Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: cmd.exe öffnet bei anmeldung automatisch

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.06.2012, 17:41   #1
MrToastey
 
cmd.exe öffnet bei anmeldung automatisch - Unglücklich

cmd.exe öffnet bei anmeldung automatisch



cmd.exe öffnet bei anmeldung automatisch

Bei jeder Anmeldung auf meinen Windows Benutzer steigt meine Zentralprozessoren Auslastung auf 95%. Es scheint, als ob es immer genügend Transis frei lässt um nicht aufzufallen. Wenn ich zum Beispiel in Word arbeite, ist die Auslastung bei 95%. Diese 95% habe ich aber auch wenn ich ein Spiel wie zbs Starcraft2 spiele.
Hier einmal der Standard Hijack scan (ohne "cmd is running"):
(Wie kann man aus so etwas Schadsoftware finden? Da fehlt doch das wesentliche)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:15:33, on 19.06.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ZOTAC FireStorm\Firestorm.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Users\Powk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Powk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Powk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Powk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Powk\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=hp&babsrc=lnkry_nt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 223.4.10.225:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GamingKeyboard] "C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
O4 - HKLM\..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\Run: [Google Update] "C:\Users\Powk\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - Startup: Zotac FireStorm.lnk = C:\Program Files (x86)\ZOTAC FireStorm\Firestorm.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA75336F-B4EA-4630-8ACC-E97518D09AF6}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: OO DiskImage - O&O Software GmbH - C:\Program Files\OO Software\DiskImage\oodiag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4a\RpcAgentSrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10488 bytes

Alt 20.06.2012, 07:50   #2
Psychotic
/// Malwareteam
 
cmd.exe öffnet bei anmeldung automatisch - Standard

cmd.exe öffnet bei anmeldung automatisch



Aus "so etwas" kann man heutzutage kaum noch Schadsoftware finden, da HijackThis zuwenig Informationen liefert! Das steht auch groß und breit oben im Forum!


Um eine genauere Analyse zu ermöglichen, befolge bitte diesen Link:

An alle Hilfesuchenden! Was muss ich vor Eröffnung eines Themas beachten?
__________________

__________________

Alt 20.06.2012, 20:04   #3
MrToastey
 
cmd.exe öffnet bei anmeldung automatisch - Standard

cmd.exe öffnet bei anmeldung automatisch



Da ich meine alte Festplatte "unsanft" behandelt habe, wurde mir von einem Freund diese angeboten. Da er schon einige Spiele und co darauf installiert hat, würde ich sie lieber nicht Formatieren. Wüsste jetzt auch nicht wie ich das machen sollte, mit nur einer Festplatte. Kann sich eine Festlatte selber Formatieren??


Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.06.20 20:47:15 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Powk\Downloads\OTL.exe
PRC - [2012.06.12 11:56:48 | 000,412,304 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2012.06.09 20:23:23 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.23 18:13:02 | 001,804,288 | ---- | M] (Game Inc.) -- C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
PRC - [2010.12.27 09:46:38 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.03.29 12:10:28 | 001,001,472 | ---- | M] (ZOTAC Ltd.) -- C:\Program Files (x86)\ZOTAC FireStorm\Firestorm.exe


========== Modules (No Company Name) ==========

MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2009.12.21 14:29:42 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\SHARKOON Skiller\keydll3.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.18 18:53:49 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.12 11:56:48 | 000,412,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012.06.09 20:23:23 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.06.08 22:33:30 | 004,761,456 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Programme\OO Software\DiskImage\oodiag.exe -- (OO DiskImage)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.01 17:37:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.11 21:13:24 | 002,815,496 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011.11.23 12:27:10 | 001,267,000 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2010.12.27 09:46:38 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.13 00:35:56 | 000,095,896 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4a\RpcAgentSrv.exe -- (SandraAgentSrv)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.06.08 22:34:20 | 000,259,344 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodivd.sys -- (oodivd)
DRV:64bit: - [2012.06.08 22:34:20 | 000,044,304 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodivdh.sys -- (oodivdh)
DRV:64bit: - [2012.06.08 22:34:18 | 000,118,032 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodisr.sys -- (oodisr)
DRV:64bit: - [2012.06.08 22:34:18 | 000,040,720 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodisrh.sys -- (oodisrh)
DRV:64bit: - [2011.11.10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2011.08.09 07:42:36 | 000,315,696 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011.08.09 07:42:36 | 000,024,880 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
DRV:64bit: - [2011.07.20 09:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2011.07.13 21:51:38 | 000,026,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GameKB.sys -- (GameKB)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.12.10 13:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 13:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.12 01:10:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.06.08 22:48:08 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | Auto | Running] -- C:\Users\Powk\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4a\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.08.31 19:30:00 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.10\RivaTuner64.sys -- (RivaTuner64)
DRV - [2004.05.05 22:17:28 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\PQNTDRV.sys -- (PQNTDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=hp&babsrc=lnkry_nt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5F DB 73 3D 32 46 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 223.4.10.225:80

