GvU der zweite Streich

Spike007 · 03.01.2013, 12:55

Hier der 2. streich der Pc meiner frau Malwarebyte bereits erldigt.
Malware wurde durchgeführt gleich nachdem der gvu Bildschirm kam. noch vor dem ersten booten.

OTL extras

Zitat:

OTL Extras logfile created on: 03.01.2013 00:08:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXXX\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,96 Gb Total Physical Memory | 6,15 Gb Available Physical Memory | 77,26% Memory free
15,91 Gb Paging File | 13,85 Gb Available in Paging File | 87,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,18 Gb Total Space | 870,22 Gb Free Space | 94,47% Space Free | Partition Type: NTFS
Drive F: | 2,98 Mb Total Space | 2,98 Mb Free Space | 100,00% Space Free | Partition Type: FAT

Computer Name: OOO-DELL | User Name: XXXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A1877E2-3058-4125-B75E-8E6AC9BCACFC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0C008F3A-8F43-46A7-9E51-C0F4A4AA9E82}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D0B6C9B-BEF3-43A3-8F4D-770E628B3FEF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D9F535D-48D4-489A-845F-C7E3BE5DC5DA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{11386393-529E-4E86-A567-281CF32C9723}" = lport=139 | protocol=6 | dir=in | app=system |
"{313E106B-C396-4B58-95DE-78C25E94E2A2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3D0E8277-55AE-41B7-AEEF-4B3BE7B21495}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DBD29F7-E68A-456F-AD7C-CC4B6C917D6D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6C1FA1E2-268E-4F28-8D12-FDC15ED198F6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{82A6FDAB-4105-4D18-AD92-61C97AF96380}" = rport=137 | protocol=17 | dir=out | app=system |
"{95996B62-3E9C-4D2B-B1F0-1D30804BC9FF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C04BBD8-B8D0-4D57-AA69-E7210AD65E51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A1A84A01-A666-4659-A8DD-37480687F315}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AEAD77CE-BBAB-41A0-B9AD-44082277592B}" = rport=138 | protocol=17 | dir=out | app=system |
"{B6C76B30-9CBA-4D93-9463-BA04B06C58DA}" = rport=445 | protocol=6 | dir=out | app=system |
"{B8EA66F5-6B41-4167-9FBD-EF3B51D5463F}" = lport=445 | protocol=6 | dir=in | app=system |
"{BFDD2283-1BFD-4F72-BC14-EA6076E302B8}" = lport=137 | protocol=17 | dir=in | app=system |
"{D3B90446-A85B-486A-8110-B279C3E362C0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6CE785D-D776-4DEB-BB3E-B4FA88842290}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E93FC70C-AC0B-42D3-9F1E-CDE0C281CE1B}" = lport=138 | protocol=17 | dir=in | app=system |
"{F56CCEAF-9390-4D4E-BE53-62C35D40661F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F973A039-A8E1-4841-91D3-840D34E453F0}" = rport=139 | protocol=6 | dir=out | app=system |
"{FFDBE6F2-85A5-4E1A-86BC-C7E521BC767C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028FCDAD-B370-45D4-AAC2-3737462D311F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0EA8F705-66E8-4BA4-A465-9DE853611FCE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1A6BB589-E48E-4640-9C6F-C4FFDB2E6DAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1EF080A4-931F-4C27-B129-98CF74E9A464}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2A32B403-656A-4746-A37C-B85D6125A951}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{2BE6CDE0-129A-45E8-A380-CBB7EFD1787C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A42C32F-8A5D-43B0-84D5-CA0454F87ACC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3C2C30F3-BB51-4B6A-A9F1-782B3FEEB26B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{510EDFB3-0748-4D1F-AC35-09B5FA1CF856}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55F01DA8-5D17-487A-942C-9E0BFB80F5C2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6137A8C4-0AA9-48A8-A3F5-60C2C2CF791C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{62047110-0003-4FF1-B13D-C296E5B82F30}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{660DD3A2-3932-486A-ABC3-DEE85EFBD726}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7003E433-5AED-437B-AAC8-4C9EB92BA227}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7A643BB3-C358-4D91-9D81-B9B59C866FFE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7B698536-4323-4F9C-B1D4-57C4943CCDE3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83552D5D-C1FD-4808-9D65-DFDA7C540957}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8A3BB442-CC50-452B-A2B1-8C317FD593F2}" = protocol=6 | dir=out | app=system |
"{8A71CD46-5AB6-43FD-BCD8-ACAE7FE4278B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8BBC92FC-44F6-4A33-AA00-5804042851A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AAACE612-590A-41BC-AA3F-A37D0B0D08AC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BB9B86DB-F795-4EBE-A0C5-7C920E049504}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C915A699-CC34-402E-9036-244722CAE9D3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9BB5E0C-6BB1-4256-884A-E14A6FF1EF70}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D6442C5A-6C81-48CF-875A-713A88DBB7BB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D878B432-8FB2-4EE7-B6DA-536DE0D590EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F42B92CC-790E-47B3-B2BC-D1D3E79A9942}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F6A90F62-0F4A-4269-89F2-204F659F39F8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{4EA3E609-CA21-4856-A4BE-E84D2A61F0DB}C:\program files (x86)\fritz!\frifax32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!\frifax32.exe |
"TCP Query User{A7993D48-55AA-40FB-A1EA-92A9C31E2E77}C:\users\XXXXX\appdata\local\temp\_istmp1.dir\_ins5576._mp" = protocol=6 | dir=in | app=c:\users\XXXXX\appdata\local\temp\_istmp1.dir\_ins5576._mp |
"UDP Query User{6FF948E8-8516-4885-AEDF-0309936316A4}C:\users\XXXXX\appdata\local\temp\_istmp1.dir\_ins5576._mp" = protocol=17 | dir=in | app=c:\users\XXXXX\appdata\local\temp\_istmp1.dir\_ins5576._mp |
"UDP Query User{8B166642-4737-472C-B4E1-2FA506286CEB}C:\program files (x86)\fritz!\frifax32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!\frifax32.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software Installer
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{100E94A6-F85A-E828-9EE3-C1DD14706B6A}" = AMD Catalyst Install Manager
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{2EECD5EF-5095-467C-B80C-4AB3096EFD60}" = SPBA 5.9
"{30C2392C-C7D6-4FE2-9617-05D2C6E9D3EE}" = Wave Infrastructure Installer
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}" = PC-CCID
"{4E60E212-3177-4B16-BCB3-616CCC52357D}" = Upek Touchchip Fingerprint Reader
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50B4B603-A4C6-4739-AE96-6C76A0F8A388}" = Dell Backup and Recovery Manager
"{5F5CBF39-BD29-43C8-B63A-B9758F0FD090}" = EMBASSY Client Core
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6438A99C-A37E-4758-A0AE-95F8A63AAFF5}" = Intel(R) Network Connections 16.8.45.00
"{6AC87FB3-ACFC-4416-890C-8976D5A9B371}" = Trusted Drive Manager
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}" = Custom
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{91CE5F03-3A2A-4268-935A-04944F058AE9}" = Gemalto
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB}" = BioAPI Framework
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Data Protection | Access
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{D021AEE9-18D2-1F56-46DA-CD72CA3E97F0}" = ccc-utility64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E9A97832-83B6-42B6-BAC6-492E344C2561}" = NTRU TCG Software Stack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F839C6BD-E92E-48FA-9CE6-7BFAF94F7096}" = DellAccess
"9512AA21B791B05A54E27065C45BBC417AB282DF" = Windows-Treiberpaket - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
"doPDF 7 printer_is1" = doPDF 7.3 printer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PROSetDX" = Intel(R) Network Connections 16.8.45.00
"WinRAR archiver" = WinRAR 4.20 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{041EDAC5-853E-4A10-A0C8-ED0CF7769306}" = PE-DESIGN NEXT
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{123DE6D6-9566-4777-AC81-E6D86FFA95DA}" = HL-4140CN
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210DD1FC-AAF8-4357-25FE-89E699BDB62E}" = CCC Help Greek
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27B201A5-A73B-1E7E-0C62-978A1B4A6696}" = CCC Help Danish
"{29725F9E-027A-22DC-7B17-9413A5C5E51C}" = CCC Help Polish
"{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}" = Dell Client System Update
"{2E1BA46C-A45B-F2C8-1197-0CEB4EB77F70}" = CCC Help Hungarian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3528D412-5EEA-AAEA-AF64-9ADEE903D7D5}" = CCC Help English
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{383FCD28-9484-48AC-9397-C8FCD9D8F76E}" = Catalyst Control Center - Branding
"{39D555D6-3DB9-B304-042B-185E5FEBEF97}" = Catalyst Control Center InstallProxy
"{3D8BC028-6977-2124-8314-A480AFD53C20}" = CCC Help Korean
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F5AF1A5-68C6-63B6-9550-B0BBDEFCA76F}" = CCC Help Chinese Standard
"{40B415DD-63CB-7269-F7F8-BD2A06792785}" = CCC Help French
"{4587AD12-30F6-F902-299B-BD8428E7F090}" = Catalyst Control Center
"{48614A34-564D-1F2B-7D2E-8814113BDEA8}" = CCC Help Dutch
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B055C77-BC0F-623F-5A73-F7D5012987DB}" = CCC Help Finnish
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{54ED5964-9FEF-C9F8-F5D7-2663AFFD0C13}" = CCC Help Czech
"{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{703BB500-F54C-4F33-9D3C-D7A28CEAFBCF}" = toolkit32for64bit
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{751F6C35-7A18-EAB6-AD50-ADAA4C5DD103}" = Catalyst Control Center Profiles Desktop
"{768012C6-AB93-3FDE-C3F6-6C0606948568}" = CCC Help Italian
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78C07322-CA1D-98B6-14CE-476F125081B2}" = CCC Help Swedish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{850C7BC5-8CBC-4635-552E-C0AD6A0EA01E}" = Catalyst Control Center Graphics Previews Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B8EE744-5D73-3AAC-52FB-43517C1CFA0B}" = CCC Help Spanish
"{8C0600A3-E772-4FC8-A67D-ED110E69665C}" = Wave Crypto Runtime 2.0.7.0 x86
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA6A274-9C75-40B4-991F-01482D89D1A7}" = Linkury Smartbar
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3A232F-57E6-595E-1F77-637AFF16580C}" = CCC Help Thai
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A282AFAB-F862-FF2E-44FB-22AA15E54AAA}" = CCC Help Chinese Traditional
"{A69EAF80-2710-6AD2-8515-2C27CE1B5802}" = CCC Help Turkish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE72A9DF-CF98-6D61-841E-32EBD9A2A74E}" = CCC Help Portuguese
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B15E6BBB-6AB4-3B2B-54AE-A1B874FA5469}" = CCC Help German
"{B202B201-5D15-4CA7-A978-047AB4A28960}" = PE-DESIGN Ver.6
"{BA02FAF3-7AEE-4B07-A7F8-5AF7F81EB940}" = DRAWings X3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6A344E9-6D72-560C-4A5E-93E6CA0EDDF7}" = CCC Help Russian
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D10D4895-3630-B0A7-B575-7D1735E588A7}" = CCC Help Norwegian
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C7FDC9-0B49-A5EC-7987-3C17D7045462}" = CCC Help Japanese
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBFD7411-739D-B207-5B40-59EF15873810}" = Catalyst Control Center Localization All
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CDex" = CDex - Open Source Digital Audio CD Extractor
"DAEMON Tools Lite" = DAEMON Tools Lite
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1" = Albelli Fotobücher

