| paddy2812 | 13.05.2013 12:23 |
GVU Win7 64 Bit
Hallo Leute,
Ich habe mir leider, wie auch immer, auch den GVU Trojaner eingefangen.
System - Win7 64Bit
Mein Avast hat kurz Alarm geschlagen, dann war es aber leider schon zu spät. - Windows normal Boot --> Fenster mit Videoquelle auswählen --> GVU Meldung bzw. Fenster.
- Windows im abgesichertem + Netzwerk --> Pc fährt sofort herunter
- Windows im abgesichterm + Eingae (mit Explorer.exe) --> Keine Probleme soweit.
Habe schon gelesen das ihr immer einen OTL log haben wollte: Code:
OTL logfile created on: 13.05.2013 13:04:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrick\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,90 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 80,97% Memory free
15,81 Gb Paging File | 14,32 Gb Available in Paging File | 90,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238,47 Gb Total Space | 142,66 Gb Free Space | 59,83% Space Free | Partition Type: NTFS
Drive E: | 14,44 Gb Total Space | 4,66 Gb Free Space | 32,25% Space Free | Partition Type: NTFS
Computer Name: PATRICK-PC | User Name: Patrick | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.13 13:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2012.03.25 23:44:18 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.15 23:31:49 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.10.01 20:34:38 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2012.10.01 20:34:38 | 000,178,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2012.06.11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012.06.11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012.03.29 07:57:36 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2012.03.29 07:57:24 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2012.03.29 07:57:14 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2012.03.29 07:57:10 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2012.03.19 13:14:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.01.21 08:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.01.21 08:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.01.21 08:35:08 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.01.17 16:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012.01.10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012.01.09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.05.20 16:03:06 | 000,038,926 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\FH-Aachen OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.27 03:29:42 | 000,071,832 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP3\RpcAgentSrv.exe -- (SandraAgentSrv)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.01.09 16:49:20 | 000,211,280 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012.12.04 17:51:12 | 000,791,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.12.04 17:51:12 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.12.04 17:51:10 | 000,358,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.11.19 12:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.11.19 12:10:36 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.03.26 00:26:40 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.03.25 22:51:16 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.20 01:45:54 | 000,032,896 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012.03.19 13:02:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012.03.12 14:06:46 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012.03.09 20:41:16 | 000,685,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.02.01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.12.06 05:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.10 17:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.05.20 16:03:06 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP3\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E 80 0F 65 1A 3A CE 01 [binary data]
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.04.15 23:20:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 22:58:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.21 22:21:11 | 000,000,000 | ---D | M]
[2013.04.15 22:58:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions
[2013.04.15 22:58:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000..\Run: [Akamai NetSession Interface] C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000..\Run: [AmazonMP3DownloaderHelper] C:\Users\Patrick\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34DCF1F2-A47D-41AC-ADA3-4721043A00D9}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42231763-BD2C-488B-BA32-59446A99D185}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{558C1633-B83A-4FDB-AEFF-BFDFAC0D9237}: DhcpNameServer = 149.201.10.30
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3231A1F-4CE3-4007-942C-CFB82ABC96DA}: DhcpNameServer = 192.168.10.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3703199202-3098018757-4283643900-1000 Winlogon: Shell - (C:\Users\Patrick\AppData\Roaming\skype.dat) - C:\Users\Patrick\AppData\Roaming\skype.dat (Sftware )
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.04.12 11:19:49 | 000,000,122 | ---- | M] () - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.13 13:04:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2013.05.13 12:54:06 | 000,000,000 | ---D | C] -- C:\sata
[2013.05.09 23:12:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Amazon
[2013.05.09 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Amazon MP3
[2013.05.09 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2013.05.09 23:12:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Program Files
[2013.05.03 09:07:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.04.30 15:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FH-Aachen OpenVPN
[2013.04.30 15:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FH-Aachen OpenVPN
[2013.04.25 11:23:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013.04.21 22:38:04 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Adobe
[2013.04.21 22:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.04.21 22:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013.04.21 21:51:08 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Benutzerdefinierte Office-Vorlagen
[2013.04.21 21:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Word Recovery
[2013.04.21 21:29:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stellar Phoenix Word Recovery
