
15:30:59.0093 3660 SystemInfo:
15:30:59.0093 3660
15:30:59.0093 3660 OS Version: 6.1.7600 ServicePack: 0.0
15:30:59.0093 3660 Product type: Workstation
15:30:59.0093 3660 ComputerName: PATRICK-PC
15:30:59.0093 3660 UserName: Patrick
15:30:59.0093 3660 Windows directory: C:\Windows
15:30:59.0093 3660 System windows directory: C:\Windows
15:30:59.0093 3660 Running under WOW64
15:30:59.0093 3660 Processor architecture: Intel x64
15:30:59.0093 3660 Number of processors: 8
15:30:59.0093 3660 Page size: 0x1000
15:30:59.0093 3660 Boot type: Normal boot
15:30:59.0094 3660 ============================================================
15:30:59.0326 3660 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:30:59.0330 3660 ============================================================
15:30:59.0330 3660 \Device\Harddisk0\DR0:
15:30:59.0330 3660 MBR partitions:
15:30:59.0330 3660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000, BlocksNum 0x1DCF0000
15:30:59.0330 3660 ============================================================
15:30:59.0331 3660 C: <-> \Device\Harddisk0\DR0\Partition1
15:30:59.0331 3660 ============================================================
15:30:59.0331 3660 Initialize success
15:30:59.0331 3660 ============================================================
15:31:31.0325 2504 ============================================================
15:31:31.0326 2504 Scan started
15:31:31.0326 2504 Mode: Manual; SigCheck; TDLFS;
15:31:31.0326 2504 ============================================================
15:31:31.0425 2504 ================ Scan system memory ========================
15:31:31.0425 2504 System memory - ok
15:31:31.0426 2504 ================ Scan services =============================
15:31:31.0447 2504 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:31:31.0490 2504 1394ohci - ok
15:31:31.0495 2504 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:31:31.0506 2504 ACPI - ok
15:31:31.0509 2504 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:31:31.0520 2504 AcpiPmi - ok
15:31:31.0524 2504 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:31:31.0531 2504 AdobeARMservice - ok
15:31:31.0543 2504 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:31:31.0551 2504 AdobeFlashPlayerUpdateSvc - ok
15:31:31.0558 2504 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:31:31.0571 2504 adp94xx - ok
15:31:31.0576 2504 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:31:31.0587 2504 adpahci - ok
15:31:31.0590 2504 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:31:31.0599 2504 adpu320 - ok
15:31:31.0603 2504 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:31:31.0629 2504 AeLookupSvc - ok
15:31:31.0636 2504 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
15:31:31.0666 2504 AFD - ok
15:31:31.0669 2504 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:31:31.0676 2504 agp440 - ok
15:31:31.0679 2504 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:31:31.0689 2504 ALG - ok
15:31:31.0692 2504 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:31:31.0698 2504 aliide - ok
15:31:31.0702 2504 [ 6B86F165C7D518CDB70804D82AC3ACD5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:31:31.0718 2504 AMD External Events Utility - ok
15:31:31.0721 2504 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:31:31.0727 2504 amdide - ok
15:31:31.0730 2504 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:31:31.0739 2504 AmdK8 - ok
15:31:31.0813 2504 [ 116176D9B55DDA2C5494DF5611E246A7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:31:31.0931 2504 amdkmdag - ok
15:31:31.0938 2504 [ 29A5ACBF46308BD283A5F0D93C4686B5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:31:31.0954 2504 amdkmdap - ok
15:31:31.0957 2504 [ FFCB1F4FEAC8AB77887031F8AD0D7C06 ] amdkmpfd C:\Windows\system32\DRIVERS\amdkmpfd.sys
15:31:31.0971 2504 amdkmpfd - ok
15:31:31.0974 2504 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:31:31.0984 2504 AmdPPM - ok
15:31:31.0987 2504 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
15:31:31.0995 2504 amdsata - ok
15:31:31.0999 2504 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:31:32.0007 2504 amdsbs - ok
15:31:32.0010 2504 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
15:31:32.0016 2504 amdxata - ok
15:31:32.0020 2504 [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
15:31:32.0030 2504 AMPPAL - ok
15:31:32.0034 2504 [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
15:31:32.0042 2504 AMPPALP - ok
15:31:32.0052 2504 [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:31:32.0064 2504 AMPPALR3 - ok
15:31:32.0067 2504 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
15:31:32.0081 2504 AppID - ok
15:31:32.0083 2504 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:31:32.0109 2504 AppIDSvc - ok
15:31:32.0111 2504 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
15:31:32.0137 2504 Appinfo - ok
15:31:32.0141 2504 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:31:32.0151 2504 AppMgmt - ok
15:31:32.0155 2504 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:31:32.0162 2504 arc - ok
15:31:32.0165 2504 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:31:32.0172 2504 arcsas - ok
15:31:32.0180 2504 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:31:32.0186 2504 aspnet_state - ok
15:31:32.0188 2504 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:31:32.0194 2504 aswFsBlk - ok
15:31:32.0197 2504 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:31:32.0203 2504 aswMonFlt - ok
15:31:32.0206 2504 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:31:32.0211 2504 aswRdr - ok
15:31:32.0214 2504 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
15:31:32.0219 2504 aswRvrt - ok
15:31:32.0230 2504 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:31:32.0246 2504 aswSnx - ok
15:31:32.0252 2504 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:31:32.0261 2504 aswSP - ok
15:31:32.0264 2504 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:31:32.0269 2504 aswTdi - ok
15:31:32.0273 2504 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
15:31:32.0280 2504 aswVmm - ok
15:31:32.0283 2504 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:31:32.0308 2504 AsyncMac - ok
15:31:32.0310 2504 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:31:32.0316 2504 atapi - ok
15:31:32.0325 2504 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:31:32.0357 2504 AudioEndpointBuilder - ok
15:31:32.0363 2504 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:31:32.0393 2504 AudioSrv - ok
15:31:32.0396 2504 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:31:32.0401 2504 avast! Antivirus - ok
15:31:32.0404 2504 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:31:32.0417 2504 AxInstSV - ok
15:31:32.0424 2504 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:31:32.0437 2504 b06bdrv - ok
15:31:32.0442 2504 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:31:32.0454 2504 b57nd60a - ok
15:31:32.0459 2504 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
15:31:32.0468 2504 BBSvc - ok
15:31:32.0472 2504 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
15:31:32.0481 2504 BBUpdate - ok
15:31:32.0484 2504 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:31:32.0494 2504 BDESVC - ok
15:31:32.0497 2504 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:31:32.0521 2504 Beep - ok
15:31:32.0531 2504 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
15:31:32.0563 2504 BFE - ok
15:31:32.0572 2504 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
15:31:32.0608 2504 BITS - ok
15:31:32.0611 2504 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:31:32.0620 2504 blbdrive - ok
15:31:32.0623 2504 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:31:32.0649 2504 bowser - ok
15:31:32.0651 2504 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:31:32.0662 2504 BrFiltLo - ok
15:31:32.0664 2504 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:31:32.0675 2504 BrFiltUp - ok
15:31:32.0678 2504 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
15:31:32.0705 2504 Browser - ok
15:31:32.0709 2504 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:31:32.0721 2504 Brserid - ok
15:31:32.0724 2504 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:31:32.0735 2504 BrSerWdm - ok
15:31:32.0737 2504 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:31:32.0748 2504 BrUsbMdm - ok
15:31:32.0750 2504 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:31:32.0760 2504 BrUsbSer - ok
15:31:32.0762 2504 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
15:31:32.0774 2504 BthEnum - ok
15:31:32.0776 2504 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:31:32.0788 2504 BTHMODEM - ok
15:31:32.0791 2504 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:31:32.0803 2504 BthPan - ok
15:31:32.0810 2504 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:31:32.0827 2504 BTHPORT - ok