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://ixquick.com/"
FF - prefs.js..keyword.URL: "hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=AT&userid=b655c586-ae4a-47a0-b372-5adef2d7afd0&affid=110774&searchtype=ds&babsrc=lnkry&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Powk\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Powk\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.09 15:51:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.06.09 17:37:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Powk\AppData\Roaming\mozilla\Extensions
[2012.06.18 18:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Powk\AppData\Roaming\mozilla\Firefox\Profiles\ijtpcfhi.default\extensions
[2012.06.17 15:51:31 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Powk\AppData\Roaming\mozilla\Firefox\Profiles\ijtpcfhi.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.06.17 15:51:31 | 000,000,000 | ---D | M] (TV-Fox) -- C:\Users\Powk\AppData\Roaming\mozilla\Firefox\Profiles\ijtpcfhi.default\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}
[2012.06.15 16:25:08 | 000,001,610 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Mozilla\Firefox\Profiles\ijtpcfhi.default\searchplugins\ixquick-https---deutsch.xml
[2012.06.18 16:27:11 | 000,002,474 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Mozilla\Firefox\Profiles\ijtpcfhi.default\searchplugins\Web Search.xml
[2012.06.09 15:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.01 18:33:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Powk\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Powk\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Powk\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Powk\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Powk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Powk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Powk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe ()
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [OODITRAY.EXE] C:\Programme\OO Software\DiskImage\ooditray.exe (O&O Software GmbH)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [COMODO] C:\Programme\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Programme\COMODO\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKLM..\Run: [GamingKeyboard] C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe (Game Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" File not found
O4 - HKCU..\Run: [PeerBlock] C:\Programme\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - Startup: C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zotac FireStorm.lnk = C:\Program Files (x86)\ZOTAC FireStorm\Firestorm.exe (ZOTAC Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA75336F-B4EA-4630-8ACC-E97518D09AF6}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA75336F-B4EA-4630-8ACC-E97518D09AF6}: NameServer = 8.26.56.26,156.154.70.22
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{32c9ec83-b199-11e1-bc13-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{32c9ec83-b199-11e1-bc13-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{b5d3da4d-b7e8-11e1-81cd-f46d049cb420}\Shell - "" = AutoRun
O33 - MountPoints2\{b5d3da4d-b7e8-11e1-81cd-f46d049cb420}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ca285b10-b775-11e1-9630-f46d049cb420}\Shell - "" = AutoRun
O33 - MountPoints2\{ca285b10-b775-11e1-9630-f46d049cb420}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.06.20 00:55:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A.A
[2012.06.18 18:53:49 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.18 18:53:49 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.18 18:53:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.06.18 18:53:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.06.18 18:24:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.06.18 15:16:17 | 009,712,960 | ---- | C] (Sony DADC Austria AG) -- C:\Users\Powk\Desktop\dirt3.exe
[2012.06.18 10:55:31 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\My Cheat Tables
[2012.06.18 10:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect Deluxe Edition
[2012.06.18 10:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1
[2012.06.18 10:55:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.1
[2012.06.18 10:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect Deluxe Edition
[2012.06.18 10:34:25 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\BioWare
[2012.06.18 09:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012.06.17 20:31:52 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Texture Packs Zusammenstellung
[2012.06.17 17:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton PartitionMagic 8.0
[2012.06.17 17:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2012.06.17 17:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2012.06.17 15:35:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012.06.17 15:27:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2012.06.17 15:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2012.06.17 14:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012.06.17 14:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012.06.17 14:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012.06.17 14:59:22 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Comodo
[2012.06.17 14:59:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2012.06.17 14:59:16 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.06.17 14:59:16 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012.06.17 14:48:40 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\My Games
[2012.06.17 14:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2012.06.17 10:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012.06.17 10:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.06.17 10:24:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012.06.17 10:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.06.17 10:24:07 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.06.17 10:24:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2012.06.17 10:24:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012.06.17 10:22:15 | 000,000,000 | ---D | C] -- C:\IDE
[2012.06.17 10:22:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012.06.17 10:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.06.17 10:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012.06.17 10:20:44 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Microsoft Help
[2012.06.17 10:20:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.06.17 10:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.06.17 10:20:26 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.06.16 14:39:16 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Malwarebytes
[2012.06.16 14:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.16 13:30:50 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Adobe
[2012.06.16 13:30:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.06.16 13:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.06.16 13:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.06.16 07:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
[2012.06.16 07:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\OO Software
[2012.06.16 07:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2012.06.16 07:38:37 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Downloaded Installations
[2012.06.16 06:55:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.06.16 06:55:15 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\Games for Windows - LIVE Demos
[2012.06.16 06:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
[2012.06.16 06:32:26 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll
[2012.06.16 06:32:26 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2012.06.16 06:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012.06.16 06:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2012.06.16 06:32:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2012.06.16 06:31:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012.06.16 06:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012.06.16 06:00:49 | 000,000,000 | ---D | C] -- C:\Users\Powk\jagexcache
[2012.06.16 01:39:47 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2012.06.14 14:06:35 | 000,000,000 | ---D | C] -- C:\Windows\Intel_Chipset_V9301019_XPVistaWin7
[2012.06.14 14:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2012.06.14 13:51:04 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll
[2012.06.14 13:47:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.06.14 13:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.06.14 13:47:17 | 002,580,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.06.14 13:47:17 | 002,096,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012.06.14 13:47:17 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012.06.14 13:47:17 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.06.14 13:47:17 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012.06.14 13:47:17 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
[2012.06.14 13:47:17 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.06.14 13:47:17 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.06.14 13:47:17 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.06.14 13:47:17 | 000,118,464 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012.06.14 13:47:17 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
[2012.06.14 13:47:17 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