[2013.04.21 21:25:20 | 000,000,000 | ---D | C] -- C:\TokensBackup
[2013.04.21 21:23:26 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\KMSpico.v2
[2013.04.21 21:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.04.21 21:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word
[2013.04.21 21:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Remo Repair Word 2.0
[2013.04.21 21:02:18 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\TeamViewer
[2013.04.21 21:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.04.16 22:49:29 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\TS3Client
[2013.04.16 22:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.04.16 22:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2013.04.16 12:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013.04.16 12:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.04.16 12:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.04.16 12:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.04.16 12:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.04.16 12:12:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.04.16 12:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.04.16 12:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.04.16 12:11:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.04.16 12:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.04.16 12:10:55 | 000,054,272 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.04.16 12:10:55 | 000,048,128 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.04.16 12:10:54 | 028,992,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2013.04.16 12:10:54 | 023,460,864 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2013.04.16 12:10:54 | 014,745,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdpmd64.sys
[2013.04.16 12:10:54 | 014,745,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2013.04.16 12:10:54 | 009,605,632 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2013.04.16 12:10:54 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2013.04.16 12:10:54 | 008,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2013.04.16 12:10:54 | 007,795,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2013.04.16 12:10:54 | 006,120,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2013.04.16 12:10:54 | 003,749,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2013.04.16 12:10:54 | 002,967,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2013.04.16 12:10:54 | 002,866,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2013.04.16 12:10:54 | 002,321,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2013.04.16 12:10:54 | 000,591,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2013.04.16 12:10:54 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2013.04.16 12:10:54 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2013.04.16 12:10:54 | 000,518,144 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2013.04.16 12:10:54 | 000,509,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2013.04.16 12:10:54 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2013.04.16 12:10:54 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2013.04.16 12:10:54 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2013.04.16 12:10:54 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2013.04.16 12:10:54 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2013.04.16 12:10:54 | 000,439,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2013.04.16 12:10:54 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2013.04.16 12:10:54 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2013.04.16 12:10:54 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2013.04.16 12:10:54 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2013.04.16 12:10:54 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2013.04.16 12:10:54 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2013.04.16 12:10:54 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2013.04.16 12:10:54 | 000,434,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2013.04.16 12:10:54 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2013.04.16 12:10:54 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2013.04.16 12:10:54 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2013.04.16 12:10:54 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2013.04.16 12:10:54 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2013.04.16 12:10:54 | 000,386,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2013.04.16 12:10:54 | 000,325,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2013.04.16 12:10:54 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2013.04.16 12:10:54 | 000,276,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2013.04.16 12:10:54 | 000,250,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2013.04.16 12:10:54 | 000,237,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2013.04.16 12:10:54 | 000,236,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2013.04.16 12:10:54 | 000,213,504 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2013.04.16 12:10:54 | 000,193,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2013.04.16 12:10:54 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2013.04.16 12:10:54 | 000,177,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2013.04.16 12:10:54 | 000,170,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2013.04.16 12:10:54 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2013.04.16 12:10:54 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2013.04.16 12:10:54 | 000,063,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2013.04.16 12:10:54 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2013.04.16 12:10:54 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2013.04.16 12:10:53 | 026,166,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013.04.16 12:10:53 | 019,739,136 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013.04.16 12:10:53 | 016,069,632 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013.04.16 12:10:53 | 013,715,968 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013.04.16 12:10:53 | 010,857,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013.04.16 12:10:53 | 007,646,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013.04.16 12:10:53 | 007,552,000 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013.04.16 12:10:53 | 006,200,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013.04.16 