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 07.12.2012 09:31:25 | Computer Name = OOO-Dell | Source = WinMgmt | ID = 10
Description =

Error - 07.12.2012 13:23:15 | Computer Name = OOO-Dell | Source = WinMgmt | ID = 10
Description =

Error - 07.12.2012 13:31:34 | Computer Name = OOO-Dell | Source = WinMgmt | ID = 10
Description =

[ DRAWings Events ]
Error - 08.12.2012 08:02:10 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached

Error - 08.12.2012 08:02:45 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached

Error - 08.12.2012 08:03:04 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached

Error - 08.12.2012 08:03:36 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached

Error - 09.12.2012 05:25:16 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4003
Description = Last exception was unhandled.

[ System Events ]
Error - 11.12.2012 19:52:29 | Computer Name = OOO-Dell | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk2\DR10.

Error - 11.12.2012 19:52:29 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR10
gefunden.

Error - 15.12.2012 11:54:02 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR11
gefunden.

Error - 15.12.2012 11:54:03 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR11
gefunden.

Error - 15.12.2012 11:54:03 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR11
gefunden.

Error - 16.12.2012 18:04:45 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19
gefunden.

Error - 16.12.2012 18:04:45 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19
gefunden.

Error - 16.12.2012 18:04:45 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19
gefunden.

Error - 16.12.2012 18:04:45 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19
gefunden.

Error - 26.12.2012 17:08:19 | Computer Name = OOO-Dell | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NTRU TSS v1.2.1.37 TCS" ist vom Dienst "TPM-Basisdienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0

< End of report >

Spike007 · 03.01.2013, 12:57

hier die OTL

Zitat:

OTL logfile created on: 03.01.2013 00:08:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXXX\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,96 Gb Total Physical Memory | 6,15 Gb Available Physical Memory | 77,26% Memory free
15,91 Gb Paging File | 13,85 Gb Available in Paging File | 87,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,18 Gb Total Space | 870,22 Gb Free Space | 94,47% Space Free | Partition Type: NTFS
Drive F: | 2,98 Mb Total Space | 2,98 Mb Free Space | 100,00% Space Free | Partition Type: FAT

Computer Name: OOO-DELL | User Name: XXXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\XXXXX\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Linkury.exe (Smartbar)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c07aa49ffd41a39bffaf653289f44038\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\97a6208b8fe4bd3d5df927b264371f9c\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ace8db575fae1df9c3b463589bf6a254\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cf840dca36a7b949696ce331d0532d3e\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\MACTrackBarLib.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll ()
MOD - C:\Users\XXXXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Web.Services.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (Intel(R) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (EmbassyService) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe ()
SRV - (WvPCR) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe (Wave Systems Corp.)
SRV - (Wave Authentication Manager Service) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe (Wave Systems Corp.)
SRV - (TdmService) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
SRV - (SecureStorageService) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)
SRV - (tcsd_win32.exe) -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (busbcrw) -- C:\Windows\SysNative\drivers\bucrw64.sys (Brother Industries, Ltd.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (PBADRV) -- C:\Windows\SysNative\drivers\PBADRV.SYS (Dell Inc)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (IntcAzAudAddService) -- C:\Windows\SysNative\drivers\RTDVHD64.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {3C9E3256-FAEB-4D49-9797-722400353B4B}
IE:64bit: - HKLM\..\SearchScopes\{3C9E3256-FAEB-4D49-9797-722400353B4B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=ab3058f6-9d6b-4426-831d-7f2abd21ce9d&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{3C9E3256-FAEB-4D49-9797-722400353B4B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS

IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13-comm.msn.com
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=ab3058f6-9d6b-4426-831d-7f2abd21ce9d&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=ab3058f6-9d6b-4426-831d-7f2abd21ce9d&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=ab3058f6-9d6b-4426-831d-7f2abd21ce9d&affid=111583&searchtype=hp&babsrc=lnkry_nt
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=ab3058f6-9d6b-4426-831d-7f2abd21ce9d&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=ab3058f6-9d6b-4426-831d-7f2abd21ce9d&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=ab3058f6-9d6b-4426-831d-7f2abd21ce9d&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\..\SearchScopes\{71CFBD12-6798-4D85-8EC3-129513B92694}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=94B4ACB2-3C05-4372-9418-345109899BC7&apn_sauid=BB26885D-BDDF-4638-81A4-412E54DD2C57
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=ab3058f6-9d6b-4426-831d-7f2abd21ce9d&affid=111583&searchtype=hp&babsrc=lnkry"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=ab3058f6-9d6b-4426-831d-7f2abd21ce9d&affid=111583&searchtype=ds&babsrc=lnkry&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.07 14:40:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.26 00:28:38 | 000,000,000 | ---D | M]

[2012.12.07 14:40:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXXX\AppData\Roaming\mozilla\Extensions
[2012.12.12 21:18:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXXX\AppData\Roaming\mozilla\Firefox\Profiles\3c12t5j4.default\extensions
[2012.12.12 21:18:34 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\XXXXX\AppData\Roaming\mozilla\Firefox\Profiles\3c12t5j4.default\extensions\toolbar@ask.com
[2012.12.12 21:18:34 | 000,002,308 | ---- | M] () -- C:\Users\XXXXX\AppData\Roaming\mozilla\firefox\profiles\3c12t5j4.default\searchplugins\askcom.xml
[2012.12.29 00:34:27 | 000,002,455 | ---- | M] () -- C:\Users\XXXXX\AppData\Roaming\mozilla\firefox\profiles\3c12t5j4.default\searchplugins\Web Search.xml
[2012.12.07 14:40:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.12 11:41:04 | 000,171,136 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [DBRMTray] C:\dell\DBRM\Reminder\DbrmTrayicon.exe (Dell Computer Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtDCpl64.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [TdmNotify] C:\Programme\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000..\Run: [Browser Infrastructure Helper] C:\Users\XXXXX\AppData\Local\Smartbar\Application\Linkury.exe (Smartbar)
O4 - HKU\S-1-5-21-2093221596-2903614234-1127370746-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4:64bit: - HKLM..\RunOnce: [DBRMTray] C:\dell\DBRM\Reminder\TrayApp.exe (Microsoft)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaOOOrAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaOOOrUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE7209C3-4FBE-4372-9319-A83C3E902789}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Programme\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (wvauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.01.03 00:04:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\XXXXX\Desktop\OTL.exe
[2013.01.02 23:32:01 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Malwarebytes
[2013.01.02 23:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.02 23:31:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.02 23:31:10 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.01.02 23:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.12.27 03:03:29 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.12.27 03:03:29 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.12.27 03:03:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.12.27 03:02:48 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.12.27 03:02:48 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.12.27 03:02:48 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.12.27 03:02:48 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.12.26 22:14:07 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.12.26 22:14:07 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.12.26 22:14:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.12.26 22:14:06 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012.12.26 22:14:06 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012.12.26 22:14:06 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.12.26 22:14:06 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.12.26 22:14:06 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.12.26 22:14:06 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.12.26 22:14:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.12.26 22:14:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.12.26 22:14:05 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.12.26 22:14:01 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.12.26 00:34:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.12.26 00:34:33 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.12.26 00:30:11 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.12.26 00:30:11 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.12.26 00:30:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.12.26 00:30:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.12.26 00:30:11 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.12.26 00:30:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.12.26 00:30:11 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.12.26 00:30:11 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.12.26 00:30:10 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.12.26 00:30:10 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.12.26 00:30:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.12.26 00:30:10 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.12.26 00:30:10 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.12.26 00:30:10 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.12.26 00:30:09 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.12.26 00:28:44 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.26 00:28:44 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.26 00:28:44 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.26 00:28:44 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.23 22:47:32 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Desktop\VICTORIA
[2012.12.23 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Desktop\lara paulina
[2012.12.23 00:48:28 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Documents\PE-DESIGN NEXT
[2012.12.23 00:37:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE-DESIGN NEXT
[2012.12.23 00:22:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BIL
[2012.12.23 00:20:15 | 000,025,600 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\drivers\bucrw64.sys
[2012.12.20 12:38:35 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Documents\Corel User Files
[2012.12.16 10:17:52 | 000,000,000 | ---D | C] -- C:\temp
[2012.12.16 00:28:03 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\AppData\Roaming\Brother
[2012.12.12 21:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.12.12 21:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012.12.12 21:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.12.12 21:08:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.12.12 21:08:17 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.12.12 21:08:16 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.12.12 21:08:16 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.12.12 21:08:13 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.12.12 21:08:13 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.12.12 21:08:13 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.12.12 21:08:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.12.11 22:59:27 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.12.11 22:59:27 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.12.11 22:59:27 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.12.11 22:59:27 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.12.11 22:59:27 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.12.11 22:59:27 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.12.11 22:59:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.12.11 22:59:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.12.11 22:59:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.12.11 22:59:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.12.11 22:59:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.12.11 22:59:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.12.11 22:59:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.12.11 22:59:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.12.11 22:59:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.12.11 22:59:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.12.11 22:59:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.12.11 22:59:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.12.11 22:59:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.12.11 22:59:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.12.11 22:59:25 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.12.11 22:59:25 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012.12.10 21:18:17 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Documents\Meinfotoalbum Projects
[2012.12.10 21:18:17 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Meinfotoalbum
[2012.12.09 23:19:29 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Documents\Albelli Fotobücher
[2012.12.09 23:19:29 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli Fotobücher
[2012.12.09 23:19:29 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Albelli Fotobücher
[2012.12.09 10:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE-DESIGN Ver6
[2012.12.09 10:21:38 | 001,402,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltdlg13n.dll
[2012.12.09 10:21:38 | 001,139,712 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTDic13n.dll
[2012.12.09 10:21:38 | 001,009,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Ltwvc13n.dll
[2012.12.09 10:21:38 | 000,966,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltdlgres13n.dll
[2012.12.09 10:21:38 | 000,825,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltwen13n.dll
[2012.12.09 10:21:38 | 000,794,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRTN13n.DLL
[2012.12.09 10:21:38 | 000,759,808 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltocx13n.ocx
[2012.12.09 10:21:38 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltkrn13n.dll
[2012.12.09 10:21:38 | 000,445,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltimg13n.dll
[2012.12.09 10:21:38 | 000,379,904 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltvec13n.ocx
[2012.12.09 10:21:38 | 000,360,960 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltdlg13n.ocx
[2012.12.09 10:21:38 | 000,319,488 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTCML13n.dll
[2012.12.09 10:21:38 | 000,265,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTDIS13n.dll
[2012.12.09 10:21:38 | 000,253,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltpnt13n.ocx
[2012.12.09 10:21:38 | 000,246,784 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lvkrn13n.dll
[2012.12.09 10:21:38 | 000,241,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTEml13n.dll
[2012.12.09 10:21:38 | 000,206,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltefx13n.dll
[2012.12.09 10:21:38 | 000,204,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltscr13n.ocx
[2012.12.09 10:21:38 | 000,196,608 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltlst13n.ocx
[2012.12.09 10:21:38 | 000,179,200 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltnet13n.ocx
[2012.12.09 10:21:38 | 000,170,496 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTSCR13n.DLL
[2012.12.09 10:21:38 | 000,164,352 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lvdlg13n.dll
[2012.12.09 10:21:38 | 000,158,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Ltpnt13n.dll
[2012.12.09 10:21:38 | 000,154,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltfil13n.DLL
[2012.12.09 10:21:38 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttmb13n.ocx
[2012.12.09 10:21:38 | 000,150,528 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltisi13n.ocx
[2012.12.09 10:21:38 | 000,146,432 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltmrc13n.ocx
[2012.12.09 10:21:38 | 000,145,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttw213n.dll
[2012.12.09 10:21:38 | 000,144,384 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttlb13n.ocx
[2012.12.09 10:21:38 | 000,114,176 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTOCR13n.dll
[2012.12.09 10:21:38 | 000,111,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTCON13n.dll
[2012.12.09 10:21:38 | 000,110,592 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTSGM13N.DLL
[2012.12.09 10:21:38 | 000,108,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTTLB13n.dll
[2012.12.09 10:21:38 | 000,102,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltodb13n.ocx
[2012.12.09 10:21:38 | 000,095,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltpdg13n.dll
[2012.12.09 10:21:38 | 000,076,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lvgl13n.dll
[2012.12.09 10:21:38 | 000,074,240 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lvdx13n.dll
[2012.12.09 10:21:38 | 000,061,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltnet13n.dll
[2012.12.09 10:21:38 | 000,053,248 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTWEB13n.dll
[2012.12.09 10:21:38 | 000,051,200 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltlst13n.dll
[2012.12.09 10:21:38 | 000,044,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttwn13n.dll
[2012.12.09 10:21:38 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltisi13n.dll
[2012.12.09 10:21:38 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttmb13n.dll
[2012.12.09 10:21:38 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTWND13n.DLL
[2012.12.09 10:21:37 | 001,693,696 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTCLR13n.dll
[2012.12.09 10:21:37 | 000,785,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltann13n.dll
[2012.12.09 10:21:37 | 000,149,504 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTAUT13n.dll
[2012.12.09 10:21:37 | 000,076,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfwmf13n.dll
[2012.12.09 10:21:37 | 000,051,200 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfXpm13n.dll
[2012.12.09 10:21:37 | 000,049,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfXbm13n.dll
[2012.12.09 10:21:37 | 000,033,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfwmp13n.dll
[2012.12.09 10:21:37 | 000,025,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfxwd13n.dll
[2012.12.09 10:21:37 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfwpg13n.dll
[2012.12.09 10:21:37 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfwfx13n.dll
[2012.12.09 10:21:36 | 000,550,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFSVG13n.dll
[2012.12.09 10:21:36 | 000,143,360 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftif13n.dll
[2012.12.09 10:21:36 | 000,101,376 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfvpg13n.dll
[2012.12.09 10:21:36 | 000,083,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfshp13n.dll
[2012.12.09 10:21:36 | 000,080,384 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFPTK13n.dll
[2012.12.09 10:21:36 | 000,068,096 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfsct13n.dll
[2012.12.09 10:21:36 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpsd13n.dll
[2012.12.09 10:21:36 | 000,033,792 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFSMP13n.dll
[2012.12.09 10:21:36 | 000,033,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfvec13n.dll
[2012.12.09 10:21:36 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftga13n.dll
[2012.12.09 10:21:36 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfsgi13n.dll
[2012.12.09 10:21:36 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfras13n.dll
[2012.12.09 10:21:36 | 000,017,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfRaw13n.dll
[2012.12.09 10:21:35 | 000,278,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFJ2K13n.dll
[2012.12.09 10:21:35 | 000,185,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfdxf13n.dll
[2012.12.09 10:21:35 | 000,180,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfpng13n.dll
[2012.12.09 10:21:35 | 000,177,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpdf13n.dll
[2012.12.09 10:21:35 | 000,153,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfPCL13n.dll
[2012.12.09 10:21:35 | 000,108,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfgbr13n.dll
[2012.12.09 10:21:35 | 000,102,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmpg13n.dll
[2012.12.09 10:21:35 | 000,090,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfjbg13n.dll
[2012.12.09 10:21:35 | 000,084,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffpx13n.dll
[2012.12.09 10:21:35 | 000,074,752 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfplt13n.dll
[2012.12.09 10:21:35 | 000,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffax13n.dll
[2012.12.09 10:21:35 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfpct13n.dll
[2012.12.09 10:21:35 | 000,048,128 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfica13n.dll
[2012.12.09 10:21:35 | 000,047,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfeps13n.dll
[2012.12.09 10:21:35 | 000,047,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfgif13n.dll
[2012.12.09 10:21:35 | 000,038,400 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfflc13n.dll
[2012.12.09 10:21:35 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lflmb13n.dll
[2012.12.09 10:21:35 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFPNM13n.dll
[2012.12.09 10:21:35 | 000,029,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lflma13n.dll
[2012.12.09 10:21:35 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfiff13n.dll
[2012.12.09 10:21:35 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcx13n.dll
[2012.12.09 10:21:35 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfimg13n.dll
[2012.12.09 10:21:35 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcd13n.dll
[2012.12.09 10:21:35 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfitg13n.dll
[2012.12.09 10:21:35 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmsp13n.dll
[2012.12.09 10:21:35 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmac13n.dll
[2012.12.09 10:21:34 | 000,543,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\leadsrvr.exe
[2012.12.09 10:21:34 | 000,509,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMW13n.dll
[2012.12.09 10:21:34 | 000,484,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfdwf13n.dll
[2012.12.09 10:21:34 | 000,420,352 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMP13n.DLL
[2012.12.09 10:21:34 | 000,295,936 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfAFP13n.dll
[2012.12.09 10:21:34 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\PCDLIB32.DLL
[2012.12.09 10:21:34 | 000,130,560 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfdwg13n.dll
[2012.12.09 10:21:34 | 000,094,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfdrw13n.dll
[2012.12.09 10:21:34 | 000,091,136 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfacs13n.dll
[2012.12.09 10:21:34 | 000,090,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfcmx13n.dll
[2012.12.09 10:21:34 | 000,089,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfcgm13n.dll
[2012.12.09 10:21:34 | 000,079,872 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfdgn13n.dll
[2012.12.09 10:21:34 | 000,056,320 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfcal13n.dll
[2012.12.09 10:21:34 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfclp13n.dll
[2012.12.09 10:21:34 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp13n.dll
[2012.12.09 10:21:34 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AWRESX32.DLL
[2012.12.09 10:21:34 | 000,025,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfani13n.dll
[2012.12.09 10:21:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AWCODC32.DLL
[2012.12.09 10:21:34 | 000,023,040 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfawd13n.dll
[2012.12.09 10:21:34 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfCUT13n.dll
[2012.12.09 10:21:34 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfavi13n.dll
[2012.12.09 10:21:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AWDENC32.DLL
[2012.12.09 10:21:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AWVIEW32.DLL
[2012.12.09 10:21:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AWDCXC32.DLL
[2012.12.09 09:15:40 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Application Data
[2012.12.09 08:40:57 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.12.09 08:40:57 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.12.09 08:40:57 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.12.09 08:40:57 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.12.09 08:40:57 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.12.09 08:40:56 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.12.09 08:40:42 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.12.09 08:40:42 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.12.09 08:36:20 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.12.09 08:36:20 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.12.09 08:36:20 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.12.09 08:36:16 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.12.09 08:36:16 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.12.09 08:36:16 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.12.09 08:36:11 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.12.09 08:36:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.12.08 15:10:50 | 001,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\SysWow64\Roboex32.dll
[2012.12.08 15:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tajima
[2012.12.08 15:10:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tajima
[2012.12.08 15:10:22 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2012.12.08 14:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
[2012.12.08 14:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDex
[2012.12.08 14:20:07 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Apple Computer
[2012.12.08 14:20:07 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Apple Computer
[2012.12.08 14:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.08 14:20:05 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012.12.08 14:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.12.08 14:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.08 14:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.12.08 14:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.08 14:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.12.08 14:19:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.12.08 14:19:46 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Apple
[2012.12.08 14:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.12.08 14:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.12.08 14:19:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.12.08 14:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.12.08 14:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.12.08 14:18:49 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Macromedia
[2012.12.08 13:41:28 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\FRITZ!
[2012.12.08 13:41:28 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\FRITZ!
[2012.12.08 13:39:29 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2012.12.08 13:39:29 | 000,025,480 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmn7.dll
[2012.12.08 13:39:29 | 000,020,872 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmi7.dll
[2012.12.08 13:39:29 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Softland
[2012.12.08 13:39:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7
[2012.12.08 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2012.12.08 13:35:42 | 000,047,616 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\AvmColorFax.dll
[2012.12.08 13:35:42 | 000,043,520 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\AvmFax.dll
[2012.12.08 13:35:42 | 000,027,136 | ---- | C] (AVM Berlin GmbH) -- C:\Windows\SysNative\FriDru64.dll
[2012.12.08 13:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!
[2012.12.08 13:34:56 | 000,980,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2012.12.08 13:34:56 | 000,970,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70u.dll
[2012.12.08 13:34:56 | 000,492,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2012.12.08 13:34:56 | 000,349,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2012.12.08 13:34:56 | 000,060,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvci70.dll
[2012.12.08 13:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ISDNWatch
[2012.12.08 13:34:56 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.12.08 13:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FRITZ!
[2012.12.08 13:34:11 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2012.12.08 13:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch
[2012.12.08 13:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Brother
[2012.12.08 13:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DRAWings X3
[2012.12.08 13:02:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DRAWings
[2012.12.08 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Corel
[2012.12.08 12:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2012.12.08 12:46:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.12.08 12:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X3
[2012.12.08 12:46:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2012.12.08 12:46:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2012.12.08 12:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2012.12.08 12:19:59 | 000,000,000 | ---D | C] -- C:\Brother
[2012.12.08 12:19:57 | 000,103,736 | ---- | C] (Brother Industries Ltd) -- C:\Windows\SysWow64\BRRBTOOL.EXE
[2012.12.08 12:19:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browny02
[2012.12.08 12:19:56 | 000,217,088 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2012.12.08 12:19:56 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BRLMW03A.DLL
[2012.12.08 12:19:56 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll
[2012.12.08 12:19:56 | 000,025,299 | ---- | C] (Brother Industries, Ltd) -- C:\Windows\SysWow64\BRLM03A.DLL
[2012.12.08 12:19:56 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll
[2012.12.08 12:19:56 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll
[2012.12.08 12:19:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2012.12.08 12:19:55 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll
[2012.12.08 12:16:12 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\InstallShield
[2012.12.08 12:16:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2012.12.07 23:08:14 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Smartbar
[2012.12.07 23:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.12.07 23:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.12.07 23:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.12.07 23:01:59 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.12.07 22:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.12.07 22:55:51 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.12.07 22:55:50 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\DAEMON Tools Lite
[2012.12.07 22:55:47 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\OpenCandy
[2012.12.07 22:55:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.12.07 22:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.12.07 22:47:19 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\WinRAR
[2012.12.07 22:47:19 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.12.07 22:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.12.07 22:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.12.07 22:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
[2012.12.07 22:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2012.12.07 22:18:17 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Programs
[2012.12.07 18:08:50 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Diagnostics
[2012.12.07 14:40:14 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Mozilla
[2012.12.07 14:40:14 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Mozilla
[2012.12.07 14:40:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.12.07 14:36:21 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Macromedia
[2012.12.07 14:36:21 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Adobe
[2012.12.07 14:21:15 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Intel Corporation
[2012.12.07 14:20:15 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\ATI
[2012.12.07 14:20:15 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\ATI
[2012.12.07 14:20:06 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.12.07 14:20:06 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Searches
[2012.12.07 14:20:06 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.12.07 14:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
[2012.12.07 14:20:00 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Identities
[2012.12.07 14:19:58 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Contacts
[2012.12.07 14:19:56 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\VirtualStore
[2012.12.07 14:19:53 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Dell
[2012.12.07 14:19:38 | 000,000,000 | --SD | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Videos
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Saved Games
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Pictures
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Music
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Links
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Favorites
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Downloads
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Documents
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\Desktop
[2012.12.07 14:19:38 | 000,000,000 | R--D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Vorlagen
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\AppData\Local\Verlauf
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\AppData\Local\Temporary Internet Files
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Startmenü
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\SendTo
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Recent
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Netzwerkumgebung
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Lokale Einstellungen
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Documents\Eigene Videos
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Documents\Eigene Musik
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Eigene Dateien
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Documents\Eigene Bilder
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Druckumgebung
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Cookies
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\AppData\Local\Anwendungsdaten
[2012.12.07 14:19:38 | 000,000,000 | -HSD | C] -- C:\Users\XXXXX\Anwendungsdaten
[2012.12.07 14:19:38 | 000,000,000 | -H-D | C] -- C:\Users\XXXXX\AppData
[2012.12.07 14:19:38 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Temp
[2012.12.07 14:19:38 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Microsoft
[2012.12.07 14:19:38 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Media Center Programs
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.12.07 14:19:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.12.04 16:30:31 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012.12.04 16:30:31 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012.12.04 16:30:31 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012.12.04 16:30:31 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012.12.04 16:30:31 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012.12.04 16:30:31 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012.12.04 16:30:31 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012.12.04 16:30:31 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012.12.04 16:30:31 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012.12.04 16:30:31 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012.12.04 16:30:31 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012.12.04 16:30:31 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012.12.04 16:30:31 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012.12.04 16:30:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012.12.04 16:30:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012.12.04 16:30:29 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012.12.04 16:30:29 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012.12.04 16:30:27 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.12.04 16:30:27 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.12.04 16:30:27 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.12.04 16:30:27 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.12.04 16:30:27 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.12.04 16:30:27 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.12.04 16:30:27 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.12.04 16:30:27 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.12.04 16:30:27 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.12.04 16:30:27 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.12.04 16:30:27 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.12.04 16:30:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.12.04 16:30:27 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.12.04 16:30:27 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012.12.04 16:30:26 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.12.04 16:30:26 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.12.04 16:30:26 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.12.04 16:30:26 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.12.04 16:30:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012.12.04 16:30:26 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.12.04 16:30:26 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.12.04 16:30:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.12.04 16:30:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.12.04 16:30:26 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.12.04 16:30:26 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.12.04 16:30:25 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.12.04 16:30:25 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.12.04 16:30:25 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012.12.04 16:30:25 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.12.04 16:30:25 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.12.04 16:30:25 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.12.04 16:30:25 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.12.04 16:30:25 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.12.04 16:30:25 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.12.04 16:30:25 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.12.04 16:30:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.12.04 16:30:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.12.04 16:30:24 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.12.04 16:30:24 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.12.04 16:30:24 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.12.04 16:30:24 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.12.04 16:30:23 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.12.04 16:30:23 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.12.04 16:30:22 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012.12.04 16:30:22 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.12.04 16:30:22 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012.12.04 16:30:22 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.12.04 16:30:22 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.12.04 16:30:22 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.12.04 16:30:22 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.12.04 16:30:22 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.12.04 16:30:22 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.12.04 16:30:22 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.12.04 16:30:22 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.12.04 16:30:22 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.12.04 16:30:22 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.12.04 16:30:22 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.12.04 16:30:22 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.12.04 16:30:22 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.12.04 16:30:22 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.12.04 16:30:22 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.12.04 16:30:22 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.12.04 16:30:22 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.12.04 16:30:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012.12.04 16:30:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.12.04 16:30:22 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012.12.04 16:30:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.12.04 16:30:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.12.04 16:30:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.12.04 16:30:22 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.12.04 16:30:22 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.12.04 16:30:22 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012.12.04 16:30:22 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.12.04 16:30:22 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.12.04 16:30:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012.12.04 16:30:22 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.12.04 16:30:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.12.04 16:30:22 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.12.04 16:30:22 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012.12.04 16:30:22 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012.12.04 16:30:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.12.04 16:30:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.12.04 16:30:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.12.04 16:30:21 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.12.04 16:30:21 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.12.04 16:30:21 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.12.04 16:30:21 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.12.04 16:30:21 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.12.04 16:30:21 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.12.04 16:30:21 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012.12.04 16:30:21 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012.12.04 16:30:21 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012.12.04 16:30:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.12.04 16:30:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.12.04 16:30:21 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.12.04 16:30:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.12.04 16:30:21 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.12.04 16:30:21 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.12.04 16:30:21 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.12.04 16:30:21 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012.12.04 16:30:20 | 003,958,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2012.12.04 16:30:20 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012.12.04 16:30:20 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012.12.04 16:30:19 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012.12.04 16:30:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012.12.04 16:30:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012.12.04 16:30:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012.12.04 16:30:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012.12.04 16:30:17 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.12.04 16:30:17 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.12.04 16:25:40 | 000,095,248 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2012.12.04 16:25:37 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2012.12.04 16:25:37 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2012.12.04 16:25:37 | 000,032,256 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2012.12.04 16:25:36 | 007,439,360 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2012.12.04 16:25:36 | 005,852,672 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2012.12.04 16:25:36 | 004,200,960 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2012.12.04 16:25:36 | 004,061,696 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2012.12.04 16:25:36 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2012.12.04 16:25:36 | 001,113,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2012.12.04 16:25:36 | 000,039,424 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2012.12.04 16:25:36 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2012.12.04 16:25:35 | 019,017,216 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2012.12.04 16:25:35 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2012.12.04 16:25:35 | 000,360,448 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2012.12.04 16:25:35 | 000,332,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2012.12.04 16:25:35 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2012.12.04 16:25:35 | 000,051,200 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2012.12.04 16:25:34 | 025,223,168 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2012.12.04 16:25:34 | 010,570,752 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2012.12.04 16:25:34 | 000,516,608 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2012.12.04 16:25:34 | 000,325,632 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2012.12.04 16:25:34 | 000,204,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2012.12.04 16:25:34 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2012.12.04 16:25:34 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2012.12.04 16:25:34 | 000,054,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2012.12.04 16:25:34 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2012.12.04 16:25:34 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2012.12.04 16:25:34 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2012.12.04 16:25:34 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2012.12.04 16:25:34 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2012.12.04 16:25:34 | 000,017,408 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2012.12.04 16:25:34 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2012.12.04 16:25:34 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2012.12.04 16:25:33 | 013,552,640 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2012.12.04 16:25:33 | 011,300,864 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2012.12.04 16:25:33 | 007,405,056 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2012.12.04 16:25:33 | 006,077,952 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2012.12.04 16:25:33 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2012.12.04 16:25:33 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2012.12.04 16:25:33 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2012.12.04 16:25:33 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2012.12.04 16:25:32 | 000,494,592 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2012.12.04 16:25:32 | 000,348,160 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2012.12.04 16:25:32 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2012.12.04 16:25:32 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2012.12.04 16:25:32 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2012.12.04 16:25:32 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2012.12.04 16:25:32 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2012.12.04 16:24:54 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012.12.04 16:24:12 | 000,358,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\e1c62x64.sys
[2012.12.04 16:24:12 | 000,098,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicInstC.dll
[2012.12.04 16:24:12 | 000,068,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\e1cmsg.dll
[2012.12.04 16:24:12 | 000,036,472 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicCo36.dll
[2012.12.04 16:24:08 | 000,569,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012.12.04 16:23:59 | 003,845,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012.12.04 16:23:59 | 003,708,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RTDVHD64.sys
[2012.12.04 16:23:59 | 002,652,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012.12.04 16:23:59 | 001,559,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTDSnM64.cpl
[2012.12.04 16:23:59 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012.12.04 16:23:59 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012.12.04 16:23:59 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012.12.04 16:23:59 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012.12.04 16:23:58 | 002,766,336 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012.12.04 16:23:58 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.12.04 16:23:58 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.12.04 16:23:58 | 000,100,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012.12.04 16:22:07 | 000,000,000 | ---D | C] -- C:\Apps
[2012.12.04 16:21:28 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.12.04 16:21:28 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.12.04 16:21:28 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.12.04 16:21:28 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.12.04 16:21:28 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.12.04 16:21:28 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.12.04 16:21:28 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.12.04 16:21:28 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.12.04 16:21:28 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.12.04 16:21:28 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.12.04 16:21:28 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.12.04 16:21:28 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.12.04 16:21:28 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.12.04 16:21:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.12.04 16:21:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.12.04 16:21:28 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.12.04 16:21:28 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.12.04 16:21:28 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.12.04 16:21:28 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.12.04 16:21:28 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.12.04 16:21:28 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.12.04 16:21:28 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.12.04 16:21:28 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.12.04 16:21:28 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.12.04 16:21:28 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.12.04 16:21:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.12.04 16:21:28 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.12.04 16:21:28 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.12.04 16:21:28 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.12.04 16:21:28 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.12.04 16:21:28 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.12.04 16:21:28 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.12.04 16:21:28 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.12.04 16:21:28 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.12.04 16:21:28 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.12.04 16:21:28 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.12.04 16:21:28 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.12.04 16:21:28 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.12.04 16:21:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.12.04 16:21:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.12.04 16:21:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.12.04 16:21:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.12.04 16:21:28 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.12.04 16:21:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.12.04 16:21:28 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.12.04 16:21:28 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.12.04 16:21:28 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.12.04 16:21:28 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.12.04 16:21:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.12.04 16:21:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.12.04 16:21:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.12.04 16:21:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.12.04 16:21:28 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.12.04 16:21:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.12.04 16:21:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.12.04 16:21:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.12.04 16:21:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.12.04 16:19:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2012.12.04 16:19:42 | 000,000,000 | ---D | C] -- C:\Drivers
[2012.12.04 09:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.12.04 09:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012.12.04 09:01:02 | 000,000,000 | ---D | C] -- C:\Windows\{8D66B53E-07E4-45E0-B29F-D3285859C9EF}
[2012.12.04 09:00:43 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.12.04 09:00:31 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012.12.04 09:00:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012.12.04 09:00:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012.12.04 09:00:05 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.12.04 08:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012.12.04 08:59:34 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012.12.04 08:59:34 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012.12.04 08:59:34 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012.12.04 08:59:34 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012.12.04 08:58:48 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012.12.04 08:58:48 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012.12.04 08:58:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.12.04 08:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.12.04 08:57:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012.12.04 08:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NTRU Cryptosystems
[2012.12.04 08:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\NTRU Cryptosystems
[2012.12.04 08:54:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NTRU Cryptosystems
[2012.12.04 08:54:37 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012.12.04 08:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SPBA
[2012.12.04 08:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPBA
[2012.12.04 08:53:35 | 000,032,240 | ---- | C] (Dell Inc) -- C:\Windows\SysNative\drivers\PBADRV.SYS
[2012.12.04 08:53:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.12.04 08:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.12.04 08:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gemalto
[2012.12.04 08:53:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BioAPIFFDB
[2012.12.04 08:53:30 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.12.04 08:53:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Wave Systems Corp
[2012.12.04 08:53:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.12.04 08:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.12.04 08:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012.12.04 08:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012.12.04 08:52:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.12.04 08:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.12.04 08:50:32 | 000,041,984 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\USB3Ver.dll
[2012.12.04 08:50:31 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2012.12.04 08:50:31 | 000,789,824 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012.12.04 08:50:31 | 000,357,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012.12.04 08:50:31 | 000,019,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012.12.04 08:50:28 | 000,189,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IPROSetMonitor.exe
[2012.12.04 08:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.12.04 08:50:21 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.12.04 08:47:55 | 000,000,000 | ---D | C] -- C:\Intel
[2012.12.04 08:47:54 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.12.04 08:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.12.04 08:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012.12.04 08:47:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell
[2012.12.04 08:37:58 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.12.04 08:37:58 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.12.04 08:37:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.12.04 08:37:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.12.04 08:37:54 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Inc
[2012.12.04 08:36:17 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.12.04 08:36:17 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.12.04 08:36:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.12.04 07:34:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.12.04 07:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.12.04 07:33:20 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2012.12.04 07:33:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information

Spike007 · 03.01.2013, 12:58

Zitat:

========== Files - Modified Within 30 Days ==========

[2013.01.03 00:08:39 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.03 00:08:39 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.03 00:06:57 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.03 00:06:57 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.03 00:06:57 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.03 00:06:57 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.03 00:06:57 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.03 00:01:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.03 00:01:14 | 2111,688,703 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.02 23:31:16 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.02 23:17:35 | 000,002,889 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2013.01.02 08:42:43 | 000,000,333 | ---- | M] () -- C:\Windows\BRCALIB.INI
[2012.12.29 23:34:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XXXXX\Desktop\OTL.exe
[2012.12.27 03:20:36 | 000,331,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.27 03:02:24 | 001,589,442 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.23 10:37:25 | 000,002,516 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012.12.23 00:37:11 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\PE-DESIGN NEXT.lnk
[2012.12.23 00:20:15 | 000,025,600 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\SysNative\drivers\bucrw64.sys
[2012.12.16 18:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.16 15:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.12 21:08:12 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.12.12 21:08:12 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.12.12 21:08:12 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.12.12 21:08:12 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.12.12 21:08:12 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.12.12 21:08:12 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.12.10 22:01:58 | 000,135,168 | ---- | M] () -- C:\Users\XXXXX\AppData\Roaming\Meinfotoalbum Prefsv3
[2012.12.09 23:19:29 | 000,001,905 | ---- | M] () -- C:\Users\XXXXX\Desktop\Albelli Fotobücher.lnk
[2012.12.08 14:17:23 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.12.08 14:17:23 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.12.08 13:03:04 | 000,002,038 | ---- | M] () -- C:\Users\Public\Desktop\DRAWings X3.lnk
[2012.12.08 09:02:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.12.07 23:05:20 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2012.12.07 22:55:51 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.12.07 22:36:01 | 000,000,355 | ---- | M] () -- C:\Users\XXXXX\Desktop\Netzwerk.lnk
[2012.12.07 14:19:24 | 000,055,513 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.12.07 14:19:24 | 000,055,513 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.12.04 16:31:33 | 000,019,147 | RH-- | M] () -- C:\dell.sdr
[2012.12.04 16:30:31 | 002,315,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012.12.04 16:30:31 | 002,223,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012.12.04 16:30:31 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012.12.04 16:30:31 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012.12.04 16:30:31 | 000,778,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012.12.04 16:30:31 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012.12.04 16:30:31 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012.12.04 16:30:31 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012.12.04 16:30:31 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012.12.04 16:30:31 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012.12.04 16:30:31 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012.12.04 16:30:31 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012.12.04 16:30:31 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012.12.04 16:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012.12.04 16:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012.12.04 16:30:29 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012.12.04 16:30:29 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012.12.04 16:30:27 | 001,395,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.12.04 16:30:27 | 001,359,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.12.04 16:30:27 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.12.04 16:30:27 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.12.04 16:30:27 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.12.04 16:30:27 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.12.04 16:30:27 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.12.04 16:30:27 | 000,288,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.12.04 16:30:27 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.12.04 16:30:27 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.12.04 16:30:27 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.12.04 16:30:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.12.04 16:30:27 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.12.04 16:30:27 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012.12.04 16:30:26 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.12.04 16:30:26 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.12.04 16:30:26 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.12.04 16:30:26 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.12.04 16:30:26 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012.12.04 16:30:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.12.04 16:30:26 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.12.04 16:30:26 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.12.04 16:30:26 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.12.04 16:30:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.12.04 16:30:26 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.12.04 16:30:25 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.12.04 16:30:25 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.12.04 16:30:25 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012.12.04 16:30:25 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.12.04 16:30:25 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012.12.04 16:30:25 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.12.04 16:30:25 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.12.04 16:30:25 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.12.04 16:30:25 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.12.04 16:30:25 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.12.04 16:30:25 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.12.04 16:30:25 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.12.04 16:30:24 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.12.04 16:30:24 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.12.04 16:30:24 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.12.04 16:30:24 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.12.04 16:30:23 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.12.04 16:30:23 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.12.04 16:30:22 | 002,565,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012.12.04 16:30:22 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.12.04 16:30:22 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012.12.04 16:30:22 | 001,572,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.12.04 16:30:22 | 001,544,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.12.04 16:30:22 | 001,464,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.12.04 16:30:22 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.12.04 16:30:22 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.12.04 16:30:22 | 000,961,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.12.04 16:30:22 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.12.04 16:30:22 | 000,850,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.12.04 16:30:22 | 000,642,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.12.04 16:30:22 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.12.04 16:30:22 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.12.04 16:30:22 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.12.04 16:30:22 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.12.04 16:30:22 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.12.04 16:30:22 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.12.04 16:30:22 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.12.04 16:30:22 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.12.04 16:30:22 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012.12.04 16:30:22 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.12.04 16:30:22 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012.12.04 16:30:22 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.12.04 16:30:22 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.12.04 16:30:22 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.12.04 16:30:22 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.12.04 16:30:22 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.12.04 16:30:22 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012.12.04 16:30:22 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.12.04 16:30:22 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.12.04 16:30:22 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012.12.04 16:30:22 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.12.04 16:30:22 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.12.04 16:30:22 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.12.04 16:30:22 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012.12.04 16:30:22 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012.12.04 16:30:22 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.12.04 16:30:22 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.12.04 16:30:22 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.12.04 16:30:21 | 000,642,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.12.04 16:30:21 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.12.04 16:30:21 | 000,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.12.04 16:30:21 | 000,566,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.12.04 16:30:21 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.12.04 16:30:21 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.12.04 16:30:21 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012.12.04 16:30:21 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012.12.04 16:30:21 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012.12.04 16:30:21 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.12.04 16:30:21 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.12.04 16:30:21 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.12.04 16:30:21 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.12.04 16:30:21 | 000,020,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.12.04 16:30:21 | 000,019,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.12.04 16:30:21 | 000,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.12.04 16:30:21 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012.12.04 16:30:20 | 003,958,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2012.12.04 16:30:20 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2012.12.04 16:30:20 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2012.12.04 16:30:19 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2012.12.04 16:30:19 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2012.12.04 16:30:19 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAL.DLL
[2012.12.04 16:30:19 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINDEV.DLL
[2012.12.04 16:30:19 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINPUN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAL.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINGUJ.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINEN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINDEV.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE2.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBE1.DLL
[2012.12.04 16:30:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINASA.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINPUN.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINGUJ.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE2.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBE1.DLL
[2012.12.04 16:30:19 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINASA.DLL
[2012.12.04 16:30:17 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.12.04 16:30:17 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.12.04 16:23:55 | 000,003,683 | ---- | M] () -- C:\Windows\SysWow64\drivers\1028_Dell_OPT_9010.mrk
[2012.12.04 16:23:54 | 000,003,683 | ---- | M] () -- C:\Windows\SysNative\drivers\1028_Dell_OPT_9010.mrk
[2012.12.04 16:21:28 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.12.04 16:21:28 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.12.04 16:21:28 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.12.04 16:21:28 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.12.04 16:21:28 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.12.04 16:21:28 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.12.04 16:21:28 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.12.04 16:21:28 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.12.04 16:21:28 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.12.04 16:21:28 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.12.04 16:21:28 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.12.04 16:21:28 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.12.04 16:21:28 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.12.04 16:21:28 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.12.04 16:21:28 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.12.04 16:21:28 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.12.04 16:21:28 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.12.04 16:21:28 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.12.04 16:21:28 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.12.04 16:21:28 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.12.04 16:21:28 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.12.04 16:21:28 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.12.04 16:21:28 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.12.04 16:21:28 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.12.04 16:21:28 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.12.04 16:21:28 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.12.04 16:21:28 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.12.04 16:21:28 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.12.04 16:21:28 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.12.04 16:21:28 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.12.04 16:21:28 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.12.04 16:21:28 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.12.04 16:21:28 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.12.04 16:21:28 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.12.04 16:21:28 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.12.04 16:21:28 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.12.04 16:21:28 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.12.04 16:21:28 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.12.04 16:21:28 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.12.04 16:21:28 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.12.04 16:21:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.12.04 16:21:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.12.04 16:21:28 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.12.04 16:21:28 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.12.04 16:21:28 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.12.04 16:21:28 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.12.04 16:21:28 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.12.04 16:21:28 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.12.04 16:21:28 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.12.04 16:21:28 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.12.04 16:21:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.12.04 16:21:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.12.04 16:21:28 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.12.04 16:21:28 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.12.04 16:21:28 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.12.04 16:21:28 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.12.04 16:21:28 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.12.04 16:21:28 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.12.04 16:21:28 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.12.04 09:02:15 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012.12.04 09:00:25 | 000,000,020 | ---- | M] () -- C:\Windows\ðú]
[2012.12.04 08:53:28 | 000,239,104 | ---- | M] () -- C:\Windows\SysNative\bioapi_mds300.dll
[2012.12.04 08:53:28 | 000,155,136 | ---- | M] () -- C:\Windows\SysNative\bioapi100.dll
[2012.12.04 08:53:28 | 000,081,904 | ---- | M] () -- C:\Windows\SysNative\pbadrvdll.dll
[2012.12.04 08:53:28 | 000,080,368 | ---- | M] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2012.12.04 08:53:28 | 000,032,240 | ---- | M] (Dell Inc) -- C:\Windows\SysNative\drivers\PBADRV.SYS
[2012.12.04 08:50:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.12.04 08:47:53 | 000,002,581 | ---- | M] () -- C:\Users\Public\Desktop\Dell Backup and Recovery Manager.lnk

========== Files Created - No Company Name ==========

[2013.01.02 23:31:16 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.02 23:17:35 | 000,002,889 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.js
[2012.12.27 03:03:30 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.12.27 03:02:48 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.23 00:37:11 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\PE-DESIGN NEXT.lnk
[2012.12.10 21:18:22 | 000,135,168 | ---- | C] () -- C:\Users\XXXXX\AppData\Roaming\Meinfotoalbum Prefsv3
[2012.12.09 23:19:29 | 000,001,905 | ---- | C] () -- C:\Users\XXXXX\Desktop\Albelli Fotobücher.lnk
[2012.12.09 10:21:38 | 001,190,601 | ---- | C] () -- C:\Windows\SysWow64\LTOCX13n.CAB
[2012.12.09 10:21:35 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\lffpx7.dll
[2012.12.09 10:21:35 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\lfkodak.dll
[2012.12.08 14:19:46 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.12.08 13:39:29 | 000,007,549 | ---- | C] () -- C:\Windows\SysNative\dopdf7.ctm
[2012.12.08 13:35:42 | 000,020,480 | ---- | C] () -- C:\Windows\SysNative\FritzPort64.dll
[2012.12.08 13:35:42 | 000,020,480 | ---- | C] () -- C:\Windows\SysNative\FritzColorPort64.dll
[2012.12.08 13:02:45 | 000,002,038 | ---- | C] () -- C:\Users\Public\Desktop\DRAWings X3.lnk
[2012.12.08 12:41:24 | 000,002,516 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012.12.08 12:20:06 | 000,000,333 | ---- | C] () -- C:\Windows\BRCALIB.INI
[2012.12.08 12:19:57 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012.12.08 12:19:56 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012.12.08 12:19:56 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\BRADC10A.DAT
[2012.12.08 09:02:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.12.07 23:05:20 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.12.07 22:36:01 | 000,000,355 | ---- | C] () -- C:\Users\XXXXX\Desktop\Netzwerk.lnk
[2012.12.07 14:40:12 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.12.07 14:20:11 | 000,001,411 | ---- | C] () -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.12.07 14:20:07 | 000,001,445 | ---- | C] () -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.12.07 14:19:48 | 000,001,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hilfedokumentation von Dell.lnk
[2012.12.04 16:31:33 | 000,019,147 | RH-- | C] () -- C:\dell.sdr
[2012.12.04 16:25:37 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.12.04 16:25:37 | 000,204,960 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2012.12.04 16:25:37 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.12.04 16:25:37 | 000,157,152 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2012.12.04 16:25:36 | 002,044,928 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2012.12.04 16:25:36 | 002,043,200 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2012.12.04 16:25:35 | 000,036,338 | ---- | C] () -- C:\Windows\atiogl.xml
[2012.12.04 16:25:35 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.12.04 16:25:35 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2012.12.04 16:25:34 | 000,243,168 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2012.12.04 16:25:32 | 000,208,072 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2012.12.04 16:25:32 | 000,208,072 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2012.12.04 16:24:12 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din
[2012.12.04 16:23:55 | 000,003,683 | ---- | C] () -- C:\Windows\SysWow64\drivers\1028_Dell_OPT_9010.mrk
[2012.12.04 16:23:54 | 000,003,683 | ---- | C] () -- C:\Windows\SysNative\drivers\1028_Dell_OPT_9010.mrk
[2012.12.04 16:21:28 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.12.04 16:21:28 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.12.04 09:02:15 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.12.04 09:00:29 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012.12.04 09:00:26 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012.12.04 09:00:25 | 000,000,020 | ---- | C] () -- C:\Windows\ðú]
[2012.12.04 09:00:21 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012.12.04 09:00:18 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.12.04 08:53:35 | 000,081,904 | ---- | C] () -- C:\Windows\SysNative\pbadrvdll.dll
[2012.12.04 08:53:35 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll
[2012.12.04 08:52:54 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.12.04 08:50:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.12.04 08:47:53 | 000,002,581 | ---- | C] () -- C:\Users\Public\Desktop\Dell Backup and Recovery Manager.lnk
[2012.12.04 07:33:00 | 2111,688,703 | -HS- | C] () -- C:\hiberfil.sys
[2012.02.02 23:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.12.07 03:08:18 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.07 03:08:06 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.14 11:29:30 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_zh-HK.dll
[2011.11.14 11:29:28 | 000,088,064 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_th.dll
[2011.11.14 11:29:26 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_sl.dll
[2011.11.14 11:29:24 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_hr.dll
[2011.11.14 11:29:24 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_sk.dll
[2011.11.14 11:29:20 | 000,089,088 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_tr.dll
[2011.11.14 11:29:18 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ro.dll
[2011.11.14 11:29:16 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_pt-BR.dll
[2011.11.14 11:29:14 | 000,092,160 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_hu.dll
[2011.11.14 11:29:12 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_fi.dll
[2011.11.14 11:29:12 | 000,084,992 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_he.dll
[2011.11.14 11:29:10 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_el.dll
[2011.11.14 11:29:08 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_cs.dll
[2011.11.14 11:29:08 | 000,087,040 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ar.dll
[2011.11.14 11:29:06 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_zh-CHT.dll
[2011.11.14 11:29:04 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_zh-CHS.dll
[2011.11.14 11:29:02 | 000,091,648 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_sv.dll
[2011.11.14 11:29:00 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ru.dll
[2011.11.14 11:28:58 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_pt.dll
[2011.11.14 11:28:58 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_pl.dll
[2011.11.14 11:28:56 | 000,089,600 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_no.dll
[2011.11.14 11:28:54 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_nl.dll
[2011.11.14 11:28:54 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ko.dll
[2011.11.14 11:28:52 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_ja.dll
[2011.11.14 11:28:50 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_it.dll
[2011.11.14 11:28:48 | 000,095,232 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_fr.dll
[2011.11.14 11:28:46 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_es.dll
[2011.11.14 11:28:44 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_de.dll
[2011.11.14 11:28:42 | 000,092,672 | ---- | C] () -- C:\Windows\SysWow64\Internationalization_da.dll
[2011.04.21 19:56:28 | 001,008,640 | ---- | C] () -- C:\Windows\SysWow64\DemoLicense.dll
[2011.02.11 18:45:27 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.12.04 16:30:24 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.12.04 16:30:24 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.12.07 22:57:33 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\DAEMON Tools Lite
[2012.12.08 13:41:36 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\FRITZ!
[2012.12.08 13:34:56 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.12.10 21:18:17 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Meinfotoalbum
[2012.12.07 22:55:47 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\OpenCandy
[2012.12.08 13:39:29 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Softland

========== Purity Check ==========

< End of report >

danke schon mal

Spike007 · 04.01.2013, 22:18

wird noch was benötigt ?

GvU der zweite Streich

Log-Analyse und Auswertung: GvU der zweite Streich