[2012.06.14 13:47:17 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.06.14 13:47:16 | 002,654,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012.06.14 13:47:16 | 001,242,728 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012.06.14 13:47:16 | 000,618,600 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012.06.14 13:47:16 | 000,561,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012.06.14 13:47:16 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.06.14 13:47:16 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.06.14 13:47:16 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.06.14 13:47:16 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.06.14 13:47:16 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012.06.14 13:47:16 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.06.14 13:47:16 | 000,082,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2012.06.14 13:47:16 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.06.14 13:47:15 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.06.14 13:47:15 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.06.14 13:47:15 | 001,770,328 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.06.14 13:47:15 | 001,716,368 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.06.14 13:47:15 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.06.14 13:47:15 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.06.14 13:47:15 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.06.14 13:47:15 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.06.14 13:47:15 | 000,419,472 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.06.14 13:47:15 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.06.14 13:47:15 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.06.14 13:47:15 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.06.14 13:47:15 | 000,125,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.06.14 13:47:15 | 000,106,640 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.06.14 13:47:15 | 000,072,336 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.06.14 13:47:14 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.06.14 13:47:14 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.06.14 13:47:14 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.06.14 13:47:14 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.06.14 13:47:14 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.06.14 13:47:14 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012.06.14 13:47:14 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.06.14 13:47:14 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.06.14 13:47:14 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.06.14 13:47:14 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012.06.14 13:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.06.14 13:47:09 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.06.14 13:47:08 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.06.14 13:47:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.06.14 13:45:38 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012.06.14 13:45:10 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Realtek_Audio_V5106235_WinXp_V6016235_VistaWin7
[2012.06.14 13:45:10 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Marvell_91xx_WinXP_V1201006_VistaWin7_V1201010_20110831
[2012.06.14 13:45:09 | 000,342,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\e1c62x64.sys
[2012.06.14 13:45:09 | 000,098,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicInstC.dll
[2012.06.14 13:45:09 | 000,068,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\e1cmsg.dll
[2012.06.14 13:45:09 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Intel_MEI_V8001262_XPVistaWin7
[2012.06.14 13:45:04 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Renesas_USB3_V20320_XPVistaWin7
[2012.06.14 13:45:04 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Intel_Gigabit_V16500_XPVistaWin7
[2012.06.14 13:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
[2012.06.14 13:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2012.06.14 13:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
[2012.06.14 13:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2012.06.13 19:35:06 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012.06.12 20:18:45 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012.06.12 20:18:45 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012.06.12 20:18:44 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012.06.12 20:14:34 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012.06.11 17:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Skiller
[2012.06.11 17:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SHARKOON Skiller
[2012.06.11 17:03:34 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\InstallShield
[2012.06.11 00:05:33 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\ANNO 2070
[2012.06.10 23:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2012.06.10 23:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012.06.10 23:23:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012.06.10 23:17:41 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.10
[2012.06.10 23:17:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RivaTuner v2.10
[2012.06.10 20:22:27 | 000,955,848 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.06.10 20:22:27 | 000,839,112 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.06.10 20:22:27 | 000,268,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.06.10 20:22:15 | 000,189,384 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.06.10 20:22:15 | 000,188,872 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.06.10 20:22:13 | 000,000,000 | ---D | C] -- C:\Fraps
[2012.06.10 20:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.06.10 19:07:50 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Programme
[2012.06.10 18:58:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2012.06.09 20:37:03 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\PunkBuster
[2012.06.09 19:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2012.06.09 19:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2012.06.09 19:05:27 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.06.09 19:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.06.09 19:05:16 | 000,000,000 | ---D | C] -- C:\Intel
[2012.06.09 18:52:18 | 000,000,000 | ---D | C] -- C:\Users\Powk\SystemRequirementsLab
[2012.06.09 18:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012.06.09 18:04:18 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\.minecraft
[2012.06.09 17:42:20 | 086,400,840 | ---- | C] (K2 Network, Inc.) -- C:\Users\Powk\APB_Reloaded_Installer.exe
[2012.06.09 17:42:12 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\GamersFirst LIVE!
[2012.06.09 17:40:53 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\PMB Files
[2012.06.09 17:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.06.09 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012.06.09 17:40:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2012.06.09 17:40:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2012.06.09 17:37:17 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Mozilla
[2012.06.09 17:37:17 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Mozilla
[2012.06.09 15:52:53 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.06.09 15:52:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.06.09 15:52:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012.06.09 15:51:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.06.09 15:51:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.09 15:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.06.09 14:09:33 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Ubisoft Game Launcher
[2012.06.09 14:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2012.06.09 14:02:32 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\NVIDIA
[2012.06.09 14:02:10 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
[2012.06.09 14:02:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
[2012.06.09 13:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.06.09 13:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012.06.09 13:51:32 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.06.09 13:51:32 | 000,687,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.06.09 13:51:32 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.06.09 13:51:26 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.06.09 13:51:26 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.06.09 13:51:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.06.09 13:42:24 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.06.09 13:27:51 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Skype
[2012.06.09 13:27:46 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.06.09 13:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.06.09 13:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.06.09 13:27:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.06.09 13:26:34 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Macromedia
[2012.06.09 13:26:34 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Adobe
[2012.06.09 13:25:41 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.06.09 13:24:33 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Google
[2012.06.09 13:23:47 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Apps
[2012.06.09 13:23:44 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Deployment
[2012.06.09 13:21:16 | 000,000,000 | ---D | C] -- C:\Users\Powk\Desktop\Data
[2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\StarCraft II
[2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.06.09 13:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012.06.09 02:04:28 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Ubisoft