12:10:53 | 005,954,048 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013.04.16 12:10:53 | 005,888,792 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2013.04.16 12:10:53 | 005,062,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013.04.16 12:10:53 | 004,958,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013.04.16 12:10:53 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2013.04.16 12:10:53 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2013.04.16 12:10:53 | 000,958,464 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013.04.16 12:10:53 | 000,791,552 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013.04.16 12:10:53 | 000,512,000 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013.04.16 12:10:53 | 000,496,128 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013.04.16 12:10:53 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2013.04.16 12:10:53 | 000,398,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2013.04.16 12:10:53 | 000,356,352 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013.04.16 12:10:53 | 000,328,704 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013.04.16 12:10:53 | 000,235,520 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013.04.16 12:10:53 | 000,184,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2013.04.16 12:10:53 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2013.04.16 12:10:53 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013.04.16 12:10:53 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013.04.16 12:10:53 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2013.04.16 12:10:53 | 000,071,680 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2013.04.16 12:10:53 | 000,070,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2013.04.16 12:10:53 | 000,070,144 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2013.04.16 12:10:53 | 000,065,536 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\atisamu32.dll
[2013.04.16 12:10:53 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2013.04.16 12:10:53 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2013.04.16 12:10:53 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013.04.16 12:10:53 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013.04.16 12:10:53 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013.04.16 12:10:53 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013.04.16 12:10:53 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013.04.16 12:10:53 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013.04.16 12:10:53 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013.04.16 12:10:53 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013.04.16 12:10:53 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013.04.16 12:10:53 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2013.04.16 12:10:53 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013.04.16 12:10:53 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013.04.16 12:10:53 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013.04.16 12:10:53 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013.04.16 12:10:53 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013.04.16 12:10:53 | 000,032,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\amdkmpfd.sys
[2013.04.16 12:10:53 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013.04.16 12:10:53 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013.04.16 12:10:53 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013.04.16 12:10:53 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013.04.16 11:47:53 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Dropbox
[2013.04.16 11:47:00 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013.04.16 11:46:43 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Dropbox
[2013.04.16 11:23:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Diagnostics
[2013.04.16 10:40:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Intel Corporation
[2013.04.16 10:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2013.04.16 10:37:15 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013.04.16 10:37:05 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Dell
[2013.04.16 10:34:14 | 000,652,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2013.04.16 10:34:14 | 000,028,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2013.04.16 10:22:04 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2013.04.16 10:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2013.04.16 10:17:40 | 000,331,264 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2013.04.16 10:17:40 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2013.04.16 00:22:43 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\WLANProfiles
[2013.04.16 00:22:20 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Intel
[2013.04.16 00:22:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Roaming
[2013.04.16 00:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2013.04.16 00:21:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2013.04.16 00:21:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2013.04.16 00:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2013.04.16 00:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel.sav
[2013.04.16 00:12:03 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\ATI
[2013.04.16 00:12:03 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\ATI
[2013.04.16 00:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2013.04.16 00:11:47 | 000,000,000 | ---D | C] -- C:\Users\Patrick\SystemRequirementsLab