15:31:32.0830 2504 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:31:32.0855 2504 bthserv - ok
15:31:32.0859 2504 [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:31:32.0865 2504 BTHSSecurityMgr - ok
15:31:32.0868 2504 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:31:32.0879 2504 BTHUSB - ok
15:31:32.0883 2504 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:31:32.0908 2504 cdfs - ok
15:31:32.0912 2504 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:31:32.0922 2504 cdrom - ok
15:31:32.0925 2504 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
15:31:32.0951 2504 CertPropSvc - ok
15:31:32.0954 2504 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:31:32.0965 2504 circlass - ok
15:31:32.0970 2504 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:31:32.0981 2504 CLFS - ok
15:31:32.0984 2504 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:32.0990 2504 clr_optimization_v2.0.50727_32 - ok
15:31:32.0993 2504 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:31:32.0999 2504 clr_optimization_v2.0.50727_64 - ok
15:31:33.0005 2504 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:33.0012 2504 clr_optimization_v4.0.30319_32 - ok
15:31:33.0015 2504 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:31:33.0022 2504 clr_optimization_v4.0.30319_64 - ok
15:31:33.0024 2504 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:31:33.0042 2504 CmBatt - ok
15:31:33.0044 2504 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:31:33.0051 2504 cmdide - ok
15:31:33.0057 2504 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
15:31:33.0074 2504 CNG - ok
15:31:33.0076 2504 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:31:33.0082 2504 Compbatt - ok
15:31:33.0085 2504 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:31:33.0096 2504 CompositeBus - ok
15:31:33.0098 2504 COMSysApp - ok
15:31:33.0104 2504 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:31:33.0114 2504 cphs - ok
15:31:33.0117 2504 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:31:33.0123 2504 crcdisk - ok
15:31:33.0128 2504 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:31:33.0156 2504 CryptSvc - ok
15:31:33.0163 2504 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
15:31:33.0181 2504 CSC - ok
15:31:33.0189 2504 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
15:31:33.0205 2504 CscService - ok
15:31:33.0213 2504 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:31:33.0245 2504 DcomLaunch - ok
15:31:33.0250 2504 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:31:33.0278 2504 defragsvc - ok
15:31:33.0281 2504 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:31:33.0307 2504 DfsC - ok
15:31:33.0312 2504 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
15:31:33.0328 2504 Dhcp - ok
15:31:33.0331 2504 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:31:33.0356 2504 discache - ok
15:31:33.0358 2504 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:31:33.0365 2504 Disk - ok
15:31:33.0369 2504 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:31:33.0396 2504 Dnscache - ok
15:31:33.0401 2504 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
15:31:33.0428 2504 dot3svc - ok
15:31:33.0432 2504 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
15:31:33.0459 2504 DPS - ok
15:31:33.0462 2504 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:31:33.0471 2504 drmkaud - ok
15:31:33.0481 2504 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:31:33.0517 2504 DXGKrnl - ok
15:31:33.0520 2504 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:31:33.0547 2504 EapHost - ok
15:31:33.0573 2504 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:31:33.0615 2504 ebdrv - ok
15:31:33.0618 2504 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
15:31:33.0629 2504 EFS - ok
15:31:33.0637 2504 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:31:33.0652 2504 ehRecvr - ok
15:31:33.0655 2504 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:31:33.0665 2504 ehSched - ok
15:31:33.0673 2504 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:31:33.0686 2504 elxstor - ok
15:31:33.0688 2504 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:31:33.0697 2504 ErrDev - ok
15:31:33.0702 2504 [ F37415F77CDD8AFD4F611BC125764C9E ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:31:33.0709 2504 ETD - ok
15:31:33.0716 2504 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:31:33.0745 2504 EventSystem - ok
15:31:33.0753 2504 [ 52AE29A233832E0C704FD7FC534AF9FB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:31:33.0765 2504 EvtEng - ok
15:31:33.0769 2504 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:31:33.0796 2504 exfat - ok
15:31:33.0800 2504 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:31:33.0827 2504 fastfat - ok
15:31:33.0835 2504 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
15:31:33.0851 2504 Fax - ok
15:31:33.0853 2504 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:31:33.0863 2504 fdc - ok
15:31:33.0865 2504 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:31:33.0890 2504 fdPHost - ok
15:31:33.0893 2504 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:31:33.0917 2504 FDResPub - ok
15:31:33.0920 2504 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:31:33.0927 2504 FileInfo - ok
15:31:33.0929 2504 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:31:33.0954 2504 Filetrace - ok
15:31:33.0956 2504 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:31:33.0965 2504 flpydisk - ok
15:31:33.0970 2504 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:31:33.0979 2504 FltMgr - ok
15:31:33.0991 2504 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
15:31:34.0028 2504 FontCache - ok
15:31:34.0031 2504 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:31:34.0036 2504 FontCache3.0.0.0 - ok
15:31:34.0039 2504 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:31:34.0045 2504 FsDepends - ok
15:31:34.0048 2504 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:31:34.0054 2504 Fs_Rec - ok
15:31:34.0058 2504 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:31:34.0069 2504 fvevol - ok
15:31:34.0072 2504 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:31:34.0079 2504 gagp30kx - ok
15:31:34.0089 2504 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
15:31:34.0110 2504 gpsvc - ok
15:31:34.0112 2504 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:31:34.0121 2504 hcw85cir - ok
15:31:34.0127 2504 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:31:34.0141 2504 HdAudAddService - ok
15:31:34.0144 2504 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:31:34.0156 2504 HDAudBus - ok
15:31:34.0158 2504 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:31:34.0168 2504 HidBatt - ok
15:31:34.0171 2504 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:31:34.0183 2504 HidBth - ok
15:31:34.0185 2504 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:31:34.0197 2504 HidIr - ok
15:31:34.0199 2504 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:31:34.0224 2504 hidserv - ok
15:31:34.0227 2504 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:31:34.0236 2504 HidUsb - ok
15:31:34.0239 2504 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:31:34.0265 2504 hkmsvc - ok
15:31:34.0269 2504 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:31:34.0281 2504 HomeGroupListener - ok
15:31:34.0285 2504 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:31:34.0297 2504 HomeGroupProvider - ok
15:31:34.0300 2504 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:31:34.0307 2504 HpSAMD - ok
15:31:34.0315 2504 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:31:34.0347 2504 HTTP - ok
15:31:34.0350 2504 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:31:34.0356 2504 hwpolicy - ok
15:31:34.0359 2504 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:31:34.0369 2504 i8042prt - ok
15:31:34.0376 2504 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:31:34.0388 2504 iaStor - ok
15:31:34.0396 2504 [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
15:31:34.0408 2504 iaStorA - ok
15:31:34.0415 2504 [ 777788D9B63CCEEEF2DB353BA4EDD454 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:31:34.0420 2504 IAStorDataMgrSvc - ok
15:31:34.0422 2504 [ 711241EA1BA9DB44F34D03D2AD00ED08 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
15:31:34.0427 2504 iaStorF - ok
15:31:34.0433 2504 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
15:31:34.0445 2504 iaStorV - ok
15:31:34.0455 2504 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:31:34.0472 2504 idsvc - ok
15:31:34.0475 2504 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:31:34.0481 2504 iirsp - ok
15:31:34.0491 2504 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
15:31:34.0525 2504 IKEEXT - ok
15:31:34.0531 2504 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:31:34.0543 2504 IntcDAud - ok
15:31:34.0551 2504 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:31:34.0564 2504 Intel(R) Capability Licensing Service Interface - ok
15:31:34.0567 2504 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:31:34.0573 2504 intelide - ok
15:31:34.0666 2504 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
15:31:34.0830 2504 intelkmd - ok
15:31:34.0835 2504 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:31:34.0844 2504 intelppm - ok
15:31:34.0847 2504 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:31:34.0872 2504 IPBusEnum - ok
15:31:34.0875 2504 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:34.0901 2504 IpFilterDriver - ok
15:31:34.0908 2504 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:31:34.0939 2504 iphlpsvc - ok
15:31:34.0942 2504 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:31:34.0951 2504 IPMIDRV - ok
15:31:34.0954 2504 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:31:34.0980 2504 IPNAT - ok
15:31:34.0983 2504 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:31:34.0994 2504 IRENUM - ok
15:31:34.0997 2504 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:31:35.0003 2504 isapnp - ok
15:31:35.0007 2504 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:31:35.0016 2504 iScsiPrt - ok
15:31:35.0019 2504 [ 7A4D015FF432645C55C162DADAEA143E ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:31:35.0024 2504 iusb3hcs - ok
15:31:35.0030 2504 [ 5D6164479F6F900ACD287FDC6935532E ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
15:31:35.0038 2504 iusb3hub - ok
15:31:35.0048 2504 [ 9F5687C7EFA906E4F33586D393F7C257 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:31:35.0061 2504 iusb3xhc - ok
15:31:35.0065 2504 [ D22982C269775BCBDDA8A0F82A9ADE9E ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:31:35.0072 2504 jhi_service - ok
15:31:35.0075 2504 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:31:35.0081 2504 kbdclass - ok
15:31:35.0084 2504 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:31:35.0093 2504 kbdhid - ok
15:31:35.0095 2504 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
15:31:35.0105 2504 KeyIso - ok
15:31:35.0108 2504 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:31:35.0115 2504 KSecDD - ok
15:31:35.0118 2504 [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:31:35.0125 2504 KSecPkg - ok
15:31:35.0128 2504 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:31:35.0152 2504 ksthunk - ok
15:31:35.0158 2504 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:31:35.0187 2504 KtmRm - ok
15:31:35.0192 2504 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:31:35.0220 2504 LanmanServer - ok
15:31:35.0223 2504 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:31:35.0251 2504 LanmanWorkstation - ok
15:31:35.0255 2504 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:31:35.0280 2504 lltdio - ok
15:31:35.0285 2504 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:31:35.0313 2504 lltdsvc - ok
15:31:35.0316 2504 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:31:35.0341 2504 lmhosts - ok
15:31:35.0346 2504 [ 5C08357C65F658E29B5DDC2EF18D575C ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:31:35.0354 2504 LMS - ok
15:31:35.0358 2504 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:31:35.0366 2504 LSI_FC - ok
15:31:35.0369 2504 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:31:35.0376 2504 LSI_SAS - ok
15:31:35.0379 2504 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:31:35.0386 2504 LSI_SAS2 - ok
15:31:35.0390 2504 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:31:35.0398 2504 LSI_SCSI - ok
15:31:35.0401 2504 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:31:35.0426 2504 luafv - ok
15:31:35.0430 2504 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:31:35.0441 2504 Mcx2Svc - ok
15:31:35.0444 2504 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:31:35.0450 2504 megasas - ok
15:31:35.0455 2504 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:31:35.0465 2504 MegaSR - ok
15:31:35.0468 2504 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:31:35.0474 2504 MEIx64 - ok
15:31:35.0476 2504 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:31:35.0503 2504 MMCSS - ok
15:31:35.0506 2504 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:31:35.0531 2504 Modem - ok
15:31:35.0533 2504 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:31:35.0544 2504 monitor - ok
15:31:35.0547 2504 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:31:35.0553 2504 mouclass - ok
15:31:35.0555 2504 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:31:35.0564 2504 mouhid - ok
15:31:35.0568 2504 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:31:35.0575 2504 mountmgr - ok
15:31:35.0578 2504 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:31:35.0587 2504 MozillaMaintenance - ok
15:31:35.0591 2504 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:31:35.0600 2504 mpio - ok
15:31:35.0603 2504 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:31:35.0628 2504 mpsdrv - ok
15:31:35.0638 2504 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:31:35.0673 2504 MpsSvc - ok
15:31:35.0677 2504 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:31:35.0690 2504 MRxDAV - ok
15:31:35.0694 2504 [ CFDCD8CA87C2A657DEBC150AC35B5E08 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:35.0719 2504 mrxsmb - ok
15:31:35.0724 2504 [ 1BEE517B220B7F024F411AEC1571DD5A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:35.0751 2504 mrxsmb10 - ok
15:31:35.0754 2504 [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:35.0779 2504 mrxsmb20 - ok
15:31:35.0782 2504 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:31:35.0788 2504 msahci - ok
15:31:35.0792 2504 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:31:35.0800 2504 msdsm - ok
15:31:35.0804 2504 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:31:35.0815 2504 MSDTC - ok
15:31:35.0820 2504 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:31:35.0844 2504 Msfs - ok
15:31:35.0847 2504 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:31:35.0871 2504 mshidkmdf - ok
15:31:35.0873 2504 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:31:35.0880 2504 msisadrv - ok
15:31:35.0883 2504 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:31:35.0910 2504 MSiSCSI - ok
15:31:35.0913 2504 msiserver - ok
15:31:35.0915 2504 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:31:35.0939 2504 MSKSSRV - ok
15:31:35.0942 2504 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:35.0966 2504 MSPCLOCK - ok
15:31:35.0969 2504 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:31:35.0993 2504 MSPQM - ok
15:31:35.0998 2504 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:31:36.0008 2504 MsRPC - ok
15:31:36.0012 2504 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:31:36.0018 2504 mssmbios - ok
15:31:36.0021 2504 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:31:36.0046 2504 MSTEE - ok
15:31:36.0048 2504 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:31:36.0057 2504 MTConfig - ok
15:31:36.0060 2504 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:31:36.0067 2504 Mup - ok
15:31:36.0072 2504 [ 4D02A9A4AAE43280D8631F232AAD79BC ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:31:36.0081 2504 MyWiFiDHCPDNS - ok
15:31:36.0087 2504 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
15:31:36.0118 2504 napagent - ok
15:31:36.0123 2504 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:31:36.0138 2504 NativeWifiP - ok
15:31:36.0148 2504 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:31:36.0167 2504 NDIS - ok
15:31:36.0170 2504 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:31:36.0195 2504 NdisCap - ok
15:31:36.0197 2504 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:36.0221 2504 NdisTapi - ok
15:31:36.0223 2504 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:36.0248 2504 Ndisuio - ok
15:31:36.0251 2504 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:36.0277 2504 NdisWan - ok
15:31:36.0280 2504 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:31:36.0304 2504 NDProxy - ok
15:31:36.0307 2504 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:31:36.0331 2504 NetBIOS - ok
15:31:36.0335 2504 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:31:36.0363 2504 NetBT - ok
15:31:36.0365 2504 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
15:31:36.0375 2504 Netlogon - ok
15:31:36.0381 2504 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:31:36.0410 2504 Netman - ok
15:31:36.0413 2504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:36.0421 2504 NetMsmqActivator - ok
15:31:36.0423 2504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:36.0430 2504 NetPipeActivator - ok
15:31:36.0436 2504 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:31:36.0467 2504 netprofm - ok
15:31:36.0477 2504 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
15:31:36.0497 2504 netr28ux - ok
15:31:36.0500 2504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:36.0506 2504 NetTcpActivator - ok
15:31:36.0508 2504 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:31:36.0515 2504 NetTcpPortSharing - ok
15:31:36.0597 2504 [ 262225F08B891FD7F16B3B93A3177C1F ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
15:31:36.0717 2504 NETwNs64 - ok
15:31:36.0722 2504 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:31:36.0728 2504 nfrd960 - ok
15:31:36.0734 2504 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:31:36.0762 2504 NlaSvc - ok
15:31:36.0765 2504 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:31:36.0790 2504 Npfs - ok
15:31:36.0792 2504 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:31:36.0819 2504 nsi - ok
15:31:36.0821 2504 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:31:36.0846 2504 nsiproxy - ok
15:31:36.0861 2504 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:31:36.0889 2504 Ntfs - ok
15:31:36.0891 2504 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:31:36.0916 2504 Null - ok
15:31:36.0920 2504 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
15:31:36.0928 2504 nvraid - ok
15:31:36.0931 2504 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
15:31:36.0939 2504 nvstor - ok
15:31:36.0942 2504 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:31:36.0950 2504 nv_agp - ok
15:31:36.0953 2504 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:31:36.0962 2504 ohci1394 - ok
15:31:36.0966 2504 [ A2FF28F46E52911D4B7A32EBA5AE64BB ] OpenVPNService C:\Program Files (x86)\FH-Aachen OpenVPN\bin\openvpnserv.exe
15:31:36.0970 2504 OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
15:31:36.0970 2504 OpenVPNService - detected UnsignedFile.Multi.Generic (1)
15:31:36.0974 2504 [ B9C125314A025127FE562C116D614AA3 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:31:36.0983 2504 ose64 - ok
15:31:37.0021 2504 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:31:37.0091 2504 osppsvc - ok
15:31:37.0099 2504 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:31:37.0111 2504 p2pimsvc - ok
15:31:37.0117 2504 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:31:37.0131 2504 p2psvc - ok
15:31:37.0134 2504 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:31:37.0143 2504 Parport - ok
15:31:37.0146 2504 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:31:37.0152 2504 partmgr - ok
15:31:37.0156 2504 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:31:37.0171 2504 PcaSvc - ok
15:31:37.0175 2504 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
15:31:37.0183 2504 pci - ok
15:31:37.0185 2504 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:31:37.0191 2504 pciide - ok
15:31:37.0195 2504 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:31:37.0204 2504 pcmcia - ok
15:31:37.0207 2504 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:31:37.0214 2504 pcw - ok
15:31:37.0221 2504 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:31:37.0252 2504 PEAUTH - ok
15:31:37.0264 2504 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:31:37.0288 2504 PeerDistSvc - ok
15:31:37.0298 2504 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:31:37.0310 2504 PerfHost - ok
15:31:37.0326 2504 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
15:31:37.0367 2504 pla - ok
15:31:37.0373 2504 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:31:37.0403 2504 PlugPlay - ok
15:31:37.0406 2504 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:31:37.0416 2504 PNRPAutoReg - ok
15:31:37.0420 2504 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:31:37.0432 2504 PNRPsvc - ok
15:31:37.0439 2504 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:31:37.0469 2504 PolicyAgent - ok
15:31:37.0474 2504 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:31:37.0502 2504 Power - ok
15:31:37.0506 2504 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:31:37.0531 2504 PptpMiniport - ok
15:31:37.0534 2504 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:31:37.0543 2504 Processor - ok
15:31:37.0548 2504 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
15:31:37.0576 2504 ProfSvc - ok
15:31:37.0578 2504 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
15:31:37.0588 2504 ProtectedStorage - ok
15:31:37.0592 2504 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:31:37.0617 2504 Psched - ok
15:31:37.0632 2504 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:31:37.0658 2504 ql2300 - ok
15:31:37.0661 2504 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:31:37.0669 2504 ql40xx - ok
15:31:37.0674 2504 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:31:37.0689 2504 QWAVE - ok
15:31:37.0692 2504 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:31:37.0705 2504 QWAVEdrv - ok
15:31:37.0707 2504 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:31:37.0731 2504 RasAcd - ok
15:31:37.0734 2504 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:31:37.0758 2504 RasAgileVpn - ok
15:31:37.0761 2504 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:31:37.0788 2504 RasAuto - ok
15:31:37.0791 2504 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:31:37.0816 2504 Rasl2tp - ok
15:31:37.0822 2504 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
15:31:37.0852 2504 RasMan - ok
15:31:37.0855 2504 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:31:37.0880 2504 RasPppoe - ok
15:31:37.0883 2504 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:31:37.0909 2504 RasSstp - ok
15:31:37.0914 2504 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:31:37.0941 2504 rdbss - ok
15:31:37.0944 2504 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:31:37.0955 2504 rdpbus - ok
15:31:37.0958 2504 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:31:37.0982 2504 RDPCDD - ok
15:31:37.0987 2504 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:31:37.0997 2504 RDPDR - ok
15:31:38.0000 2504 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:31:38.0024 2504 RDPENCDD - ok
15:31:38.0027 2504 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:31:38.0051 2504 RDPREFMP - ok
15:31:38.0055 2504 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:31:38.0083 2504 RDPWD - ok
15:31:38.0087 2504 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:31:38.0096 2504 rdyboost - ok
15:31:38.0100 2504 [ C480D028012881E0136962A49379688D ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:31:38.0107 2504 RegSrvc - ok
15:31:38.0110 2504 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:31:38.0136 2504 RemoteAccess - ok
15:31:38.0140 2504 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:31:38.0168 2504 RemoteRegistry - ok
15:31:38.0172 2504 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:31:38.0184 2504 RFCOMM - ok
15:31:38.0187 2504 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:31:38.0215 2504 RpcEptMapper - ok
15:31:38.0217 2504 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:31:38.0227 2504 RpcLocator - ok
15:31:38.0234 2504 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
15:31:38.0264 2504 RpcSs - ok
15:31:38.0267 2504 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:31:38.0292 2504 rspndr - ok
15:31:38.0301 2504 [ C5CD940EFFADE1F6246730BCA14E9FE6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:31:38.0314 2504 RTL8167 - ok
15:31:38.0317 2504 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
15:31:38.0325 2504 s3cap - ok
15:31:38.0328 2504 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
15:31:38.0337 2504 SamSs - ok
15:31:38.0341 2504 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP3\WNt500x64\Sandra.sys
15:31:38.0347 2504 SANDRA - ok
15:31:38.0349 2504 [ B00311766F85D9E988C8630158D0904B ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP3\RpcAgentSrv.exe
15:31:38.0354 2504 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
15:31:38.0354 2504 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
15:31:38.0357 2504 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:31:38.0365 2504 sbp2port - ok
15:31:38.0369 2504 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:31:38.0396 2504 SCardSvr - ok
15:31:38.0399 2504 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:31:38.0423 2504 scfilter - ok
15:31:38.0434 2504 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
15:31:38.0472 2504 Schedule - ok
15:31:38.0475 2504 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:31:38.0500 2504 SCPolicySvc - ok
15:31:38.0504 2504 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:31:38.0515 2504 SDRSVC - ok
15:31:38.0518 2504 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:31:38.0542 2504 secdrv - ok
15:31:38.0544 2504 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
15:31:38.0570 2504 seclogon - ok
15:31:38.0573 2504 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:31:38.0600 2504 SENS - ok
15:31:38.0602 2504 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:31:38.0613 2504 SensrSvc - ok
15:31:38.0615 2504 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:31:38.0623 2504 Serenum - ok
15:31:38.0626 2504 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:31:38.0636 2504 Serial - ok
15:31:38.0638 2504 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:31:38.0647 2504 sermouse - ok
15:31:38.0653 2504 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
15:31:38.0681 2504 SessionEnv - ok
15:31:38.0683 2504 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:31:38.0694 2504 sffdisk - ok
15:31:38.0696 2504 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:31:38.0707 2504 sffp_mmc - ok
15:31:38.0710 2504 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:31:38.0721 2504 sffp_sd - ok
15:31:38.0723 2504 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:31:38.0732 2504 sfloppy - ok
15:31:38.0737 2504 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:31:38.0766 2504 SharedAccess - ok
15:31:38.0772 2504 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:31:38.0789 2504 ShellHWDetection - ok
15:31:38.0792 2504 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:31:38.0799 2504 SiSRaid2 - ok
15:31:38.0801 2504 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:31:38.0809 2504 SiSRaid4 - ok
15:31:38.0812 2504 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:31:38.0838 2504 Smb - ok
15:31:38.0843 2504 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:31:38.0854 2504 SNMPTRAP - ok
15:31:38.0856 2504 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:31:38.0862 2504 spldr - ok
15:31:38.0869 2504 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
15:31:38.0885 2504 Spooler - ok
15:31:38.0913 2504 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
15:31:38.0958 2504 sppsvc - ok
15:31:38.0962 2504 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:31:38.0988 2504 sppuinotify - ok
15:31:38.0994 2504 [ EC8F67289105BF270498095F14963464 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:31:39.0021 2504 srv - ok
15:31:39.0027 2504 [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:31:39.0055 2504 srv2 - ok
15:31:39.0059 2504 [ 26E84D3649019C3244622E654DFCD75B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:31:39.0085 2504 srvnet - ok
15:31:39.0089 2504 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:31:39.0117 2504 SSDPSRV - ok
15:31:39.0120 2504 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:31:39.0146 2504 SstpSvc - ok
15:31:39.0149 2504 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:31:39.0155 2504 stexstor - ok
15:31:39.0162 2504 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
15:31:39.0181 2504 stisvc - ok
15:31:39.0184 2504 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:31:39.0190 2504 storflt - ok
15:31:39.0193 2504 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
15:31:39.0199 2504 storvsc - ok
15:31:39.0201 2504 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:31:39.0207 2504 swenum - ok
15:31:39.0214 2504 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:31:39.0245 2504 swprv - ok
15:31:39.0260 2504 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
15:31:39.0293 2504 SysMain - ok
15:31:39.0296 2504 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:31:39.0311 2504 TabletInputService - ok
15:31:39.0314 2504 [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
15:31:39.0321 2504 tap0901 - ok
15:31:39.0327 2504 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
15:31:39.0356 2504 TapiSrv - ok
15:31:39.0359 2504 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:31:39.0385 2504 TBS - ok
15:31:39.0402 2504 [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:31:39.0433 2504 Tcpip - ok
15:31:39.0449 2504 [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:31:39.0475 2504 TCPIP6 - ok
15:31:39.0478 2504 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:31:39.0503 2504 tcpipreg - ok
15:31:39.0506 2504 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:31:39.0531 2504 TDPIPE - ok
15:31:39.0533 2504 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:31:39.0558 2504 TDTCP - ok
15:31:39.0561 2504 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:31:39.0587 2504 tdx - ok
15:31:39.0615 2504 [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
15:31:39.0658 2504 TeamViewer8 - ok
15:31:39.0661 2504 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:31:39.0668 2504 TermDD - ok
15:31:39.0677 2504 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
15:31:39.0710 2504 TermService - ok
15:31:39.0713 2504 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:31:39.0727 2504 Themes - ok
15:31:39.0729 2504 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:31:39.0754 2504 THREADORDER - ok
15:31:39.0757 2504 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:31:39.0785 2504 TrkWks - ok
15:31:39.0789 2504 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:31:39.0799 2504 TrustedInstaller - ok
15:31:39.0803 2504 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:31:39.0828 2504 tssecsrv - ok
15:31:39.0831 2504 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:31:39.0858 2504 tunnel - ok
15:31:39.0860 2504 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
15:31:39.0866 2504 TurboB - ok
15:31:39.0870 2504 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:31:39.0876 2504 TurboBoost - ok
15:31:39.0879 2504 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:31:39.0886 2504 uagp35 - ok
15:31:39.0891 2504 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:31:39.0919 2504 udfs - ok
15:31:39.0924 2504 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:31:39.0936 2504 UI0Detect - ok
15:31:39.0939 2504 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:31:39.0946 2504 uliagpkx - ok
15:31:39.0948 2504 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:31:39.0958 2504 umbus - ok
15:31:39.0960 2504 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:31:39.0970 2504 UmPass - ok
15:31:39.0974 2504 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
15:31:39.0986 2504 UmRdpService - ok
15:31:39.0992 2504 [ 0DFC9713D117B349E41A2A477448107A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:31:40.0002 2504 UNS - ok
15:31:40.0008 2504 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:31:40.0038 2504 upnphost - ok
15:31:40.0041 2504 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:31:40.0051 2504 usbccgp - ok
15:31:40.0054 2504 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:31:40.0066 2504 usbcir - ok
15:31:40.0068 2504 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:31:40.0078 2504 usbehci - ok
15:31:40.0083 2504 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:31:40.0096 2504 usbhub - ok
15:31:40.0099 2504 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:31:40.0108 2504 usbohci - ok
15:31:40.0110 2504 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:31:40.0122 2504 usbprint - ok
15:31:40.0125 2504 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:31:40.0134 2504 USBSTOR - ok
15:31:40.0137 2504 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:31:40.0146 2504 usbuhci - ok
15:31:40.0150 2504 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:31:40.0162 2504 usbvideo - ok
15:31:40.0165 2504 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:31:40.0191 2504 UxSms - ok
15:31:40.0193 2504 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
15:31:40.0203 2504 VaultSvc - ok
15:31:40.0206 2504 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:31:40.0213 2504 vdrvroot - ok
15:31:40.0219 2504 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
15:31:40.0235 2504 vds - ok
15:31:40.0238 2504 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:31:40.0249 2504 vga - ok
15:31:40.0252 2504 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:31:40.0277 2504 VgaSave - ok
15:31:40.0281 2504 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:31:40.0290 2504 vhdmp - ok
15:31:40.0292 2504 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:31:40.0299 2504 viaide - ok
15:31:40.0303 2504 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
15:31:40.0312 2504 vmbus - ok
15:31:40.0314 2504 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
15:31:40.0323 2504 VMBusHID - ok
15:31:40.0327 2504 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:31:40.0334 2504 volmgr - ok
15:31:40.0339 2504 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:31:40.0349 2504 volmgrx - ok
15:31:40.0354 2504 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:31:40.0365 2504 volsnap - ok
15:31:40.0368 2504 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:31:40.0376 2504 vsmraid - ok
15:31:40.0391 2504 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
15:31:40.0419 2504 VSS - ok
15:31:40.0422 2504 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:31:40.0433 2504 vwifibus - ok
15:31:40.0436 2504 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:31:40.0448 2504 vwififlt - ok
15:31:40.0450 2504 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:31:40.0461 2504 vwifimp - ok
15:31:40.0467 2504 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:31:40.0497 2504 W32Time - ok
15:31:40.0501 2504 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:31:40.0510 2504 WacomPen - ok
15:31:40.0513 2504 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:31:40.0538 2504 WANARP - ok
15:31:40.0541 2504 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:31:40.0565 2504 Wanarpv6 - ok
15:31:40.0579 2504 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
15:31:40.0605 2504 wbengine - ok
15:31:40.0609 2504 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:31:40.0625 2504 WbioSrvc - ok
15:31:40.0631 2504 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:31:40.0649 2504 wcncsvc - ok
15:31:40.0651 2504 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:31:40.0662 2504 WcsPlugInService - ok
15:31:40.0665 2504 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:31:40.0672 2504 Wd - ok
15:31:40.0679 2504 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:31:40.0694 2504 Wdf01000 - ok
15:31:40.0697 2504 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:31:40.0712 2504 WdiServiceHost - ok
15:31:40.0714 2504 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:31:40.0729 2504 WdiSystemHost - ok
15:31:40.0733 2504 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
15:31:40.0749 2504 WebClient - ok
15:31:40.0754 2504 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:31:40.0783 2504 Wecsvc - ok
15:31:40.0786 2504 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:31:40.0813 2504 wercplsupport - ok
15:31:40.0817 2504 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:31:40.0844 2504 WerSvc - ok
15:31:40.0847 2504 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:31:40.0871 2504 WfpLwf - ok
15:31:40.0874 2504 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:31:40.0880 2504 WIMMount - ok
15:31:40.0882 2504 WinDefend - ok
15:31:40.0886 2504 WinHttpAutoProxySvc - ok
15:31:40.0894 2504 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:31:40.0920 2504 Winmgmt - ok
15:31:40.0938 2504 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
15:31:40.0987 2504 WinRM - ok
15:31:40.0992 2504 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:31:41.0003 2504 WinUsb - ok
15:31:41.0014 2504 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:31:41.0036 2504 Wlansvc - ok
15:31:41.0039 2504 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:31:41.0048 2504 WmiAcpi - ok
15:31:41.0053 2504 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:31:41.0064 2504 wmiApSrv - ok
15:31:41.0067 2504 WMPNetworkSvc - ok
15:31:41.0070 2504 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:31:41.0080 2504 WPCSvc - ok
15:31:41.0083 2504 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:31:41.0096 2504 WPDBusEnum - ok
15:31:41.0099 2504 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:31:41.0124 2504 ws2ifsl - ok
15:31:41.0127 2504 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:31:41.0142 2504 wscsvc - ok
15:31:41.0144 2504 WSearch - ok
15:31:41.0166 2504 [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv C:\Windows\system32\wuaueng.dll
15:31:41.0217 2504 wuauserv - ok
15:31:41.0221 2504 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:31:41.0246 2504 WudfPf - ok
15:31:41.0249 2504 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:31:41.0276 2504 WUDFRd - ok
15:31:41.0279 2504 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:31:41.0307 2504 wudfsvc - ok
15:31:41.0312 2504 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:31:41.0328 2504 WwanSvc - ok
15:31:41.0352 2504 [ 118C018DF1C53B94F8C06D2CABBBDA52 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:31:41.0390 2504 ZeroConfigService - ok
15:31:41.0399 2504 ================ Scan global ===============================
15:31:41.0401 2504 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:31:41.0406 2504 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
15:31:41.0413 2504 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
15:31:41.0418 2504 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:31:41.0424 2504 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:31:41.0428 2504 [Global] - ok
15:31:41.0429 2504 ================ Scan MBR ==================================
15:31:41.0430 2504 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:31:41.0506 2504 \Device\Harddisk0\DR0 - ok
15:31:41.0506 2504 ================ Scan VBR ==================================
15:31:41.0508 2504 [ 175FE97A0E25D6719FEDF43103783AF9 ] \Device\Harddisk0\DR0\Partition1
15:31:41.0509 2504 \Device\Harddisk0\DR0\Partition1 - ok
15:31:41.0509 2504 ============================================================
15:31:41.0509 2504 Scan finished
15:31:41.0509 2504 ============================================================
15:31:41.0514 3884 Detected object count: 2
15:31:41.0514 3884 Actual detected object count: 2
15:31:53.0439 3884 OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
15:31:53.0439 3884 OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:31:53.0440 3884 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:31:53.0440 3884 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:32:31.0396 5416 Deinitialize success
|
|
13.05.2013, 14:39
| #6 |
| /// Malware-holic | GVU Win7 64 Bit Hi, Scan mit Combofix
__________________ --> GVU Win7 64 Bit |
|
13.05.2013, 17:57
| #7 |
| | GVU Win7 64 BitCode:
ATTFilter ComboFix 13-05-12.01 - Patrick 13.05.2013 18:45:21.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.8094.6031 [GMT 2:00]
ausgeführt von:: c:\users\Patrick\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-04-13 bis 2013-05-13 ))))))))))))))))))))))))))))))
.
.
2013-05-13 16:48 . 2013-05-13 16:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-13 11:57 . 2013-05-13 12:04 -------- d-----w- C:\_OTL
2013-05-13 10:54 . 2013-05-13 10:58 -------- d-----w- C:\sata
2013-05-08 03:38 . 2013-05-08 03:38 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{06193A66-B976-4018-9CA0-C24C2B27AE86}\offreg.dll
2013-04-30 13:26 . 2013-04-30 13:26 -------- d-----w- c:\program files (x86)\FH-Aachen OpenVPN
2013-04-25 09:23 . 2013-04-25 09:23 -------- d--h--w- c:\programdata\CanonBJ
2013-04-25 09:23 . 2009-07-14 01:40 84992 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL
2013-04-21 20:21 . 2013-04-21 20:21 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-04-21 19:29 . 2013-04-21 19:29 -------- d-----w- c:\program files (x86)\Stellar Phoenix Word Recovery
2013-04-21 19:25 . 2013-04-21 19:25 -------- d-----w- C:\TokensBackup
2013-04-21 19:13 . 2013-04-21 19:13 -------- d-----w- c:\program files (x86)\Remo Repair Word 2.0
2013-04-21 19:01 . 2013-04-21 19:01 -------- d-----w- c:\program files (x86)\TeamViewer
2013-04-16 20:49 . 2013-04-16 20:49 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2013-04-16 10:14 . 2013-04-16 10:14 -------- d-----w- c:\programdata\Blizzard Entertainment
2013-04-16 10:13 . 2013-04-16 10:13 -------- d-----w- c:\programdata\ATI
2013-04-16 10:12 . 2013-04-16 10:12 0 ----a-w- c:\windows\ativpsrm.bin
2013-04-16 10:12 . 2013-04-16 10:12 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-04-16 10:12 . 2013-04-16 10:12 -------- d-----w- c:\program files (x86)\AMD AVT
2013-04-16 10:12 . 2013-04-16 10:12 -------- d-----w- c:\program files (x86)\AMD APP
2013-04-16 10:12 . 2013-04-16 10:12 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-04-16 10:11 . 2013-04-16 10:12 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-04-16 10:11 . 2013-04-16 10:11 -------- d-----w- c:\program files\ATI
2013-04-16 10:11 . 2013-04-16 10:12 -------- d-----w- c:\program files\ATI Technologies
2013-04-16 08:40 . 2013-04-16 08:41 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2013-04-16 08:37 . 2012-05-17 09:46 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2013-04-16 08:34 . 2012-11-19 10:10 652344 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2013-04-16 08:34 . 2012-11-19 10:10 28216 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2013-04-16 08:22 . 2012-02-01 14:16 568600 ----a-w- c:\windows\system32\drivers\iaStor.sys
2013-04-16 08:18 . 2013-04-16 08:18 -------- d-----w- c:\program files (x86)\Common Files\Intel
2013-04-16 08:17 . 2011-12-06 03:23 331264 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2013-04-16 08:17 . 2011-12-06 03:22 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2013-04-15 22:22 . 2013-04-15 22:22 -------- d--h--w- c:\windows\system32\WLANProfiles
2013-04-15 22:22 . 2013-04-15 22:22 -------- d-----w- c:\users\Public\Roaming
2013-04-15 22:22 . 2013-04-15 22:22 -------- d-----w- c:\users\Default\Roaming
2013-04-15 22:21 . 2013-04-16 08:18 -------- d-----w- c:\program files\Common Files\Intel
2013-04-15 22:21 . 2013-04-15 22:21 -------- d-----w- c:\program files (x86)\Cisco
2013-04-15 22:11 . 2013-04-15 22:11 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-04-15 22:11 . 2013-04-15 22:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-04-15 22:11 . 2013-04-15 22:11 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-15 22:11 . 2013-04-15 22:11 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-15 22:11 . 2013-04-15 22:11 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-15 22:11 . 2013-04-15 22:11 -------- d-----w- c:\program files (x86)\Java
2013-04-15 21:58 . 2009-11-25 19:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2013-04-15 21:58 . 2009-11-25 19:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2013-04-15 21:58 . 2009-11-25 19:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2013-04-15 21:58 . 2009-11-25 19:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2013-04-15 21:58 . 2009-11-25 19:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2013-04-15 21:58 . 2009-11-25 19:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2013-04-15 21:58 . 2009-11-25 19:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-04-15 21:58 . 2009-11-25 19:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2013-04-15 21:58 . 2009-11-25 19:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2013-04-15 21:58 . 2009-11-25 19:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2013-04-15 21:56 . 2008-05-30 12:11 4991496 ----a-w- c:\windows\system32\D3DX9_38.dll
2013-04-15 21:54 . 2012-03-09 18:41 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-04-15 21:54 . 2012-03-09 18:41 685160 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-04-15 21:54 . 2012-03-09 18:41 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-04-15 21:54 . 2013-04-15 21:54 -------- d-----w- c:\program files (x86)\Realtek
2013-04-15 21:51 . 2013-04-15 21:51 -------- d-----w- c:\program files\SiSoftware
2013-04-15 21:42 . 2013-04-15 21:42 -------- d-----w- c:\program files\Common Files\DESIGNER
2013-04-15 21:42 . 2013-04-15 21:42 -------- d-----w- c:\program files\Microsoft.NET
2013-04-15 21:42 . 2013-04-15 21:42 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2013-04-15 21:42 . 2013-04-15 21:42 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2013-04-15 21:42 . 2013-04-15 21:42 -------- d-----w- c:\program files\Microsoft SQL Server
2013-04-15 21:42 . 2013-04-15 21:42 -------- d-----w- c:\windows\PCHEALTH
2013-04-15 21:39 . 2013-04-15 21:39 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-04-15 21:39 . 2013-04-15 21:39 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-04-15 21:39 . 2013-04-15 21:42 -------- d-----w- c:\program files\Microsoft Office
2013-04-15 21:39 . 2013-04-15 21:43 -------- d-----w- c:\programdata\Microsoft Help
2013-04-15 21:39 . 2013-04-15 21:39 -------- d-----r- C:\MSOCache
2013-04-15 21:37 . 2012-01-21 01:23 15128 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2013-04-15 21:37 . 2013-04-16 10:13 -------- d-----w- c:\programdata\Intel
2013-04-15 21:36 . 2013-04-15 21:36 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2013-04-15 21:36 . 2011-11-10 15:04 60184 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2013-04-15 21:34 . 2013-04-15 21:36 -------- d-----w- C:\Vorformat
2013-04-15 21:33 . 2013-04-15 22:22 -------- d-----w- c:\program files\Intel
2013-04-15 21:33 . 2013-04-16 08:22 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2013-04-15 21:31 . 2013-04-15 21:31 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-15 21:31 . 2013-04-15 21:31 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-15 21:31 . 2013-04-15 21:31 -------- d-----w- c:\windows\SysWow64\Macromed
2013-04-15 21:31 . 2013-04-15 21:31 -------- d-----w- c:\windows\system32\Macromed
2013-04-15 21:28 . 2013-04-15 21:51 -------- d-----w- C:\temp
2013-04-15 21:20 . 2013-03-06 22:33 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-04-15 21:20 . 2013-03-06 22:33 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-04-15 21:20 . 2013-03-06 22:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-04-15 21:20 . 2013-03-06 22:33 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-04-15 21:20 . 2013-03-06 22:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-04-15 21:20 . 2013-03-06 22:33 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-04-15 21:20 . 2013-03-06 22:33 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-04-15 21:20 . 2013-03-06 22:33 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-04-15 21:20 . 2013-03-06 22:32 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-15 21:20 . 2013-03-06 22:32 41664 ----a-w- c:\windows\avastSS.scr
2013-04-15 21:20 . 2013-04-15 21:20 -------- d-----w- c:\program files\AVAST Software
2013-04-15 21:19 . 2013-04-15 21:20 -------- d-----w- c:\programdata\AVAST Software
2013-04-15 21:10 . 2013-03-19 03:50 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{06193A66-B976-4018-9CA0-C24C2B27AE86}\mpengine.dll
2013-04-15 20:59 . 2013-04-15 20:59 -------- d-----w- c:\program files\Dell
2013-04-15 20:58 . 2013-04-15 20:58 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-04-15 20:55 . 2013-04-15 20:55 -------- d-----w- c:\program files\WinRAR
2013-04-15 20:54 . 2013-04-15 20:54 -------- d-----w- C:\Intel
2013-04-15 20:53 . 2013-04-15 20:53 -------- d-----w- c:\program files\Elantech
2013-04-15 20:53 . 2013-01-09 14:49 211280 ----a-w- c:\windows\system32\drivers\ETD.sys
2013-04-15 20:53 . 2013-04-16 10:12 -------- d-----w- c:\program files (x86)\Intel
2013-04-15 20:53 . 2012-12-04 15:50 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2013-04-15 20:53 . 2012-12-04 15:51 791608 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2013-04-15 20:53 . 2012-12-04 15:51 20024 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2013-04-15 20:53 . 2012-12-04 15:51 358456 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2013-04-15 20:53 . 2009-07-14 23:51 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-04-15 20:53 . 2013-04-15 21:40 -------- d-----w- c:\programdata\Dell
2013-04-15 20:52 . 2013-04-15 21:29 -------- d-----w- C:\Dell Driver
2013-04-15 20:46 . 2013-04-15 19:49 -------- d-----w- c:\windows\Panther
2013-04-15 20:46 . 2013-04-15 20:46 -------- d-----w- C:\Boot
2013-04-15 20:32 . 2013-04-21 20:21 -------- d-sh--w- c:\windows\Installer
2013-04-15 20:32 . 2013-04-15 20:32 -------- d-----w- C:\Dell
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 130736 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Patrick\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-12-21 291280]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-11-30 56128]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-26 636032]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
.
c:\users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-4-10 27151288]
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 aswVmm;aswVmm; [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-03-29 273168]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP3\RpcAgentSrv.exe [2009-03-27 71832]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-03-19 32896]
S0 aswRvrt;aswRvrt; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-11-19 652344]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-11-19 28216]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-12-04 20024]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-25 235520]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-19 14904]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-01-10 627936]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-01-21 161560]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-21 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-03-29 2669840]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 ETD;Dell Touchpad;c:\windows\system32\DRIVERS\ETD.sys [2013-01-09 211280]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2012-03-19 14745600]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-12-04 358456]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-12-04 791608]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-03-09 685160]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 20484541
*Deregistered* - 20484541
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-15 21:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2013-01-09 2774864]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.10.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\cezli77n.default\
FF - ExtSQL: 2013-04-15 23:20; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AmazonMP3DownloaderHelper - c:\users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-13 18:49:58
ComboFix-quarantined-files.txt 2013-05-13 16:49
.
Vor Suchlauf: 15 Verzeichnis(se), 165.725.724.672 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 165.232.914.432 Bytes frei
.
- - End Of File - - 421DD02EE71BFC6E98F637C05E920930
|
|
13.05.2013, 18:04
| #8 |
| /// Malware-holic | GVU Win7 64 Bit Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.05.2013, 19:09
| #9 |
| | GVU Win7 64 BitCode:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.13.06 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 Patrick :: PATRICK-PC [Administrator] Schutz: Aktiviert 13.05.2013 19:53:52 mbam-log-2013-05-13 (19-53-52).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 318056 Laufzeit: 11 Minute(n), 27 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\_OTL\MovedFiles.zip (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\_OTL\MovedFiles\05132013_135723\C_Users\Patrick\AppData\Roaming\skype.dat (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
13.05.2013, 19:10
| #10 |
| /// Malware-holic | GVU Win7 64 Bit Hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.05.2013, 19:24
| #11 |
| | GVU Win7 64 Bit Adobe Flash Player 11 Plugin Adobe Systems Incorporated 15.04.2013 6,00 MB 11.7.700.169 Adobe Reader XI (11.0.02) - Deutsch Adobe Systems Incorporated 21.04.2013 133 MB 11.0.02 Akamai NetSession Interface Akamai Technologies, Inc 15.04.2013 unbekannt Amazon MP3-Downloader 1.0.18 Amazon Services LLC 09.05.2013 1.0.18 AMD Catalyst Install Manager Advanced Micro Devices, Inc. 16.04.2013 26,2 MB 3.0.868.0 avast! Free Antivirus AVAST Software 15.04.2013 8.0.1483.0 Bing Bar Microsoft Corporation 17.04.2013 464 KB 7.1.391.0 unnötig CCleaner Piriform 23.04.2013 4.01 Dell Touchpad ELAN Microelectronic Corp. 15.04.2013 11.3.5.4 Dropbox Dropbox, Inc. 16.04.2013 2.0.6 FH-Aachen OpenVPN 2.2.0 30.04.2013 2.2.0 Intel(R) Control Center Intel Corporation 16.04.2013 1.2.1.1007 Intel(R) Display Audio Driver Intel Corporation 16.04.2013 6.14.00.3090 Intel(R) Management Engine Components Intel Corporation 15.04.2013 8.0.1.1399 Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel Corporation 16.04.2013 5,30 MB 15.1.0.0096 Intel(R) Rapid Storage Technology Intel Corporation 16.04.2013 11.7.0.1013 Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 15.04.2013 1.0.7.248 Intel® PROSet/Wireless WiFi-Software Intel Corporation 16.04.2013 181 MB 15.01.1000.0927 Intel® Trusted Connect Service Client Intel Corporation 15.04.2013 10,6 MB 1.23.219.2 Java 7 Update 17 Oracle 16.04.2013 129 MB 7.0.170 Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 13.05.2013 19,2 MB 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 16.04.2013 38,8 MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 16.04.2013 2,93 MB 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 16.04.2013 51,9 MB 4.0.30319 Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 16.04.2013 10,6 MB 4.0.30319 Microsoft Office Professional Plus 2013 Microsoft Corporation 15.04.2013 15.0.4420.1017 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 15.04.2013 708 KB 8.0.56336 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 16.04.2013 788 KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 16.04.2013 240 KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.04.2013 600 KB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 15.04.2013 13,6 MB 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 15.04.2013 11,0 MB 10.0.30319 Mozilla Firefox 20.0.1 (x86 de) Mozilla 15.04.2013 44,7 MB 20.0.1 Mozilla Maintenance Service Mozilla 15.04.2013 217 KB 20.0.1 unbekannt Quickset64 Dell Inc. 15.04.2013 10,7 MB 10.15.017 Realtek Ethernet Controller All-In-One Windows Driver Realtek 15.04.2013 7.54.309.2012 Remo Repair Word Remo Software 21.04.2013 19,9 MB 2.0.0.24 unbekannt SiSoftware Sandra Lite 2013.SP3 SiSoftware 15.04.2013 98,6 MB 19.40.2013.5 Skype™ 6.3 Skype Technologies S.A. 13.05.2013 20,9 MB 6.3.107 Stellar Phoenix Word Recovery Stellar Information Systems Ltd. 21.04.2013 11,9 MB 4.1.0.0 unnötig System Requirements Lab for Intel Husdawg, LLC 16.04.2013 1,02 MB 4.5.13.0 TeamSpeak 3 Client TeamSpeak Systems GmbH 16.04.2013 3.0.10 TeamViewer 8 TeamViewer 21.04.2013 8.0.17396 WinRAR 4.20 (64-Bit) win.rar GmbH 15.04.2013 4.20.0 Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 Intel 15.04.2013 13,2 MB 2.1.23.0 rest ist wohl nötig |
|
13.05.2013, 19:34
| #12 |
| /// Malware-holic | GVU Win7 64 Bit welcher "rest" da ist nich mal die Hälfte beschriftet :-(
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.05.2013, 19:40
| #13 |
| | GVU Win7 64 Bit Hupsala Da ist wohl was schief gegangenAdobe Flash Player 11 Plugin Adobe Systems Incorporated 15.04.2013 6,00 MB 11.7.700.169 nötig Adobe Reader XI (11.0.02) - Deutsch Adobe Systems Incorporated 21.04.2013 133 MB 11.0.02 nötig Akamai NetSession Interface Akamai Technologies, Inc 15.04.2013 unbekannt Amazon MP3-Downloader 1.0.18 Amazon Services LLC 09.05.2013 1.0.18 //nicht zwingend AMD Catalyst Install Manager Advanced Micro Devices, Inc. 16.04.2013 26,2 MB 3.0.868.0 nötig avast! Free Antivirus AVAST Software 15.04.2013 8.0.1483.0 nötig Bing Bar Microsoft Corporation 17.04.2013 464 KB 7.1.391.0 unnötig CCleaner Piriform 23.04.2013 4.01 nötig Dell Touchpad ELAN Microelectronic Corp. 15.04.2013 11.3.5.4 nötig Dropbox Dropbox, Inc. 16.04.2013 2.0.6 nötig FH-Aachen OpenVPN 2.2.0 30.04.2013 2.2.0 nötig Intel(R) Control Center Intel Corporation 16.04.2013 1.2.1.1007 nötig Intel(R) Display Audio Driver Intel Corporation 16.04.2013 6.14.00.3090 nötig Intel(R) Management Engine Components Intel Corporation 15.04.2013 8.0.1.1399 unbekannt Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel Corporation 16.04.2013 5,30 MB 15.1.0.0096 nötig Intel(R) Rapid Storage Technology Intel Corporation 16.04.2013 11.7.0.1013 nötig Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 15.04.2013 1.0.7.248 nötig Intel® PROSet/Wireless WiFi-Software Intel Corporation 16.04.2013 181 MB 15.01.1000.0927 nötig Intel® Trusted Connect Service Client Intel Corporation 15.04.2013 10,6 MB 1.23.219.2 unbekannt Java 7 Update 17 Oracle 16.04.2013 129 MB 7.0.170 nötig Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 13.05.2013 19,2 MB 1.75.0.1300 nötig Microsoft .NET Framework 4 Client Profile Microsoft Corporation 16.04.2013 38,8 MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 16.04.2013 2,93 MB 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 16.04.2013 51,9 MB 4.0.30319 unbekannt Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 16.04.2013 10,6 MB 4.0.30319 // Net Framework 4 --- denk ich nötig für einige programme Microsoft Office Professional Plus 2013 Microsoft Corporation 15.04.2013 15.0.4420.1017 nötig Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 15.04.2013 708 KB 8.0.56336 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 16.04.2013 788 KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 16.04.2013 240 KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.04.2013 600 KB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 15.04.2013 13,6 MB 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 15.04.2013 11,0 MB 10.0.30319 /// Visual kram denk ich nötig? Aber eher unbekannt Mozilla Firefox 20.0.1 (x86 de) Mozilla 15.04.2013 44,7 MB 20.0.1 nötig Mozilla Maintenance Service Mozilla 15.04.2013 217 KB 20.0.1 unbekannt Quickset64 Dell Inc. 15.04.2013 10,7 MB 10.15.017 nötig Realtek Ethernet Controller All-In-One Windows Driver Realtek 15.04.2013 7.54.309.2012 nötig Remo Repair Word Remo Software 21.04.2013 19,9 MB 2.0.0.24 unbekannt SiSoftware Sandra Lite 2013.SP3 SiSoftware 15.04.2013 98,6 MB 19.40.2013.5 nötig Skype™ 6.3 Skype Technologies S.A. 13.05.2013 20,9 MB 6.3.107 nötig Stellar Phoenix Word Recovery Stellar Information Systems Ltd. 21.04.2013 11,9 MB 4.1.0.0 unnötig System Requirements Lab for Intel Husdawg, LLC 16.04.2013 1,02 MB 4.5.13.0 unbekannt TeamSpeak 3 Client TeamSpeak Systems GmbH 16.04.2013 3.0.10 nötig TeamViewer 8 TeamViewer 21.04.2013 8.0.17396 nötig WinRAR 4.20 (64-Bit) win.rar GmbH 15.04.2013 4.20.0 nötig Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 Intel 15.04.2013 13,2 MB 2.1.23.0 nötig |
|
13.05.2013, 19:47
| #14 |
| /// Malware-holic | GVU Win7 64 Bit deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Bing Java downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren deinstaliere: Stellar Öffne CCleaner, analysieren, starten, PC neustarten Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.05.2013, 12:06
| #15 |
| | GVU Win7 64 Bit wird gleich gemacht chef danke |
|
| Themen zu GVU Win7 64 Bit |
| adobe, akamai, antivirus, aswrvrt.sys, autorun, avast, bho, bingbar, firefox, flash player, format, helper, igdpmd64.sys, installation, log, logfile, mausklick, mozilla, netzwerk, plug-in, programme, realtek, registry, scan, senden, software, teamspeak, trojaner, win7 64, windows, windows xp, wscript.exe |
Textbox. 
WARNUNG an die MITLESER: 
Linear-Darstellung