[2012.06.09 01:59:14 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012.06.09 01:59:14 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012.06.09 01:59:14 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012.06.09 01:59:14 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012.06.09 01:59:14 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012.06.09 01:59:14 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012.06.09 01:59:14 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012.06.09 01:59:14 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012.06.09 01:59:14 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012.06.09 01:59:14 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012.06.09 01:59:14 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012.06.09 01:59:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012.06.09 01:59:13 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012.06.09 01:59:13 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012.06.09 01:59:13 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012.06.09 01:59:13 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012.06.09 01:59:13 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012.06.09 01:59:13 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.06.09 01:59:13 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012.06.09 01:59:13 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012.06.09 01:59:13 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012.06.09 01:59:13 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012.06.09 01:59:13 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012.06.09 01:59:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012.06.09 01:59:13 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012.06.09 01:59:13 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012.06.09 01:59:12 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012.06.09 01:59:12 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012.06.09 01:59:12 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012.06.09 01:59:12 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012.06.09 01:59:12 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012.06.09 01:59:12 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012.06.09 01:59:12 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012.06.09 01:59:12 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012.06.09 01:59:11 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012.06.09 01:59:11 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012.06.09 01:59:11 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012.06.09 01:59:11 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012.06.09 01:59:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012.06.09 01:59:11 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012.06.09 01:59:11 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012.06.09 01:59:11 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012.06.09 01:59:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012.06.09 01:59:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012.06.09 01:59:10 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012.06.09 01:59:10 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012.06.09 01:59:10 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012.06.09 01:59:10 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012.06.09 01:59:10 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012.06.09 01:59:10 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012.06.09 01:59:10 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012.06.09 01:59:10 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012.06.09 01:59:10 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012.06.09 01:59:10 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.06.09 01:59:10 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012.06.09 01:59:10 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012.06.09 01:59:09 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012.06.09 01:59:09 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012.06.09 01:59:09 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012.06.09 01:59:09 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012.06.09 01:59:09 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012.06.09 01:59:09 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012.06.09 01:59:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012.06.09 01:59:09 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012.06.09 01:59:09 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012.06.09 01:59:09 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012.06.09 01:59:09 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012.06.09 01:59:09 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012.06.09 01:59:09 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012.06.09 01:59:09 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012.06.09 01:59:09 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012.06.09 01:59:09 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012.06.09 01:59:08 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012.06.09 01:59:08 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012.06.09 01:59:08 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012.06.09 01:59:08 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012.06.09 01:59:08 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012.06.09 01:59:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012.06.09 01:59:08 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012.06.09 01:59:08 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012.06.09 01:59:08 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012.06.09 01:59:07 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012.06.09 01:59:07 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012.06.09 01:59:07 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012.06.09 01:59:07 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012.06.09 01:59:07 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012.06.09 01:59:07 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012.06.09 01:59:07 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012.06.09 01:59:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012.06.09 01:59:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012.06.09 01:59:07 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012.06.09 01:59:07 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012.06.09 01:59:07 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012.06.09 01:59:06 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012.06.09 01:59:06 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012.06.09 01:59:06 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012.06.09 01:59:06 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012.06.09 01:59:06 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012.06.09 01:59:06 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012.06.09 01:59:06 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012.06.09 01:59:06 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012.06.09 01:59:06 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012.06.09 01:59:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012.06.09 01:59:05 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012.06.09 01:59:05 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012.06.09 01:59:05 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012.06.09 01:59:05 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012.06.09 01:59:05 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012.06.09 01:59:05 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012.06.09 01:59:05 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012.06.09 01:59:05 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012.06.09 01:59:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012.06.09 01:59:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012.06.09 01:59:05 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012.06.09 01:59:05 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012.06.09 01:59:04 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012.06.09 01:59:04 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012.06.09 01:59:04 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012.06.09 01:59:04 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012.06.09 01:59:04 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012.06.09 01:59:04 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012.06.09 01:59:04 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012.06.09 01:59:04 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012.06.09 01:59:04 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012.06.09 01:59:04 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012.06.09 01:59:04 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012.06.09 01:59:04 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012.06.09 01:59:03 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012.06.09 01:59:03 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012.06.09 01:59:03 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012.06.09 01:59:03 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012.06.09 01:59:03 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012.06.09 01:59:03 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012.06.09 01:59:03 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012.06.09 01:59:03 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012.06.09 01:59:03 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012.06.09 01:59:03 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012.06.09 01:59:03 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012.06.09 01:59:03 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012.06.09 01:59:02 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012.06.09 01:59:02 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012.06.09 01:59:02 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012.06.09 01:59:02 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012.06.09 01:59:02 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012.06.09 01:59:02 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012.06.09 01:59:01 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.06.09 01:59:01 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.06.09 01:59:01 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012.06.09 01:59:01 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012.06.09 01:59:01 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012.06.09 01:59:01 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012.06.09 01:59:01 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012.06.09 01:59:01 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012.06.09 01:59:01 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012.06.09 01:59:01 