[2013.04.16 00:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.04.16 00:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.16 00:11:14 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.04.16 00:11:14 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.04.16 00:11:14 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.16 00:11:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.16 00:11:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.16 00:11:12 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.16 00:11:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.04.15 23:58:23 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2013.04.15 23:58:23 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2013.04.15 23:58:23 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2013.04.15 23:58:23 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2013.04.15 23:58:23 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2013.04.15 23:58:23 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2013.04.15 23:58:23 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2013.04.15 23:58:23 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2013.04.15 23:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013.04.15 23:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.04.15 23:57:01 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.04.15 23:57:01 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.04.15 23:57:01 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.04.15 23:57:01 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.04.15 23:57:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.04.15 23:57:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.04.15 23:57:01 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.04.15 23:57:01 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.04.15 23:57:00 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.04.15 23:57:00 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.04.15 23:57:00 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.04.15 23:57:00 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.04.15 23:57:00 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.04.15 23:57:00 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.04.15 23:57:00 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.04.15 23:57:00 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.04.15 23:57:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.04.15 23:57:00 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.04.15 23:57:00 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.04.15 23:57:00 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.04.15 23:57:00 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.04.15 23:57:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.04.15 23:56:59 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.04.15 23:56:59 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.04.15 23:56:59 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.04.15 23:56:59 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.04.15 23:56:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.04.15 23:56:59 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.04.15 23:56:59 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.04.15 23:56:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.04.15 23:56:58 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.04.15 23:56:58 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.04.15 23:56:58 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.04.15 23:56:58 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.04.15 23:56:58 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.04.15 23:56:58 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.04.15 23:56:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.04.15 23:56:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.04.15 23:56:57 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.04.15 23:56:57 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.04.15 23:56:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.04.15 23:56:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.04.15 23:56:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.04.15 23:56:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.04.15 23:56:56 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.04.15 23:56:56 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.04.15 23:56:56 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.04.15 23:56:56 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.04.15 23:56:56 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.04.15 23:56:56 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.04.15 23:56:56 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.04.15 23:56:56 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.04.15 23:56:56 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.04.15 23:56:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.04.15 23:56:56 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.04.15 23:56:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013.04.15 23:56:55 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.04.15 23:56:55 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.04.15 23:56:55 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.04.15 23:56:55 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.04.15 23:56:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.04.15 23:56:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.04.15 23:56:55 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.04.15 23:56:55 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.04.15 23:56:54 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.04.15 23:56:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.04.15 23:56:54 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.04.15 23:56:54 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.04.15 23:56:54 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.04.15 23:56:54 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.04.15 23:56:54 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.04.15 23:56:54 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.04.15 23:56:54 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.04.15 23:56:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.04.15 23:56:53 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013.04.15 23:56:53 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013.04.15 23:56:53 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013.04.15 23:56:53 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013.04.15 23:56:53 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013.04.15 23:56:53 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013.04.15 23:56:53 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013.04.15 23:56:53 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013.04.15 23:56:53 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.04.15 23:56:53 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.04.15 23:56:52 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013.04.15 23:56:52 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013.04.15 23:56:52 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013.04.15 23:56:52 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013.04.15 23:56:51 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013.04.15 23:56:51 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013.04.15 23:56:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013.04.15 23:56:51 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013.04.15 23:56:51 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013.04.15 23:56:51 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013.04.15 23:56:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013.04.15 23:56:51 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013.04.15 23:56:50 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.04.15 23:56:50 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013.04.15 23:56:50 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013.04.15 23:56:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013.04.15 23:56:50 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013.04.15 23:56:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013.04.15 23:56:50 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013.04.15 23:56:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013.04.15 23:56:49 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013.04.15 23:56:49 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013.04.15 23:56:49 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013.04.15 23:56:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013.04.15 23:56:48 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013.04.15 23:56:48 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013.04.15 23:56:48 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013.04.15 23:56:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.04.15 23:56:48 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013.04.15 23:56:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013.04.15 23:56:19 | 000,000,000 | ---D | C] -- C:\AMD
[2013.04.15 23:54:14 | 000,685,160 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013.04.15 23:54:14 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013.04.15 23:54:14 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2013.04.15 23:54:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013.04.15 23:51:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.04.15 23:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
[2013.04.15 23:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2013.04.15 23:50:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Programs
[2013.04.15 23:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013.04.15 23:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.04.15 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013.04.15 23:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013.04.15 23:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013.04.15 23:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013.04.15 23:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013.04.15 23:39:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013.04.15 23:39:23 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft Help
[2013.04.15 23:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.04.15 23:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.04.15 23:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.04.15 23:39:15 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.04.15 23:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013.04.15 23:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2013.04.15 23:36:46 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Macromedia
[2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Macromedia
[2013.04.15 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Adobe
[2013.04.15 23:34:54 | 000,000,000 | ---D | C] -- C:\Vorformat
[2013.04.15 23:33:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2013.04.15 23:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013.04.15 23:33:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013.04.15 23:33:10 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\InstallShield
[2013.04.15 23:31:49 | 000,691,592 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.15 23:31:49 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.15 23:31:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013.04.15 23:31:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013.04.15 23:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.04.15 23:28:56 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\PCDr
[2013.04.15 23:28:54 | 000,000,000 | ---D | C] -- C:\temp
[2013.04.15 23:24:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Deployment
[2013.04.15 23:24:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Apps
[2013.04.15 23:20:32 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.04.15 23:20:32 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.04.15 23:20:32 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.04.15 23:20:32 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.04.15 23:20:32 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.04.15 23:20:32 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.04.15 23:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.04.15 23:20:31 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.04.15 23:20:18 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.04.15 23:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.04.15 23:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.04.15 22:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2013.04.15 22:58:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Mozilla
[2013.04.15 22:58:33 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Mozilla
[2013.04.15 22:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.04.15 22:58:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.04.15 22:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\WinRAR
[2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.04.15 22:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.04.15 22:55:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.04.15 22:54:04 | 000,000,000 | ---D | C] -- C:\Intel
[2013.04.15 22:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2013.04.15 22:53:47 | 000,211,280 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\drivers\ETD.sys
[2013.04.15 22:53:29 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll
[2013.04.15 22:53:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013.04.15 22:53:26 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2013.04.15 22:53:26 | 000,791,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2013.04.15 22:53:26 | 000,358,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2013.04.15 22:53:26 | 000,020,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2013.04.15 22:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2013.04.15 22:52:08 | 000,000,000 | ---D | C] -- C:\Dell Driver
[2013.04.15 22:51:30 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Akamai
[2013.04.15 22:46:24 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013.04.15 22:46:20 | 000,000,000 | -HSD | C] -- C:\Boot
[2013.04.15 22:32:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.04.15 22:32:18 | 000,000,000 | ---D | C] -- C:\Dell
[2013.04.15 21:51:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Searches
[2013.04.15 21:49:59 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.04.15 21:49:54 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Identities
[2013.04.15 21:49:53 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Contacts
[2013.04.15 21:49:51 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\VirtualStore
[2013.04.15 21:49:49 | 000,000,000 | --SD | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Videos
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Saved Games
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Pictures
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Music
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Links
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Favorites
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Downloads
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Documents
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Desktop
[2013.04.15 21:49:49 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Vorlagen
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Verlauf
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Temporary Internet Files
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Startmenü
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\SendTo
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Recent
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Netzwerkumgebung
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Lokale Einstellungen
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Videos
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Musik
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Eigene Dateien
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Bilder
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Druckumgebung
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Cookies
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Anwendungsdaten
[2013.04.15 21:49:49 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Anwendungsdaten
[2013.04.15 21:49:49 | 000,000,000 | -H-D | C] -- C:\Users\Patrick\AppData
[2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Temp
[2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft
[2013.04.15 21:49:49 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Media Center Programs
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.04.15 21:49:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.04.15 21:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.04.15 21:46:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2009.07.14 01:12:11 | 000,130,560 | ---- | C] (Sftware ) -- C:\Users\Patrick\AppData\Roaming\skype.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.13 13:06:07 | 001,614,582 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.13 13:06:07 | 000,697,170 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.13 13:06:07 | 000,652,488 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.13 13:06:07 | 000,147,964 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.13 13:06:07 | 000,120,918 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.13 13:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2013.05.13 13:01:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.13 13:01:48 | 2070,691,839 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.13 12:53:41 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.13 12:53:41 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.13 12:49:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.13 12:18:19 | 000,000,162 | -H-- | M] () -- C:\Users\Patrick\Desktop\~$inal-3.odt
[2013.05.13 12:16:31 | 000,000,004 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\skype.ini
[2013.05.07 16:27:19 | 005,423,019 | ---- | M] () -- C:\Users\Patrick\Desktop\lisa mitchell - neopolitan.mp3
[2013.05.07 16:24:01 | 005,373,282 | ---- | M] () -- C:\Users\Patrick\Desktop\natural born jane.mp3
[2013.05.07 16:21:25 | 005,756,968 | ---- | M] () -- C:\Users\Patrick\Desktop\Martin Solveig - The Night Our.mp3
[2013.05.07 16:20:45 | 005,032,227 | ---- | M] () -- C:\Users\Patrick\Desktop\theophilus London - Why Even Try.mp3
[2013.05.03 09:07:03 | 592,718,937 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.05.01 19:14:24 | 000,129,024 | ---- | M] () -- C:\Users\Patrick\Desktop\IMG_20130501_190258.JPG
[2013.04.30 15:51:13 | 000,016,106 | ---- | M] () -- C:\Users\Patrick\Desktop\mcfit kram.odt
[2013.04.30 15:26:29 | 000,001,201 | ---- | M] () -- C:\Users\Public\Desktop\FH-Aachen OpenVPN GUI.lnk
[2013.04.30 15:04:43 | 000,000,345 | ---- | M] () -- C:\Users\Patrick\Desktop\0VBPqgZG8l3Y.128.mp3
[2013.04.28 15:53:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.04.28 11:02:13 | 004,016,640 | ---- | M] () -- C:\Users\Patrick\Desktop\KMSpico.v2.rar
[2013.04.27 13:17:19 | 003,735,300 | ---- | M] () -- C:\Users\Patrick\Desktop\Laid Blak - Lava Timmokk.mp3
[2013.04.27 12:58:49 | 004,745,507 | ---- | M] () -- C:\Users\Patrick\Desktop\bosse- schönste zeit zwette edit.mp3
[2013.04.27 12:58:17 | 005,807,959 | ---- | M] () -- C:\Users\Patrick\Desktop\another love zwette remix.mp3
[2013.04.26 23:25:36 | 000,210,023 | ---- | M] () -- C:\Users\Patrick\Desktop\bild2.jpg
[2013.04.26 19:01:06 | 000,279,378 | ---- | M] () -- C:\Users\Patrick\Desktop\473080_579327928758742_1090916865_o.jpg
[2013.04.26 17:48:24 | 001,947,404 | ---- | M] () -- C:\Users\Patrick\Desktop\bild.jpg
[2013.04.25 11:36:49 | 000,003,640 | ---- | M] () -- C:\Users\Patrick\Desktop\sven paddel.ods