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012.06.09 01:59:01 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012.06.09 01:59:01 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012.06.09 01:59:01 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012.06.09 01:59:01 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012.06.09 01:59:00 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012.06.09 01:59:00 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012.06.09 01:58:59 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012.06.09 01:58:59 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012.06.09 01:58:58 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012.06.09 01:58:58 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012.06.09 01:58:58 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012.06.09 01:58:58 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012.06.09 01:58:58 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012.06.09 01:58:58 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012.06.09 01:58:58 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012.06.09 01:58:58 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012.06.09 01:58:58 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012.06.09 01:58:58 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012.06.09 01:58:57 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012.06.09 01:58:57 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012.06.09 01:58:57 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012.06.09 01:58:57 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012.06.09 01:58:57 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012.06.09 01:58:57 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012.06.09 01:58:03 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Diagnostics
[2012.06.09 01:46:20 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.06.09 01:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012.06.08 23:54:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.06.08 23:14:09 | 000,000,000 | ---D | C] -- C:\Users\Powk\Documents\Amnesia
[2012.06.08 23:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
[2012.06.08 23:05:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amnesia - The Dark Descent
[2012.06.08 23:00:02 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\WinRAR
[2012.06.08 23:00:02 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.06.08 23:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.06.08 22:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012.06.08 22:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2012.06.08 22:34:20 | 000,259,344 | ---- | C] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodivd.sys
[2012.06.08 22:34:20 | 000,044,304 | ---- | C] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodivdh.sys
[2012.06.08 22:34:18 | 000,118,032 | ---- | C] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodisr.sys
[2012.06.08 22:34:18 | 000,040,720 | ---- | C] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodisrh.sys
[2012.06.08 22:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.06.08 21:57:12 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64hda.dll
[2012.06.08 21:57:12 | 000,155,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012.06.08 21:57:12 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012.06.08 21:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.06.08 21:56:24 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZOTAC FireStorm
[2012.06.08 21:56:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZOTAC FireStorm
[2012.06.08 21:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.06.08 21:56:14 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2012.06.08 21:56:14 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2012.06.08 21:56:04 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.06.08 21:56:04 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.06.08 21:56:03 | 007,728,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.06.08 21:56:02 | 005,652,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.06.08 21:56:00 | 020,474,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.06.08 21:55:58 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.06.08 21:37:58 | 000,000,000 | -HSD | C] -- C:\Boot
[2012.06.08 20:55:54 | 012,858,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.06.08 20:55:53 | 010,077,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.06.08 20:55:52 | 002,897,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.06.08 20:55:51 | 003,113,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.06.08 20:55:51 | 002,480,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.06.08 20:55:51 | 002,252,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.06.08 20:55:50 | 004,942,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.06.08 20:55:49 | 006,606,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.06.08 20:55:34 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.06.08 20:55:31 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.06.08 20:55:31 | 002,210,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.06.08 20:55:31 | 001,976,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.06.08 20:55:31 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2012.06.08 20:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.06.08 20:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.06.08 20:46:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.06.08 20:45:09 | 000,000,000 | R--D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.06.08 20:45:09 | 000,000,000 | R--D | C] -- C:\Users\Powk\Searches
[2012.06.08 20:45:09 | 000,000,000 | R--D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.06.08 20:44:59 | 000,000,000 | R--D | C] -- C:\Users\Powk\Contacts
[2012.06.08 20:44:56 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\VirtualStore
[2012.06.08 20:44:40 | 000,000,000 | --SD | C] -- C:\Users\Powk\AppData\Roaming\Microsoft
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Videos
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Saved Games
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Pictures
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Music
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Links
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Favorites
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Downloads
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Documents
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\Desktop
[2012.06.08 20:44:40 | 000,000,000 | R--D | C] -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Vorlagen
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\AppData\Local\Verlauf
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\AppData\Local\Temporary Internet Files
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Startmenü
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\SendTo
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Recent
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Netzwerkumgebung
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Lokale Einstellungen
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Documents\Eigene Videos
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Documents\Eigene Musik
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Eigene Dateien
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Documents\Eigene Bilder
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Druckumgebung
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Cookies
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\AppData\Local\Anwendungsdaten
[2012.06.08 20:44:40 | 000,000,000 | -HSD | C] -- C:\Users\Powk\Anwendungsdaten
[2012.06.08 20:44:40 | 000,000,000 | -H-D | C] -- C:\Users\Powk\AppData
[2012.06.08 20:44:40 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Temp
[2012.06.08 20:44:40 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Local\Microsoft
[2012.06.08 20:44:40 | 000,000,000 | ---D | C] -- C:\Users\Powk\AppData\Roaming\Media Center Programs
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012.06.08 20:44:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.06.08 20:39:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.06.08 20:39:23 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2012.05.30 08:29:18 | 000,071,680 | ---- | C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2012.05.30 08:29:14 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.06.20 20:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.20 20:47:21 | 000,000,000 | ---- | M] () -- C:\Users\Powk\defogger_reenable
[2012.06.20 20:41:23 | 000,009,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.20 20:41:23 | 000,009,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.20 20:29:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2734158981-619937663-1740015174-1000UA.job
[2012.06.20 19:35:15 | 000,000,024 | ---- | M] () -- C:\Users\Powk\random.dat
[2012.06.20 19:29:55 | 000,000,043 | ---- | M] () -- C:\Users\Powk\jagex_cl_runescape_LIVE.dat
[2012.06.20 19:28:12 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.20 19:28:12 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.20 19:28:12 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.20 19:28:12 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.20 19:28:12 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.20 19:23:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.20 19:23:49 | 3204,669,440 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.20 13:29:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2734158981-619937663-1740015174-1000Core.job
[2012.06.18 18:53:49 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.18 18:53:49 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.18 16:25:27 | 000,001,292 | ---- | M] () -- C:\Users\Powk\Desktop\Mass Effect Deluxe Edition.lnk
[2012.06.18 10:55:11 | 000,001,085 | ---- | M] () -- C:\Users\Powk\Desktop\Cheat Engine.lnk
[2012.06.18 09:20:34 | 000,415,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.17 20:37:10 | 001,581,077 | ---- | M] () -- C:\Users\Powk\Desktop\mcpatcher-2.3.7_02.exe
[2012.06.17 20:24:14 | 000,680,606 | ---- | M] () -- C:\Users\Powk\Desktop\TileMaster.rar
[2012.06.17 17:18:15 | 000,001,250 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2012.06.17 15:27:28 | 000,001,736 | ---- | M] () -- C:\Users\Powk\Desktop\PeerBlock.lnk
[2012.06.17 15:17:40 | 000,002,194 | ---- | M] () -- C:\Users\Powk\Desktop\Amnesia.lnk
[2012.06.17 15:08:24 | 000,001,563 | ---- | M] () -- C:\Users\Powk\Desktop\dirt3.exe - Verknüpfung.lnk
[2012.06.17 14:59:16 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.06.17 14:59:16 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012.06.16 13:52:46 | 011,595,776 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Sandra.mdb
[2012.06.16 07:17:38 | 000,006,554 | ---- | M] () -- C:\Windows\SysNative\cwlog.dtl
[2012.06.16 07:17:35 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2012.06.16 07:17:35 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2012.06.16 07:17:35 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppcommdlg.dll
[2012.06.16 07:17:35 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppwmi.dll
[2012.06.16 07:17:34 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2012.06.16 07:17:25 | 000,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2012.06.16 07:17:25 | 000,349,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
[2012.06.16 07:17:25 | 000,107,946 | ---- | M] () -- C:\Windows\SysNative\slmgr.vbs
[2012.06.16 07:17:25 | 000,002,048 | ---- | M] () -- C:\Windows\SysNative\winver.exe
[2012.06.16 07:17:24 | 002,169,856 | -HS- | M] () -- C:\Windows\SysNative\hale.exe
[2012.06.15 20:47:09 | 000,000,366 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Network Meter_Settings.ini
[2012.06.14 14:05:20 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.06.14 13:51:04 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll
[2012.06.14 13:38:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.06.14 13:38:21 | 000,001,183 | ---- | M] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2012.SP4a.lnk
[2012.06.14 13:37:04 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2012.06.13 19:35:07 | 000,000,572 | ---- | M] () -- C:\Users\Powk\Desktop\Fraps.lnk
[2012.06.12 20:18:45 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.06.10 23:23:08 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012.06.10 23:04:26 | 000,001,103 | ---- | M] () -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zotac FireStorm.lnk
[2012.06.10 20:22:10 | 000,955,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.06.10 20:22:10 | 000,839,112 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.06.10 20:22:10 | 000,268,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.06.10 20:22:10 | 000,189,384 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.06.10 20:22:10 | 000,188,872 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.06.10 18:58:41 | 000,002,037 | ---- | M] () -- C:\Users\Powk\Desktop\JDownloader.lnk
[2012.06.09 20:37:07 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.06.09 20:37:07 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.06.09 20:23:32 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.06.09 20:23:23 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.06.09 19:41:02 | 3999,925,254 | ---- | M] () -- C:\Users\Powk\Client1.7.0.586601.7z
[2012.06.09 19:38:49 | 086,400,840 | ---- | M] (K2 Network, Inc.) -- C:\Users\Powk\APB_Reloaded_Installer.exe
[2012.06.09 18:43:24 | 000,000,658 | ---- | M] () -- C:\Users\Powk\Desktop\ANNO 2070 - Verknüpfung.lnk
[2012.06.09 18:04:15 | 000,278,561 | ---- | M] () -- C:\Users\Powk\Desktop\Minecraft.exe
[2012.06.09 17:40:45 | 000,001,160 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012.06.09 15:52:52 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.06.09 15:51:34 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.09 13:51:22 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.06.09 13:51:22 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.06.09 13:41:24 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.06.09 13:27:46 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.06.09 13:25:41 | 000,002,283 | ---- | M] () -- C:\Users\Powk\Desktop\Google Chrome.lnk
[2012.06.08 23:54:32 | 267,104,679 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.06.08 22:34:20 | 000,259,344 | ---- | M] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodivd.sys
[2012.06.08 22:34:20 | 000,044,304 | ---- | M] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodivdh.sys
[2012.06.08 22:34:18 | 000,118,032 | ---- | M] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodisr.sys
[2012.06.08 22:34:18 | 000,040,720 | ---- | M] (O&O Software GmbH) -- C:\Windows\SysNative\drivers\oodisrh.sys
[2012.06.08 21:37:59 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012.06.08 20:42:09 | 000,000,751 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.06.08 20:42:09 | 000,000,751 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.05.30 08:29:18 | 000,071,680 | ---- | M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2012.05.30 08:29:14 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[2012.05.26 15:39:40 | 2147,483,643 | ---- | M] () -- C:\Program Files (x86)\Alokotum
[5 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.06.20 20:47:21 | 000,000,000 | ---- | C] () -- C:\Users\Powk\defogger_reenable
[2012.06.18 18:53:51 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.18 16:25:27 | 000,001,292 | ---- | C] () -- C:\Users\Powk\Desktop\Mass Effect Deluxe Edition.lnk
[2012.06.18 15:16:17 | 000,008,229 | ---- | C] () -- C:\Users\Powk\Desktop\Launcher.exe
[2012.06.18 10:55:11 | 000,001,085 | ---- | C] () -- C:\Users\Powk\Desktop\Cheat Engine.lnk
[2012.06.17 20:54:35 | 000,680,606 | ---- | C] () -- C:\Users\Powk\Desktop\TileMaster.rar
[2012.06.17 20:53:06 | 001,581,077 | ---- | C] () -- C:\Users\Powk\Desktop\mcpatcher-2.3.7_02.exe
[2012.06.17 17:18:15 | 000,001,250 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2012.06.17 15:27:28 | 000,001,736 | ---- | C] () -- C:\Users\Powk\Desktop\PeerBlock.lnk
[2012.06.17 15:17:40 | 000,002,194 | ---- | C] () -- C:\Users\Powk\Desktop\Amnesia.lnk
[2012.06.17 15:08:24 | 000,001,563 | ---- | C] () -- C:\Users\Powk\Desktop\dirt3.exe - Verknüpfung.lnk
[2012.06.16 13:30:16 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.06.16 07:17:34 | 000,006,554 | ---- | C] () -- C:\Windows\SysNative\cwlog.dtl
[2012.06.16 07:17:24 | 002,169,856 | -HS- | C] () -- C:\Windows\SysNative\hale.exe
[2012.06.16 06:00:49 | 000,000,043 | ---- | C] () -- C:\Users\Powk\jagex_cl_runescape_LIVE.dat
[2012.06.16 06:00:49 | 000,000,024 | ---- | C] () -- C:\Users\Powk\random.dat
[2012.06.15 20:41:51 | 000,000,366 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Network Meter_Settings.ini
[2012.06.15 20:22:21 | 2147,483,643 | ---- | C] () -- C:\Program Files (x86)\Alokotum
[2012.06.15 20:21:14 | 1073,741,823 | ---- | C] () -- C:\Program Files (x86)\Afterback
[2012.06.15 20:21:12 | 104,857,600 | ---- | C] () -- C:\Program Files (x86)\Arem
[2012.06.14 19:31:09 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2012.06.14 13:45:09 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din
[2012.06.14 13:40:46 | 011,595,776 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Sandra.mdb
[2012.06.14 13:38:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.06.14 13:38:21 | 000,001,183 | ---- | C] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2012.SP4a.lnk
[2012.06.13 19:35:07 | 000,000,572 | ---- | C] () -- C:\Users\Powk\Desktop\Fraps.lnk
[2012.06.12 20:18:45 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.06.11 17:04:01 | 000,026,624 | ---- | C] () -- C:\Windows\SysNative\drivers\GameKB.sys
[2012.06.10 23:23:08 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2012.06.10 18:58:41 | 000,002,037 | ---- | C] () -- C:\Users\Powk\Desktop\JDownloader.lnk
[2012.06.10 18:58:40 | 000,002,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.06.10 18:58:40 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2012.06.10 18:58:40 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.06.09 20:37:07 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.06.09 20:23:25 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.06.09 20:23:25 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.06.09 20:23:23 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.06.09 18:43:24 | 000,000,658 | ---- | C] () -- C:\Users\Powk\Desktop\ANNO 2070 - Verknüpfung.lnk
[2012.06.09 18:04:10 | 000,278,561 | ---- | C] () -- C:\Users\Powk\Desktop\Minecraft.exe
[2012.06.09 17:42:20 | 3999,925,254 | ---- | C] () -- C:\Users\Powk\Client1.7.0.586601.7z
[2012.06.09 17:40:45 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012.06.09 15:52:52 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.06.09 15:51:34 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.09 15:51:34 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.09 13:27:46 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.06.09 13:26:10 | 000,002,283 | ---- | C] () -- C:\Users\Powk\Desktop\Google Chrome.lnk
[2012.06.09 13:24:34 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2734158981-619937663-1740015174-1000UA.job
[2012.06.09 13:24:33 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2734158981-619937663-1740015174-1000Core.job
[2012.06.09 13:20:55 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012.06.09 13:16:25 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.06.09 00:07:21 | 000,001,103 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zotac FireStorm.lnk
[2012.06.08 23:54:32 | 267,104,679 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.06.08 21:56:14 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.06.08 21:37:59 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012.06.08 21:37:58 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2012.06.08 20:45:15 | 000,001,405 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.06.08 20:45:10 | 000,001,439 | ---- | C] () -- C:\Users\Powk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.06.08 20:38:58 | 3204,669,440 | -HS- | C] () -- C:\hiberfil.sys

< End of report >
__________________

Alt 21.06.2012, 12:01   #4
Psychotic
/// Malwareteam
 
cmd.exe öffnet bei anmeldung automatisch - Standard

cmd.exe öffnet bei anmeldung automatisch



Zitat:
Kann sich eine Festlatte selber Formatieren??
Wohl kaum!


ckscan


Downloade dir bitte CKScanner Wichtig: Speichere die Datei am Desktop.
  • Doppelklick auf die CKScanner.exe und klicke auf Search For Files.
  • Danach klick auf Save List To File.
  • Es wird eine Box aufpoppen was dir mitteilt das die Datei gespeichert wurde (file saved)
  • Öffne die CKFiles.txt auf deinem Desktop und poste den Inhalt hier.
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 21.06.2012, 12:15   #5
MrToastey
 
cmd.exe öffnet bei anmeldung automatisch - Standard

cmd.exe öffnet bei anmeldung automatisch



Na Bumm. Laut diesem Scan war das also schon vorher da. Muss ich jetzt alle "unlegalen" spiele von ihm deinstallieren und die temps jagen?
Und ich hatte mich schon auf gratis Spiele gefreut


CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack.snt
c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack01.ogg
c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack02.ogg
c:\program files (x86)\amnesia - the dark descent\redist\sounds\11\11_glass_crack03.ogg
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue.mat
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue01.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue01.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue02.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue02.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue03.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue03.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue04.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue04.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue_back.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_blue_back.mat
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown.mat
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown01.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown01.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown02.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown02.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown03.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown03.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown04.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown04.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown_back.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_brown_back.mat
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_nrm.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\decals\cracks_spec.dds
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
c:\program files (x86)\amnesia - the dark descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
c:\program files (x86)\gamersfirst\apb reloaded\apbgame\content\release\packages\symboleditor\primitives_splatscracks.upk
c:\program files (x86)\jdownloader\jd\plugins\hoster\crackedcom.class
c:\users\powk\downloads\adrorium\sr-dirt3.crack.rar
c:\users\powk\downloads\adrorium\oo.diskimage.professional.v6.8.1.x64\kg\keygen.exe
c:\users\powk\downloads\adrorium\oo.diskimage.professional.v6.8.1.x64\kg\lz0-keygen.exe
c:\users\powk\downloads\adrorium\oo.diskimage.professional.v6.8.1.x64\kg\zwt-keygen.exe
c:\users\powk\downloads\adrorium\win 7 activator-sammlung 23\chew-wga v.1.1\chew7.exe
scanner sequence 3.ZZ.11.VRCPJR
----- EOF -----


Alt 21.06.2012, 13:33   #6
Psychotic
/// Malwareteam
 
cmd.exe öffnet bei anmeldung automatisch - Standard

cmd.exe öffnet bei anmeldung automatisch



Zitat:
c:\users\powk\downloads\adrorium\sr-dirt3.crack.rar
c:\users\powk\downloads\adrorium\oo.diskimage.professional.v6.8.1.x64\kg\keygen.exe
c:\users\powk\downloads\adrorium\oo.diskimage.professional.v6.8.1.x64\kg\lz0-keygen.exe
c:\users\powk\downloads\adrorium\oo.diskimage.professional.v6.8.1.x64\kg\zwt-keygen.exe
c:\users\powk\downloads\adrorium\win 7 activator-sammlung 23\chew-wga v.1.1\chew7.exe



Alleine der Besuch auf Seiten, welche diese Dateien zum Download anbieten, beinhaltet ein hohes Risiko sich zu infizieren.

Wenn Du den Crack startest, startest du eine ausführbare Datei aus einer sehr dubiosen Quelle. Im Quellcode der Datei kann alles mögliche stehen. ( z.B downloaden und ausführen von Malwaredateien )
Dies ist einer der Hauptursachen für Infektionen.

Ausserdem sind Cracks, Keygens, usw. illegal und das ist genauso Diebstahl wie in einem Laden.
Darum haben wir uns darauf geeinigt:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Deshalb beschränkt sich unsere Hilfe für dich auf eine Anleitung zur Neuinstallation und Absicherung des Systems
__________________
--> cmd.exe öffnet bei anmeldung automatisch

Alt 21.06.2012, 13:56   #7
MrToastey
 
cmd.exe öffnet bei anmeldung automatisch - Standard

cmd.exe öffnet bei anmeldung automatisch



Ja aber ich war das ja garnicht

Antwort

Themen zu cmd.exe öffnet bei anmeldung automatisch
acrobat update, adobe, adobe flash player, auslastung, bho, black, browser, candy, cmd öffnet automatisch, dll, explorer, flash player, google, hijack, hijackthis, hohe cpu auslastung, internet, internet explorer, lsass.exe, microsoft, mozilla, nvidia, opencandy, plug-in, rundll, scan, security, senden, usb, usb 3.0, windows, wmp, öffnet



Ähnliche Themen: cmd.exe öffnet bei anmeldung automatisch


  1. PC meldet sich nach Anmeldung automatisch wieder ab 2014
    Alles rund um Windows - 15.03.2014 (40)
  2. PC meldet sich nach Anmeldung automatisch wieder ab
    Log-Analyse und Auswertung - 21.06.2013 (7)
  3. Browser öffnet automatisch Tab
    Log-Analyse und Auswertung - 29.12.2011 (18)
  4. Explorer.exe startet bei Anmeldung nicht mehr automatisch
    Plagegeister aller Art und deren Bekämpfung - 19.10.2010 (27)
  5. IE öffnet automatisch
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (2)
  6. Beim Starten von Windows XP passiert folgendes --- Anmeldung-Abmeldung-Anmeldung
    Alles rund um Windows - 13.08.2010 (1)
  7. Internet Explorer öffnet sich automatisch und öffnet Werbeseiten
    Log-Analyse und Auswertung - 18.06.2010 (1)
  8. Werbung öffnet automatisch
    Antiviren-, Firewall- und andere Schutzprogramme - 17.12.2009 (9)
  9. IE öffnet automatisch mit Werbung
    Log-Analyse und Auswertung - 05.10.2009 (10)
  10. Internet Explorer öffnet automatisch und öffnet Werbung
    Log-Analyse und Auswertung - 28.08.2009 (18)
  11. Windows XP Meldet sich nach Anmeldung automatisch ab
    Plagegeister aller Art und deren Bekämpfung - 23.03.2009 (12)
  12. Windows XP Meldet sich nach Anmeldung automatisch ab
    Plagegeister aller Art und deren Bekämpfung - 13.03.2009 (0)
  13. IE öffnet automatisch Werbung
    Log-Analyse und Auswertung - 14.02.2009 (6)
  14. IE öffnet automatisch Pornoseiten
    Plagegeister aller Art und deren Bekämpfung - 21.01.2009 (2)
  15. IE öffnet automatisch
    Log-Analyse und Auswertung - 01.01.2009 (6)
  16. IE öffnet automatisch Seiten
    Log-Analyse und Auswertung - 02.11.2006 (17)
  17. internetseite öffnet automatisch
    Log-Analyse und Auswertung - 05.07.2005 (1)

Zum Thema cmd.exe öffnet bei anmeldung automatisch - cmd.exe öffnet bei anmeldung automatisch Bei jeder Anmeldung auf meinen Windows Benutzer steigt meine Zentralprozessoren Auslastung auf 95%. Es scheint, als ob es immer genügend Transis frei lässt um nicht - cmd.exe öffnet bei anmeldung automatisch...
Archiv
Du betrachtest: cmd.exe öffnet bei anmeldung automatisch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.