[2013.04.24 12:13:58 | 000,441,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.23 19:49:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.04.21 22:47:39 | 000,205,728 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-3.pdf
[2013.04.21 22:46:46 | 000,444,316 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-3.odt
[2013.04.21 22:37:29 | 000,206,545 | ---- | M] () -- C:\Users\Patrick\Desktop\Final-2.pdf
[2013.04.21 22:26:07 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.04.21 22:21:11 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.04.21 22:17:46 | 000,192,849 | ---- | M] () -- C:\Users\Patrick\Desktop\marc kniese.pdf
[2013.04.21 21:13:34 | 000,001,117 | ---- | M] () -- C:\Users\Patrick\Desktop\Remo Repair Word.lnk
[2013.04.21 21:01:31 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.16 12:12:54 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.04.16 11:47:53 | 000,001,003 | ---- | M] () -- C:\Users\Patrick\Desktop\Dropbox.lnk
[2013.04.16 11:47:10 | 000,001,013 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.16 10:45:24 | 013,479,936 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Sandra.mdb
[2013.04.16 10:41:19 | 000,001,108 | ---- | M] () -- C:\Users\Patrick\Desktop\Wow-64 - Verknüpfung.lnk
[2013.04.16 10:35:52 | 001,639,602 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.16 00:22:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2013.04.16 00:11:10 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.16 00:11:09 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.04.16 00:11:09 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.04.16 00:11:09 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.16 00:11:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.16 00:11:09 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.15 23:33:22 | 000,001,063 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk
[2013.04.15 23:31:49 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.15 23:31:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.15 23:20:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.04.15 22:53:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2013.04.15 22:46:21 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013.04.15 22:31:48 | 000,182,856 | ---- | M] () -- C:\Users\Patrick\Documents\Pricing_Nov2012_2web 1-1.pdf
[2013.04.15 22:30:23 | 011,711,800 | ---- | M] () -- C:\Users\Patrick\Documents\Intel6150_WIMAX_FICI_DRVR_W7_64_A00_4MVDF_setup_ZPE.exe
[2013.04.15 21:48:27 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.04.15 21:48:27 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.13 12:18:19 | 000,000,162 | -H-- | C] () -- C:\Users\Patrick\Desktop\~$inal-3.odt
[2013.05.13 11:13:19 | 000,000,004 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\skype.ini
[2013.05.07 16:27:14 | 005,423,019 | ---- | C] () -- C:\Users\Patrick\Desktop\lisa mitchell - neopolitan.mp3
[2013.05.07 16:23:57 | 005,373,282 | ---- | C] () -- C:\Users\Patrick\Desktop\natural born jane.mp3
[2013.05.07 16:21:20 | 005,756,968 | ---- | C] () -- C:\Users\Patrick\Desktop\Martin Solveig - The Night Our.mp3
[2013.05.07 16:20:39 | 005,032,227 | ---- | C] () -- C:\Users\Patrick\Desktop\theophilus London - Why Even Try.mp3
[2013.05.03 09:07:03 | 592,718,937 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.05.01 19:14:23 | 000,129,024 | ---- | C] () -- C:\Users\Patrick\Desktop\IMG_20130501_190258.JPG
[2013.04.30 15:51:10 | 000,016,106 | ---- | C] () -- C:\Users\Patrick\Desktop\mcfit kram.odt
[2013.04.30 15:26:29 | 000,001,201 | ---- | C] () -- C:\Users\Public\Desktop\FH-Aachen OpenVPN GUI.lnk
[2013.04.30 15:03:52 | 000,000,345 | ---- | C] () -- C:\Users\Patrick\Desktop\0VBPqgZG8l3Y.128.mp3
[2013.04.28 15:53:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.04.28 11:02:13 | 004,016,640 | ---- | C] () -- C:\Users\Patrick\Desktop\KMSpico.v2.rar
[2013.04.27 13:17:11 | 003,735,300 | ---- | C] () -- C:\Users\Patrick\Desktop\Laid Blak - Lava Timmokk.mp3
[2013.04.27 12:58:38 | 004,745,507 | ---- | C] () -- C:\Users\Patrick\Desktop\bosse- schönste zeit zwette edit.mp3
[2013.04.27 12:57:52 | 005,807,959 | ---- | C] () -- C:\Users\Patrick\Desktop\another love zwette remix.mp3
[2013.04.26 23:25:36 | 000,210,023 | ---- | C] () -- C:\Users\Patrick\Desktop\bild2.jpg
[2013.04.26 19:01:06 | 000,279,378 | ---- | C] () -- C:\Users\Patrick\Desktop\473080_579327928758742_1090916865_o.jpg
[2013.04.26 17:48:23 | 001,947,404 | ---- | C] () -- C:\Users\Patrick\Desktop\bild.jpg
[2013.04.26 17:46:15 | 004,922,282 | ---- | C] () -- C:\Users\Patrick\Desktop\Pixlromatic.air
[2013.04.25 11:36:45 | 000,003,640 | ---- | C] () -- C:\Users\Patrick\Desktop\sven paddel.ods
[2013.04.23 19:49:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.04.21 22:47:39 | 000,205,728 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-3.pdf
[2013.04.21 22:46:45 | 000,444,316 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-3.odt
[2013.04.21 22:37:28 | 000,206,545 | ---- | C] () -- C:\Users\Patrick\Desktop\Final-2.pdf
[2013.04.21 22:21:11 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.04.21 22:21:11 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.04.21 22:17:46 | 000,192,849 | ---- | C] () -- C:\Users\Patrick\Desktop\marc kniese.pdf
[2013.04.21 21:13:34 | 000,001,117 | ---- | C] () -- C:\Users\Patrick\Desktop\Remo Repair Word.lnk
[2013.04.21 21:01:31 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.04.21 21:01:31 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.16 22:49:16 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.04.16 12:12:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.04.16 12:12:12 | 000,002,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Umschaltbare Grafik.lnk
[2013.04.16 12:12:01 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2013.04.16 12:12:01 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat
[2013.04.16 12:10:54 | 017,226,240 | ---- | C] () -- C:\Windows\SysNative\ig7icd64.dll
[2013.04.16 12:10:54 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2013.04.16 12:10:54 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2013.04.16 12:10:54 | 000,755,188 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin
[2013.04.16 12:10:54 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2013.04.16 12:10:54 | 000,561,508 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin
[2013.04.16 12:10:54 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2013.04.16 12:10:54 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2013.04.16 12:10:54 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2013.04.16 12:10:54 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2013.04.16 12:10:54 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2013.04.16 12:10:54 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.04.16 12:10:54 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2013.04.16 12:10:54 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2013.04.16 12:10:54 | 000,018,660 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2013.04.16 12:10:54 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2013.04.16 12:10:54 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2013.04.16 12:10:53 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2013.04.16 12:10:53 | 002,427,392 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013.04.16 12:10:53 | 002,425,664 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013.04.16 12:10:53 | 000,601,728 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013.04.16 12:10:53 | 000,235,144 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013.04.16 12:10:53 | 000,235,144 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013.04.16 12:10:53 | 000,221,877 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2013.04.16 12:10:53 | 000,208,522 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2013.04.16 12:10:53 | 000,192,378 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2013.04.16 12:10:53 | 000,164,821 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2013.04.16 12:10:53 | 000,162,150 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2013.04.16 12:10:53 | 000,157,713 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2013.04.16 12:10:53 | 000,148,461 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2013.04.16 12:10:53 | 000,147,116 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2013.04.16 12:10:53 | 000,146,125 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2013.04.16 12:10:53 | 000,146,008 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2013.04.16 12:10:53 | 000,144,790 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2013.04.16 12:10:53 | 000,144,267 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2013.04.16 12:10:53 | 000,143,564 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2013.04.16 12:10:53 | 000,143,112 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2013.04.16 12:10:53 | 000,142,797 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2013.04.16 12:10:53 | 000,142,606 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2013.04.16 12:10:53 | 000,142,079 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2013.04.16 12:10:53 | 000,141,854 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2013.04.16 12:10:53 | 000,141,421 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2013.04.16 12:10:53 | 000,141,297 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2013.04.16 12:10:53 | 000,140,949 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2013.04.16 12:10:53 | 000,140,548 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2013.04.16 12:10:53 | 000,139,901 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2013.04.16 12:10:53 | 000,136,850 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2013.04.16 12:10:53 | 000,136,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2013.04.16 12:10:53 | 000,136,261 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2013.04.16 12:10:53 | 000,131,674 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2013.04.16 12:10:53 | 000,125,306 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2013.04.16 12:10:53 | 000,123,778 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2013.04.16 12:10:53 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2013.04.16 12:10:53 | 000,037,533 | ---- | C] () -- C:\Windows\atiogl.xml
[2013.04.16 12:10:53 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2013.04.16 11:47:53 | 000,001,003 | ---- | C] () -- C:\Users\Patrick\Desktop\Dropbox.lnk
[2013.04.16 11:47:10 | 000,001,013 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.16 10:41:19 | 000,001,108 | ---- | C] () -- C:\Users\Patrick\Desktop\Wow-64 - Verknüpfung.lnk
[2013.04.16 00:22:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2013.04.16 00:00:59 | 001,639,602 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.16 00:00:02 | 013,479,936 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Sandra.mdb
[2013.04.15 23:37:41 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013.04.15 23:33:23 | 000,001,063 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk
[2013.04.15 23:31:49 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.15 23:20:32 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.04.15 23:20:32 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.04.15 23:20:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.04.15 22:58:17 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.04.15 22:53:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2013.04.15 22:46:21 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2013.04.15 22:46:20 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2013.04.15 22:31:45 | 000,182,856 | ---- | C] () -- C:\Users\Patrick\Documents\Pricing_Nov2012_2web 1-1.pdf
[2013.04.15 22:28:24 | 011,711,800 | ---- | C] () -- C:\Users\Patrick\Documents\Intel6150_WIMAX_FICI_DRVR_W7_64_A00_4MVDF_setup_ZPE.exe
[2013.04.15 21:50:03 | 000,001,409 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.04.15 21:50:00 | 000,001,443 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.04.15 21:48:26 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.04.15 21:48:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.04.15 21:46:57 | 2070,691,839 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.05.09 23:12:13 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Amazon
[2013.05.13 12:56:42 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dropbox
[2013.04.15 23:28:57 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\PCDr
[2013.04.21 21:08:49 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TeamViewer
[2013.04.26 23:38:33 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TS3Client
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:9A78FF1A
< End of report >
Ich danke vorab, wenn ihr noch was brauchen solltet ich reiche Alles flott nach. |
TDSSKiller.exe und speichere diese Datei auf dem Desktop
AdwCleaner auf deinen Desktop.
Textbox. 
WARNUNG an die MITLESER: