Verdacht auf Reste vom Gvu Trojaner

Bushido_RH · 18.03.2013, 17:41

Guten Tag.
Vor wenigen Tagen hatte ich mir den GVU Trojaner eingefangen.
Man wollte mir verständlicher weise hier nicht helfen weil ich ein gecracktes Programm auf dem Pc hatte.
Nunja hatte ich schweren Herzens gestern mein Pc platt gemacht und über die Acer Wiederherstellungs - CD wieder in den Auslieferungsstand gebracht.
Problem war nur das er einmal hoch fuhr, ich schon am Programme wieder drauf machen war
und er einmal neu starten wollte. Dieses Tat ich auch.
Ich bekam leider nur das Standandart Windows Hintergrundbild zu sehen mehr leider nicht.
Bei dem Drücken von Strg + Alt + Entf kam nur schwarzer Bildschirm.
Mit Esc kam ich wieder zurück zu dem Hintergrundbild (Taskleiste und Desktop fehlten)
Ich fand noch Windows 7 bei uns.
Dachte machen wir es komplett neu nochmal.
Windows 7 installiert und gleich nochmal neu gestartet.
Es funktionierte. Ich natürlich begeistert hatte aber die Rechnung ohne mein Pc gemacht.
Ich hatte so einigermaßen alles wieder fertig und wollte ihn nach 3 Stunden arbeit nochmal neu starten.
Gleiches Problem.
Mit OTLPE habe ich nun eben euch den Log nochmal fertig gemacht.
Wäre lieb wenn mir jemand helfen könnte und wüsste was das Problem ist.

(Hoffe ich habe nun das richtige Abteil dafür auch gewählt)

Code:

ATTFilter

OTL logfile created on: 3/18/2013 6:28:24 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = J: | %SystemRoot% = J:\Windows | %ProgramFiles% = J:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.87 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 3.72 Gb Total Space | 2.87 Gb Free Space | 77.09% Space Free | Partition Type: FAT32
Drive J: | 456.45 Gb Total Space | 387.31 Gb Free Space | 84.85% Space Free | Partition Type: NTFS
Drive K: | 456.96 Gb Total Space | 456.86 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- J:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- J:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/07 10:29:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- J:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/06 11:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto] -- J:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/02/28 13:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto] -- J:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/25 19:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto] -- J:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/28 15:16:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- J:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/01/28 15:16:05 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- J:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/01/18 03:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto] -- J:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/01/14 12:37:15 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- J:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2010/10/21 21:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto] -- J:\Program Files (x86)\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- J:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/12/03 10:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- J:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/12/03 10:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- J:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/11/16 15:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- J:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- J:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- J:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/21 21:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- J:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- J:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- J:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- J:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
 
 
IE - HKU\Malte_ON_J\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Malte_ON_J\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Malte_ON_J\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A5 20 52 8B 1C 23 CE 01  [binary data]
IE - HKU\Malte_ON_J\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKU\Malte_ON_J\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: J:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: J:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: J:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: J:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: J:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: J:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: J:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: J:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/03/17 11:00:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/17 10:37:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/17 11:00:09 | 000,000,000 | ---D | M]
 
[2013/03/17 10:37:30 | 000,000,000 | ---D | M] (No name found) -- J:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/07 10:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- J:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/07 11:45:15 | 000,001,392 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/03/07 11:45:15 | 000,002,465 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/07 11:45:15 | 000,001,153 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013/03/07 11:45:15 | 000,006,805 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/03/07 11:45:15 | 000,001,178 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/03/07 11:45:15 | 000,001,105 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - J:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - J:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - J:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - J:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - J:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Malte_ON_J\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - J:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] J:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] J:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] J:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [DivXMediaServer] J:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] J:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [tsnpstd3] J:\Windows\tsnpstd3.exe (SONIX)
O4 - HKU\LocalService_ON_J..\Run: [Sidebar] J:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_J..\Run: [Sidebar] J:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_J..\Run: [Sidebar] J:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_J..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_J..\RunOnce: [mctadmin]  File not found
O4 - HKU\UpdatusUser_ON_J..\RunOnce: [mctadmin]  File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - J:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - J:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - J:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - J:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/03/17 14:51:24 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/03/17 13:27:14 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\GameforgeLive
[2013/03/17 13:04:11 | 000,000,000 | ---D | C] -- J:\Program Files\GameForge
[2013/03/17 12:55:48 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\TS3Client
[2013/03/17 12:55:20 | 000,000,000 | ---D | C] -- J:\ProgramData\NVIDIA
[2013/03/17 12:55:07 | 006,390,048 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvcpl.dll
[2013/03/17 12:55:07 | 003,460,896 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvsvc64.dll
[2013/03/17 12:55:07 | 002,558,240 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvsvcr.dll
[2013/03/17 12:55:07 | 000,118,560 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvmctray.dll
[2013/03/17 12:55:07 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvshext.dll
[2013/03/17 12:54:54 | 000,061,216 | ---- | C] (Khronos Group) -- J:\Windows\System32\OpenCL.dll
[2013/03/17 12:54:54 | 000,053,024 | ---- | C] (Khronos Group) -- J:\Windows\SysWow64\OpenCL.dll
[2013/03/17 12:54:48 | 000,000,000 | ---D | C] -- J:\ProgramData\NVIDIA Corporation
[2013/03/17 12:54:44 | 000,000,000 | ---D | C] -- J:\Program Files\NVIDIA Corporation
[2013/03/17 12:54:44 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\NVIDIA Corporation
[2013/03/17 12:29:18 | 001,031,680 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\rdpcore.dll
[2013/03/17 12:29:18 | 000,826,880 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\rdpcore.dll
[2013/03/17 12:24:58 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2013/03/17 12:24:58 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\avmwlanstick
[2013/03/17 12:24:44 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\AVM_update
[2013/03/17 12:19:37 | 000,000,000 | R--D | C] -- J:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/17 12:19:37 | 000,000,000 | R--D | C] -- J:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/17 12:19:37 | 000,000,000 | -H-D | C] -- J:\Users\Malte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/03/17 12:19:29 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\Identities
[2013/03/17 12:19:26 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Local\VirtualStore
[2013/03/17 12:19:21 | 000,000,000 | --SD | C] -- J:\Users\Malte\AppData\Roaming\Microsoft
[2013/03/17 12:19:21 | 000,000,000 | R--D | C] -- J:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/17 12:19:21 | 000,000,000 | R--D | C] -- J:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/17 12:19:21 | 000,000,000 | -HSD | C] -- J:\Users\Malte\AppData\Local\Verlauf
[2013/03/17 12:19:21 | 000,000,000 | -HSD | C] -- J:\Users\Malte\AppData\Local\Temporary Internet Files
[2013/03/17 12:19:21 | 000,000,000 | -HSD | C] -- J:\Users\Malte\Documents\Eigene Videos
[2013/03/17 12:19:21 | 000,000,000 | -HSD | C] -- J:\Users\Malte\Documents\Eigene Musik
[2013/03/17 12:19:21 | 000,000,000 | -HSD | C] -- J:\Users\Malte\Documents\Eigene Bilder
[2013/03/17 12:19:21 | 000,000,000 | -HSD | C] -- J:\Users\Malte\AppData\Local\Anwendungsdaten
[2013/03/17 12:19:21 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Local\Temp
[2013/03/17 12:19:21 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming
[2013/03/17 12:19:21 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Local\Microsoft
[2013/03/17 12:19:21 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\Media Center Programs
[2013/03/17 12:19:21 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\LocalLow
[2013/03/17 12:19:21 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Local
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\ProgramData\Vorlagen
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\ProgramData\Startmenü
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\Recovery
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\Programme
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\Program Files\Gemeinsame Dateien
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\ProgramData\Favoriten
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\Users\Public\Documents\Eigene Videos
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\Users\Public\Documents\Eigene Musik
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\Users\Public\Documents\Eigene Bilder
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\Dokumente und Einstellungen
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\ProgramData\Dokumente
[2013/03/17 12:19:16 | 000,000,000 | -HSD | C] -- J:\ProgramData\Anwendungsdaten
[2013/03/17 12:19:14 | 000,000,000 | ---D | C] -- J:\Windows\SoftwareDistribution
[2013/03/17 12:10:53 | 000,000,000 | ---D | C] -- J:\Windows\Prefetch
[2013/03/17 12:10:21 | 000,000,000 | -HSD | C] -- J:\System Volume Information
[2013/03/17 12:09:43 | 000,000,000 | ---D | C] -- J:\Windows\Panther
[2013/03/17 12:05:25 | 002,526,056 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_43.dll
[2013/03/17 12:05:25 | 002,401,112 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DX9_43.dll
[2013/03/17 12:05:25 | 002,106,216 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_43.dll
[2013/03/17 12:05:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DX9_43.dll
[2013/03/17 12:05:25 | 001,907,552 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dcsx_43.dll
[2013/03/17 12:05:25 | 001,868,128 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dcsx_43.dll
[2013/03/17 12:05:25 | 000,527,192 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAudio2_7.dll
[2013/03/17 12:05:25 | 000,518,488 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAudio2_7.dll
[2013/03/17 12:05:25 | 000,511,328 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_43.dll
[2013/03/17 12:05:25 | 000,470,880 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_43.dll
[2013/03/17 12:05:25 | 000,276,832 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx11_43.dll
[2013/03/17 12:05:25 | 000,248,672 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx11_43.dll
[2013/03/17 12:05:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine3_7.dll
[2013/03/17 12:05:25 | 000,176,984 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine3_7.dll
[2013/03/17 12:05:25 | 000,077,656 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAPOFX1_5.dll
[2013/03/17 12:05:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAPOFX1_5.dll
[2013/03/17 12:05:24 | 002,582,888 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_42.dll
[2013/03/17 12:05:24 | 001,974,616 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_42.dll
[2013/03/17 12:05:24 | 000,530,776 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAudio2_6.dll
[2013/03/17 12:05:24 | 000,528,216 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAudio2_6.dll
[2013/03/17 12:05:24 | 000,517,960 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAudio2_5.dll
[2013/03/17 12:05:24 | 000,515,416 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAudio2_5.dll
[2013/03/17 12:05:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine3_6.dll
[2013/03/17 12:05:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine3_5.dll
[2013/03/17 12:05:24 | 000,176,984 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine3_6.dll
[2013/03/17 12:05:24 | 000,176,968 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine3_5.dll
[2013/03/17 12:05:24 | 000,078,680 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAPOFX1_4.dll
[2013/03/17 12:05:24 | 000,074,072 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAPOFX1_4.dll
[2013/03/17 12:05:24 | 000,024,920 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\X3DAudio1_7.dll
[2013/03/17 12:05:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\X3DAudio1_7.dll
[2013/03/17 12:05:23 | 005,554,512 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dcsx_42.dll
[2013/03/17 12:05:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dcsx_42.dll
[2013/03/17 12:05:23 | 005,425,496 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DX9_41.dll
[2013/03/17 12:05:23 | 004,178,264 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DX9_41.dll
[2013/03/17 12:05:23 | 002,475,352 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DX9_42.dll
[2013/03/17 12:05:23 | 002,430,312 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_41.dll
[2013/03/17 12:05:23 | 001,892,184 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DX9_42.dll
[2013/03/17 12:05:23 | 001,846,632 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_41.dll
[2013/03/17 12:05:23 | 000,523,088 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_42.dll
[2013/03/17 12:05:23 | 000,520,544 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_41.dll
[2013/03/17 12:05:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_42.dll
[2013/03/17 12:05:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_41.dll
[2013/03/17 12:05:23 | 000,285,024 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx11_42.dll
[2013/03/17 12:05:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx11_42.dll
[2013/03/17 12:05:22 | 005,631,312 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DX9_40.dll
[2013/03/17 12:05:22 | 004,379,984 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DX9_40.dll
[2013/03/17 12:05:22 | 002,605,920 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_40.dll
[2013/03/17 12:05:22 | 002,036,576 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_40.dll
[2013/03/17 12:05:22 | 000,521,560 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAudio2_4.dll
[2013/03/17 12:05:22 | 000,519,000 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_40.dll
[2013/03/17 12:05:22 | 000,517,448 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAudio2_4.dll
[2013/03/17 12:05:22 | 000,452,440 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_40.dll
[2013/03/17 12:05:22 | 000,235,352 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine3_4.dll
[2013/03/17 12:05:22 | 000,174,936 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine3_4.dll
[2013/03/17 12:05:22 | 000,073,544 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAPOFX1_3.dll
[2013/03/17 12:05:22 | 000,069,464 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAPOFX1_3.dll
[2013/03/17 12:05:22 | 000,024,920 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\X3DAudio1_6.dll
[2013/03/17 12:05:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\X3DAudio1_6.dll
[2013/03/17 12:05:21 | 001,942,552 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_39.dll
[2013/03/17 12:05:21 | 001,493,528 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_39.dll
[2013/03/17 12:05:21 | 000,540,688 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_39.dll
[2013/03/17 12:05:21 | 000,518,480 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAudio2_3.dll
[2013/03/17 12:05:21 | 000,514,384 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAudio2_3.dll
[2013/03/17 12:05:21 | 000,513,544 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAudio2_2.dll
[2013/03/17 12:05:21 | 000,509,448 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAudio2_2.dll
[2013/03/17 12:05:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_39.dll
[2013/03/17 12:05:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine3_2.dll
[2013/03/17 12:05:21 | 000,235,856 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine3_3.dll
[2013/03/17 12:05:21 | 000,177,672 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine3_2.dll
[2013/03/17 12:05:21 | 000,175,440 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine3_3.dll
[2013/03/17 12:05:21 | 000,074,576 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAPOFX1_2.dll
[2013/03/17 12:05:21 | 000,072,200 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAPOFX1_1.dll
[2013/03/17 12:05:21 | 000,070,992 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAPOFX1_2.dll
[2013/03/17 12:05:21 | 000,068,616 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAPOFX1_1.dll
[2013/03/17 12:05:21 | 000,025,936 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\X3DAudio1_5.dll
[2013/03/17 12:05:21 | 000,023,376 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\X3DAudio1_5.dll
[2013/03/17 12:05:20 | 004,992,520 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DX9_39.dll
[2013/03/17 12:05:20 | 004,991,496 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DX9_38.dll
[2013/03/17 12:05:20 | 003,851,784 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DX9_39.dll
[2013/03/17 12:05:20 | 003,850,760 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DX9_38.dll
[2013/03/17 12:05:20 | 001,941,528 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_38.dll
[2013/03/17 12:05:20 | 001,491,992 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_38.dll
[2013/03/17 12:05:20 | 000,540,688 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_38.dll
[2013/03/17 12:05:20 | 000,511,496 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAudio2_1.dll
[2013/03/17 12:05:20 | 000,507,400 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAudio2_1.dll
[2013/03/17 12:05:20 | 000,467,984 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_38.dll
[2013/03/17 12:05:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine3_1.dll
[2013/03/17 12:05:20 | 000,177,672 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine3_1.dll
[2013/03/17 12:05:20 | 000,068,104 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAPOFX1_0.dll
[2013/03/17 12:05:20 | 000,065,032 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAPOFX1_0.dll
[2013/03/17 12:05:20 | 000,028,168 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\X3DAudio1_4.dll
[2013/03/17 12:05:20 | 000,025,608 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\X3DAudio1_4.dll
[2013/03/17 12:05:19 | 004,910,088 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DX9_37.dll
[2013/03/17 12:05:19 | 003,786,760 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DX9_37.dll
[2013/03/17 12:05:19 | 001,860,120 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_37.dll
[2013/03/17 12:05:19 | 001,420,824 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_37.dll
[2013/03/17 12:05:19 | 000,529,424 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_37.dll
[2013/03/17 12:05:19 | 000,489,480 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\XAudio2_0.dll
[2013/03/17 12:05:19 | 000,479,752 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\XAudio2_0.dll
[2013/03/17 12:05:19 | 000,462,864 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_37.dll
[2013/03/17 12:05:19 | 000,411,656 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_10.dll
[2013/03/17 12:05:19 | 000,267,272 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_10.dll
[2013/03/17 12:05:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine3_0.dll
[2013/03/17 12:05:19 | 000,177,672 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine3_0.dll
[2013/03/17 12:05:19 | 000,028,168 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\X3DAudio1_3.dll
[2013/03/17 12:05:19 | 000,025,608 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\X3DAudio1_3.dll
[2013/03/17 12:05:18 | 005,081,608 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_36.dll
[2013/03/17 12:05:18 | 003,734,536 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_36.dll
[2013/03/17 12:05:18 | 002,006,552 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_36.dll
[2013/03/17 12:05:18 | 001,374,232 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_36.dll
[2013/03/17 12:05:18 | 000,508,264 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_36.dll
[2013/03/17 12:05:18 | 000,444,776 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_36.dll
[2013/03/17 12:05:17 | 005,073,256 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_35.dll
[2013/03/17 12:05:17 | 004,496,232 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_34.dll
[2013/03/17 12:05:17 | 003,727,720 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_35.dll
[2013/03/17 12:05:17 | 003,497,832 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_34.dll
[2013/03/17 12:05:17 | 001,985,904 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_35.dll
[2013/03/17 12:05:17 | 001,401,200 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_34.dll
[2013/03/17 12:05:17 | 001,358,192 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_35.dll
[2013/03/17 12:05:17 | 001,124,720 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_34.dll
[2013/03/17 12:05:17 | 000,508,264 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_35.dll
[2013/03/17 12:05:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_34.dll
[2013/03/17 12:05:17 | 000,444,776 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_35.dll
[2013/03/17 12:05:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_34.dll
[2013/03/17 12:05:17 | 000,411,496 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_9.dll
[2013/03/17 12:05:17 | 000,409,960 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_8.dll
[2013/03/17 12:05:17 | 000,267,112 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_9.dll
[2013/03/17 12:05:17 | 000,266,088 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_8.dll
[2013/03/17 12:05:17 | 000,107,368 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xinput1_3.dll
[2013/03/17 12:05:17 | 000,081,768 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xinput1_3.dll
[2013/03/17 12:05:17 | 000,021,000 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\X3DAudio1_2.dll
[2013/03/17 12:05:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\X3DAudio1_2.dll
[2013/03/17 12:05:16 | 004,494,184 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_33.dll
[2013/03/17 12:05:16 | 003,495,784 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_33.dll
[2013/03/17 12:05:16 | 001,400,176 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\D3DCompiler_33.dll
[2013/03/17 12:05:16 | 001,123,696 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\D3DCompiler_33.dll
[2013/03/17 12:05:16 | 000,506,728 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10_33.dll
[2013/03/17 12:05:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10_33.dll
[2013/03/17 12:05:16 | 000,403,304 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_7.dll
[2013/03/17 12:05:16 | 000,393,576 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_6.dll
[2013/03/17 12:05:16 | 000,390,424 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_5.dll
[2013/03/17 12:05:16 | 000,261,480 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_7.dll
[2013/03/17 12:05:16 | 000,255,848 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_6.dll
[2013/03/17 12:05:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_5.dll
[2013/03/17 12:05:15 | 004,398,360 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_32.dll
[2013/03/17 12:05:15 | 003,977,496 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_31.dll
[2013/03/17 12:05:15 | 003,426,072 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_32.dll
[2013/03/17 12:05:15 | 002,414,360 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_31.dll
[2013/03/17 12:05:15 | 000,469,264 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx10.dll
[2013/03/17 12:05:15 | 000,440,080 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx10.dll
[2013/03/17 12:05:15 | 000,364,824 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_4.dll
[2013/03/17 12:05:15 | 000,363,288 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_3.dll
[2013/03/17 12:05:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_4.dll
[2013/03/17 12:05:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_3.dll
[2013/03/17 12:05:15 | 000,083,736 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xinput1_2.dll
[2013/03/17 12:05:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xinput1_2.dll
[2013/03/17 12:05:15 | 000,017,688 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\x3daudio1_1.dll
[2013/03/17 12:05:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\x3daudio1_1.dll
[2013/03/17 12:05:14 | 000,354,072 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_2.dll
[2013/03/17 12:05:14 | 000,352,464 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_1.dll
[2013/03/17 12:05:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_2.dll
[2013/03/17 12:05:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_1.dll
[2013/03/17 12:05:14 | 000,083,664 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xinput1_1.dll
[2013/03/17 12:05:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xinput1_1.dll
[2013/03/17 12:05:12 | 003,927,248 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_30.dll
[2013/03/17 12:05:12 | 002,388,176 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_30.dll
[2013/03/17 12:05:11 | 003,830,992 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_29.dll
[2013/03/17 12:05:11 | 003,815,120 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_28.dll
[2013/03/17 12:05:11 | 003,807,440 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_27.dll
[2013/03/17 12:05:11 | 002,332,368 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_29.dll
[2013/03/17 12:05:11 | 002,323,664 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_28.dll
[2013/03/17 12:05:11 | 002,319,568 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_27.dll
[2013/03/17 12:05:11 | 000,355,536 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\xactengine2_0.dll
[2013/03/17 12:05:11 | 000,230,096 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\xactengine2_0.dll
[2013/03/17 12:05:11 | 000,016,592 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\x3daudio1_0.dll
[2013/03/17 12:05:11 | 000,014,032 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\x3daudio1_0.dll
[2013/03/17 12:05:10 | 003,823,312 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_25.dll
[2013/03/17 12:05:10 | 003,767,504 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_26.dll
[2013/03/17 12:05:10 | 002,337,488 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_25.dll
[2013/03/17 12:05:10 | 002,297,552 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_26.dll
[2013/03/17 12:05:09 | 003,544,272 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\d3dx9_24.dll
[2013/03/17 12:05:09 | 002,222,800 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\d3dx9_24.dll
[2013/03/17 11:55:13 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Local\Gameforge4d
[2013/03/17 11:55:02 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
[2013/03/17 11:54:50 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Local\Programs
[2013/03/17 11:40:31 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Local\DoNotTrackPlus
[2013/03/17 11:40:26 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Local\AskToolbar
[2013/03/17 11:20:43 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\TeamViewer
[2013/03/17 11:19:56 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\WinRAR
[2013/03/17 11:19:56 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/17 11:19:56 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/17 11:19:54 | 000,000,000 | ---D | C] -- J:\Program Files\WinRAR
[2013/03/17 11:18:55 | 000,262,144 | ---- | C] (SONIX) -- J:\Windows\tsnpstd3.exe
[2013/03/17 11:18:55 | 000,166,912 | ---- | C] ( ) -- J:\Windows\System32\rsnpstd3.dll
[2013/03/17 11:18:55 | 000,094,208 | ---- | C] (Microsoft Corporation) -- J:\Windows\amcap.exe
[2013/03/17 11:18:54 | 010,246,144 | ---- | C] (Sonix Co. Ltd.) -- J:\Windows\SysWow64\drivers\snpstd3.sys
[2013/03/17 11:18:54 | 000,172,032 | ---- | C] ( ) -- J:\Windows\SysWow64\rsnpstd3.dll
[2013/03/17 11:18:54 | 000,061,440 | ---- | C] ( ) -- J:\Windows\SysWow64\vsnpstd3.dll
[2013/03/17 11:18:54 | 000,053,248 | ---- | C] ( ) -- J:\Windows\csnpstd3.dll
[2013/03/17 11:18:54 | 000,018,944 | ---- | C] ( ) -- J:\Windows\System32\csnpstd3.dll
[2013/03/17 11:18:54 | 000,000,000 | -H-D | C] -- J:\Program Files (x86)\InstallShield Installation Information
[2013/03/17 11:18:54 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB PC Camera Plus
[2013/03/17 11:18:54 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Common Files\snpstd3
[2013/03/17 11:18:38 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\InstallShield
[2013/03/17 11:13:02 | 000,000,000 | ---D | C] -- J:\Windows\SysWow64\Adobe
[2013/03/17 11:04:46 | 001,085,344 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\npDeployJava1.dll
[2013/03/17 11:04:46 | 000,963,488 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\deployJava1.dll
[2013/03/17 11:04:46 | 000,310,688 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\javaws.exe
[2013/03/17 11:04:44 | 000,188,832 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\javaw.exe
[2013/03/17 11:04:44 | 000,188,320 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\java.exe
[2013/03/17 11:04:44 | 000,108,448 | ---- | C] (Oracle Corporation) -- J:\Windows\System32\WindowsAccessBridge-64.dll
[2013/03/17 11:04:39 | 000,000,000 | ---D | C] -- J:\Program Files\Java
[2013/03/17 11:02:18 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\Avira
[2013/03/17 11:00:02 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\DivX
[2013/03/17 10:59:51 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013/03/17 10:59:49 | 000,000,000 | ---D | C] -- J:\Program Files\DivX
[2013/03/17 10:59:42 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Common Files\DivX Shared
[2013/03/17 10:57:03 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/03/17 10:56:42 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Ask.com
[2013/03/17 10:56:31 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\DivX
[2013/03/17 10:56:22 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- J:\Windows\System32\drivers\avipbb.sys
[2013/03/17 10:56:22 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- J:\Windows\System32\drivers\avgntflt.sys
[2013/03/17 10:56:22 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- J:\Windows\System32\drivers\avkmgr.sys
[2013/03/17 10:56:21 | 000,000,000 | ---D | C] -- J:\ProgramData\Avira
[2013/03/17 10:56:21 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Avira
[2013/03/17 10:53:44 | 000,000,000 | ---D | C] -- J:\ProgramData\DivX
[2013/03/17 10:49:28 | 002,622,464 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\wucltux.dll
[2013/03/17 10:49:28 | 000,057,880 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\wuauclt.exe
[2013/03/17 10:49:28 | 000,044,056 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\wups2.dll
[2013/03/17 10:49:17 | 000,701,976 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\wuapi.dll
[2013/03/17 10:49:17 | 000,099,840 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\wudriver.dll
[2013/03/17 10:49:17 | 000,038,424 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\wups.dll
[2013/03/17 10:49:12 | 000,186,752 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\wuwebv.dll
[2013/03/17 10:49:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\wuapp.exe
[2013/03/17 10:48:12 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013/03/17 10:48:07 | 000,000,000 | ---D | C] -- J:\Program Files\TeamSpeak 3 Client
[2013/03/17 10:41:57 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\Skype
[2013/03/17 10:41:55 | 000,000,000 | R--D | C] -- J:\Program Files (x86)\Skype
[2013/03/17 10:41:55 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/17 10:41:55 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Common Files\Skype
[2013/03/17 10:41:53 | 000,000,000 | -HSD | C] -- J:\Windows\Installer
[2013/03/17 10:41:53 | 000,000,000 | ---D | C] -- J:\ProgramData\Skype
[2013/03/17 10:37:33 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Roaming\Mozilla
[2013/03/17 10:37:33 | 000,000,000 | ---D | C] -- J:\Users\Malte\AppData\Local\Mozilla
[2013/03/17 10:37:30 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Mozilla Maintenance Service
[2013/03/17 10:37:30 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Mozilla Firefox
[2013/03/17 10:37:30 | 000,000,000 | ---D | C] -- J:\ProgramData\Mozilla
[2013/02/25 19:32:44 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvcompiler.dll
[2013/02/25 19:32:44 | 002,505,144 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvapi.dll
[2013/02/25 19:32:42 | 015,129,960 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvd3dum.dll
[2013/02/25 19:32:40 | 006,262,608 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvopencl.dll
[2013/02/25 19:32:40 | 002,826,040 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvapi64.dll
[2013/02/25 19:32:38 | 018,055,184 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvd3dumx.dll
[2013/02/25 19:32:38 | 001,814,304 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvdispco64.dll
[2013/02/25 19:32:38 | 001,107,440 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvumdshimx.dll
[2013/02/25 19:32:36 | 026,929,440 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvoglv64.dll
[2013/02/25 19:32:36 | 002,720,544 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvcuvid.dll
[2013/02/25 19:32:36 | 000,958,120 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvumdshim.dll
[2013/02/25 19:32:34 | 007,932,256 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvcuda.dll
[2013/02/25 19:32:34 | 002,346,784 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvcuvenc.dll
[2013/02/25 19:32:32 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvdispgenco64.dll
[2013/02/25 19:32:32 | 000,245,872 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvinitx.dll
[2013/02/25 19:32:28 | 002,904,352 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvcuvid.dll
[2013/02/25 19:32:26 | 020,449,056 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvoglv32.dll
[2013/02/25 19:32:26 | 015,053,264 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvwgf2umx.dll
[2013/02/25 19:32:24 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvcompiler.dll
[2013/02/25 19:32:08 | 012,641,992 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvwgf2um.dll
[2013/02/25 19:32:08 | 007,564,040 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvopencl.dll
[2013/02/25 19:32:08 | 001,985,824 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvcuvenc.dll
[2013/02/25 19:32:06 | 009,390,760 | ---- | C] (NVIDIA Corporation) -- J:\Windows\System32\nvcuda.dll
[2013/02/25 19:32:04 | 000,201,576 | ---- | C] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvinit.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013/03/17 16:54:51 | 000,067,584 | --S- | M] () -- J:\Windows\bootstat.dat
[2013/03/17 16:54:42 | 000,020,672 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/17 16:54:42 | 000,020,672 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/17 16:53:53 | 000,643,628 | ---- | M] () -- J:\Windows\System32\perfh007.dat
[2013/03/17 16:53:53 | 000,606,992 | ---- | M] () -- J:\Windows\System32\perfh009.dat
[2013/03/17 16:53:53 | 000,126,188 | ---- | M] () -- J:\Windows\System32\perfc007.dat
[2013/03/17 16:53:53 | 000,103,370 | ---- | M] () -- J:\Windows\System32\perfc009.dat
[2013/03/17 14:51:24 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/03/17 14:50:37 | 000,275,576 | ---- | M] () -- J:\Windows\System32\FNTCACHE.DAT
[2013/03/17 14:50:05 | 4279,431,166 | -HS- | M] () -- J:\hiberfil.sys
[2013/03/17 13:32:46 | 000,001,962 | ---- | M] () -- J:\Users\Public\Desktop\AION Free-to-Play.lnk
[2013/03/17 13:32:46 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
[2013/03/17 13:27:16 | 000,001,067 | ---- | M] () -- J:\Users\Public\Desktop\Gameforge Live.lnk
[2013/03/17 12:24:59 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2013/03/17 12:14:38 | 000,055,513 | ---- | M] () -- J:\Windows\SysWow64\license.rtf
[2013/03/17 12:14:38 | 000,055,513 | ---- | M] () -- J:\Windows\System32\license.rtf
[2013/03/17 12:14:30 | 000,001,345 | ---- | M] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/03/17 12:14:30 | 000,000,000 | R--D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/17 12:14:25 | 000,000,000 | R--D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/17 12:14:20 | 000,001,326 | ---- | M] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/03/17 12:13:02 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/03/17 11:20:45 | 000,001,174 | ---- | M] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/03/17 11:20:45 | 000,001,162 | ---- | M] () -- J:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/03/17 11:19:56 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/17 11:18:55 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB PC Camera Plus
[2013/03/17 11:04:40 | 001,085,344 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\npDeployJava1.dll
[2013/03/17 11:04:40 | 000,963,488 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\deployJava1.dll
[2013/03/17 11:04:40 | 000,310,688 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\javaws.exe
[2013/03/17 11:04:40 | 000,188,832 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\javaw.exe
[2013/03/17 11:04:40 | 000,188,320 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\java.exe
[2013/03/17 11:04:40 | 000,108,448 | ---- | M] (Oracle Corporation) -- J:\Windows\System32\WindowsAccessBridge-64.dll
[2013/03/17 11:00:10 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013/03/17 10:57:03 | 000,002,066 | ---- | M] () -- J:\Users\Public\Desktop\Avira Control Center.lnk
[2013/03/17 10:57:03 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/03/17 10:48:12 | 000,000,967 | ---- | M] () -- J:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013/03/17 10:48:12 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013/03/17 10:41:55 | 000,002,517 | ---- | M] () -- J:\Users\Public\Desktop\Skype.lnk
[2013/03/17 10:41:55 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/17 10:37:31 | 000,001,159 | ---- | M] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/17 10:37:31 | 000,001,147 | ---- | M] () -- J:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/17 10:34:30 | 000,001,433 | ---- | M] () -- J:\Users\Malte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/25 19:32:44 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvcompiler.dll
[2013/02/25 19:32:44 | 002,505,144 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvapi.dll
[2013/02/25 19:32:42 | 015,129,960 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvd3dum.dll
[2013/02/25 19:32:40 | 006,262,608 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvopencl.dll
[2013/02/25 19:32:40 | 002,826,040 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvapi64.dll
[2013/02/25 19:32:40 | 000,061,216 | ---- | M] (Khronos Group) -- J:\Windows\System32\OpenCL.dll
[2013/02/25 19:32:38 | 018,055,184 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvd3dumx.dll
[2013/02/25 19:32:38 | 001,814,304 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvdispco64.dll
[2013/02/25 19:32:38 | 001,107,440 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvumdshimx.dll
[2013/02/25 19:32:36 | 026,929,440 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvoglv64.dll
[2013/02/25 19:32:36 | 002,720,544 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvcuvid.dll
[2013/02/25 19:32:36 | 000,958,120 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvumdshim.dll
[2013/02/25 19:32:34 | 007,932,256 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvcuda.dll
[2013/02/25 19:32:34 | 002,346,784 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvcuvenc.dll
[2013/02/25 19:32:32 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvdispgenco64.dll
[2013/02/25 19:32:32 | 000,245,872 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvinitx.dll
[2013/02/25 19:32:28 | 002,904,352 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvcuvid.dll
[2013/02/25 19:32:26 | 020,449,056 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvoglv32.dll
[2013/02/25 19:32:26 | 015,053,264 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvwgf2umx.dll
[2013/02/25 19:32:24 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvcompiler.dll
[2013/02/25 19:32:08 | 012,641,992 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvwgf2um.dll
[2013/02/25 19:32:08 | 007,564,040 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvopencl.dll
[2013/02/25 19:32:08 | 001,985,824 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvcuvenc.dll
[2013/02/25 19:32:08 | 000,017,266 | ---- | M] () -- J:\Windows\System32\nvinfo.pb
[2013/02/25 19:32:06 | 009,390,760 | ---- | M] (NVIDIA Corporation) -- J:\Windows\System32\nvcuda.dll
[2013/02/25 19:32:06 | 000,053,024 | ---- | M] (Khronos Group) -- J:\Windows\SysWow64\OpenCL.dll
[2013/02/25 19:32:04 | 000,201,576 | ---- | M] (NVIDIA Corporation) -- J:\Windows\SysWow64\nvinit.dll
 
========== Files Created - No Company Name ==========
 
[2013/03/17 13:32:46 | 000,001,962 | ---- | C] () -- J:\Users\Public\Desktop\AION Free-to-Play.lnk
[2013/03/17 13:27:16 | 000,001,067 | ---- | C] () -- J:\Users\Public\Desktop\Gameforge Live.lnk
[2013/03/17 12:55:07 | 002,953,448 | ---- | C] () -- J:\Windows\System32\nvcoproc.bin
[2013/03/17 12:20:21 | 000,001,405 | ---- | C] () -- J:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/03/17 12:20:19 | 000,001,439 | ---- | C] () -- J:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/17 12:19:21 | 000,000,290 | ---- | C] () -- J:\Users\Malte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/03/17 12:19:21 | 000,000,272 | ---- | C] () -- J:\Users\Malte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/03/17 12:14:30 | 000,001,345 | ---- | C] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/03/17 12:14:20 | 000,001,326 | ---- | C] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/03/17 12:13:02 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/03/17 12:10:21 | 4279,431,166 | -HS- | C] () -- J:\hiberfil.sys
[2013/03/17 11:20:45 | 000,001,174 | ---- | C] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/03/17 11:20:45 | 000,001,162 | ---- | C] () -- J:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/03/17 11:18:55 | 000,843,776 | ---- | C] () -- J:\Windows\vsnpstd3.exe
[2013/03/17 11:18:55 | 000,015,498 | ---- | C] () -- J:\Windows\snpstd3.ini
[2013/03/17 11:18:55 | 000,013,023 | ---- | C] () -- J:\Windows\snpstd3.src
[2013/03/17 10:57:03 | 000,002,066 | ---- | C] () -- J:\Users\Public\Desktop\Avira Control Center.lnk
[2013/03/17 10:48:12 | 000,000,967 | ---- | C] () -- J:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013/03/17 10:41:55 | 000,002,517 | ---- | C] () -- J:\Users\Public\Desktop\Skype.lnk
[2013/03/17 10:37:31 | 000,001,159 | ---- | C] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/17 10:37:31 | 000,001,147 | ---- | C] () -- J:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/17 10:34:30 | 000,001,433 | ---- | C] () -- J:\Users\Malte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/25 19:32:08 | 000,017,266 | ---- | C] () -- J:\Windows\System32\nvinfo.pb
[2010/11/20 23:24:49 | 000,252,928 | ---- | C] () -- J:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- J:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- J:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- J:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- J:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- J:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- J:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- J:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- J:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2013/03/17 12:19:16 | 000,000,000 | -HSD | M] -- J:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Application Data
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Documents
[2013/03/17 12:19:16 | 000,000,000 | -HSD | M] -- J:\ProgramData\Dokumente
[2013/03/17 12:19:16 | 000,000,000 | -HSD | M] -- J:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Favorites
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Start Menu
[2013/03/17 12:19:16 | 000,000,000 | -HSD | M] -- J:\ProgramData\Startmenü
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Templates
[2013/03/17 12:19:16 | 000,000,000 | -HSD | M] -- J:\ProgramData\Vorlagen
[2009/07/14 01:08:49 | 000,002,898 | ---- | M] () -- J:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

cosinus · 19.03.2013, 10:46

Hallo

Zitat:

64bit-Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System

Warum bitte eine Professional-Edition für Windows, brauchst du das als Heimanwender?
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?

Warum OTLPE, startet Windows denn nicht normal oder doch?

Bushido_RH · 19.03.2013, 13:08

Es war leider die einzigste Windows 7 Version die wir noch Zuhause hatten.
Brauchen tue ich es nicht.
Es ist schon mein Heim-Rechner.

Ich starte es mit Otlpe weil er sonst halt nur lädt bis ich mein Hintergrundbild sehe (ohne alles ( Taskleiste und Symbole)

cosinus · 19.03.2013, 13:54

Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung?

Abgesicherter Modus zur Bereinigung

Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

Bushido_RH · 19.03.2013, 18:01

Abgesicherter Modus mit Netzwerktreibern funktioniert.
Fals ich irgendwelche Programme brauche hätte ich ein Leptop und Usb Stick hier.

cosinus · 20.03.2013, 00:36

Dann bitte erstmal in diesem Modus weitermachen.
Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Erstmal eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in CODE-Tags in den Thread.

Bushido_RH · 20.03.2013, 17:29

Hier hast die beiden.

OTL:

Code:

ATTFilter

OTL logfile created on: 20.03.2013 18:24:50 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Malte\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 15,01 Gb Available Physical Memory | 93,94% Memory free
31,96 Gb Paging File | 31,00 Gb Available in Paging File | 97,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,45 Gb Total Space | 387,32 Gb Free Space | 84,85% Space Free | Partition Type: NTFS
Drive D: | 456,96 Gb Total Space | 456,86 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 3,72 Gb Total Space | 2,87 Gb Free Space | 77,08% Space Free | Partition Type: FAT32
 
Computer Name: MALTE-PC | User Name: Malte | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Malte\Desktop\OTL.exe (OldTimer Tools)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
 
 
 
 
IE - HKU\S-1-5-21-3933021910-705557541-2875534901-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3933021910-705557541-2875534901-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3933021910-705557541-2875534901-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A5 20 52 8B 1C 23 CE 01  [binary data]
IE - HKU\S-1-5-21-3933021910-705557541-2875534901-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-3933021910-705557541-2875534901-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3933021910-705557541-2875534901-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3933021910-705557541-2875534901-1000\..\SearchScopes\{E7877C4D-C6F9-48D7-9B3F-C0B63E2CC86A}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=0d687a61-fb98-4f59-ae4b-54a2f6fd75f5&apn_sauid=DBC4DAA5-4DF0-4CFE-B429-96313197A034
IE - HKU\S-1-5-21-3933021910-705557541-2875534901-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.03.17 16:00:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.17 15:37:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.17 16:00:09 | 000,000,000 | ---D | M]
 
[2013.03.17 15:37:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Malte\AppData\Roaming\mozilla\Extensions
[2013.03.17 15:56:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Malte\AppData\Roaming\mozilla\Firefox\Profiles\hg7f316d.default\extensions
[2013.03.17 15:56:55 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Malte\AppData\Roaming\mozilla\Firefox\Profiles\hg7f316d.default\extensions\toolbar@ask.com
[2013.03.17 15:56:55 | 000,002,344 | ---- | M] () -- C:\Users\Malte\AppData\Roaming\mozilla\firefox\profiles\hg7f316d.default\searchplugins\askcom.xml
[2013.03.17 15:37:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3933021910-705557541-2875534901-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe (SONIX)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FAA9D10-401B-4CB2-8749-A024FE7B2A47}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.03.24 12:06:41 | 000,000,053 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{27eaf007-8f1d-11e2-9d5d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{27eaf007-8f1d-11e2-9d5d-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun\demo32.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.20 18:23:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Malte\Desktop\OTL.exe
[2013.03.17 19:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.03.17 18:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameforgeLive
[2013.03.17 18:04:11 | 000,000,000 | ---D | C] -- C:\Program Files\GameForge
[2013.03.17 17:55:48 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\TS3Client
[2013.03.17 17:55:20 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.03.17 17:55:07 | 006,390,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.03.17 17:55:07 | 003,460,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.03.17 17:55:07 | 002,558,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.03.17 17:55:07 | 000,118,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.03.17 17:55:07 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.03.17 17:54:54 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.03.17 17:54:54 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.03.17 17:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.03.17 17:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.03.17 17:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.03.17 17:29:18 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013.03.17 17:29:18 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013.03.17 17:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2013.03.17 17:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\avmwlanstick
[2013.03.17 17:24:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVM_update
[2013.03.17 17:19:37 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.03.17 17:19:37 | 000,000,000 | R--D | C] -- C:\Users\Malte\Searches
[2013.03.17 17:19:37 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.03.17 17:19:29 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Identities
[2013.03.17 17:19:28 | 000,000,000 | R--D | C] -- C:\Users\Malte\Contacts
[2013.03.17 17:19:26 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\VirtualStore
[2013.03.17 17:19:21 | 000,000,000 | --SD | C] -- C:\Users\Malte\AppData\Roaming\Microsoft
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\Videos
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\Saved Games
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\Pictures
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\Music
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\Links
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\Favorites
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\Downloads
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\Documents
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\Desktop
[2013.03.17 17:19:21 | 000,000,000 | R--D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Vorlagen
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\AppData\Local\Verlauf
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\AppData\Local\Temporary Internet Files
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Startmenü
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\SendTo
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Recent
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Netzwerkumgebung
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Lokale Einstellungen
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Documents\Eigene Videos
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Documents\Eigene Musik
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Eigene Dateien
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Documents\Eigene Bilder
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Druckumgebung
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Cookies
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\AppData\Local\Anwendungsdaten
[2013.03.17 17:19:21 | 000,000,000 | -HSD | C] -- C:\Users\Malte\Anwendungsdaten
[2013.03.17 17:19:21 | 000,000,000 | -H-D | C] -- C:\Users\Malte\AppData
[2013.03.17 17:19:21 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Temp
[2013.03.17 17:19:21 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Microsoft
[2013.03.17 17:19:21 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Media Center Programs
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.03.17 17:19:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.03.17 17:19:14 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.03.17 17:10:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.03.17 17:10:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.03.17 17:09:43 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013.03.17 17:05:25 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013.03.17 17:05:25 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013.03.17 17:05:25 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013.03.17 17:05:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013.03.17 17:05:25 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013.03.17 17:05:25 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013.03.17 17:05:25 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013.03.17 17:05:25 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013.03.17 17:05:25 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013.03.17 17:05:25 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013.03.17 17:05:25 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013.03.17 17:05:25 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013.03.17 17:05:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013.03.17 17:05:25 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013.03.17 17:05:25 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013.03.17 17:05:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013.03.17 17:05:24 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013.03.17 17:05:24 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013.03.17 17:05:24 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013.03.17 17:05:24 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013.03.17 17:05:24 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013.03.17 17:05:24 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013.03.17 17:05:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013.03.17 17:05:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013.03.17 17:05:24 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013.03.17 17:05:24 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013.03.17 17:05:24 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013.03.17 17:05:24 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013.03.17 17:05:24 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013.03.17 17:05:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013.03.17 17:05:23 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013.03.17 17:05:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013.03.17 17:05:23 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013.03.17 17:05:23 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013.03.17 17:05:23 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013.03.17 17:05:23 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013.03.17 17:05:23 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013.03.17 17:05:23 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013.03.17 17:05:23 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013.03.17 17:05:23 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013.03.17 17:05:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013.03.17 17:05:23 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013.03.17 17:05:23 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013.03.17 17:05:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013.03.17 17:05:22 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013.03.17 17:05:22 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013.03.17 17:05:22 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013.03.17 17:05:22 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013.03.17 17:05:22 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013.03.17 17:05:22 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013.03.17 17:05:22 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013.03.17 17:05:22 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013.03.17 17:05:22 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013.03.17 17:05:22 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013.03.17 17:05:22 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013.03.17 17:05:22 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013.03.17 17:05:22 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013.03.17 17:05:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013.03.17 17:05:21 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013.03.17 17:05:21 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013.03.17 17:05:21 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013.03.17 17:05:21 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013.03.17 17:05:21 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013.03.17 17:05:21 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013.03.17 17:05:21 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013.03.17 17:05:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013.03.17 17:05:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013.03.17 17:05:21 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013.03.17 17:05:21 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013.03.17 17:05:21 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013.03.17 17:05:21 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013.03.17 17:05:21 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013.03.17 17:05:21 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013.03.17 17:05:21 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013.03.17 17:05:21 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013.03.17 17:05:21 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013.03.17 17:05:20 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013.03.17 17:05:20 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013.03.17 17:05:20 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013.03.17 17:05:20 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013.03.17 17:05:20 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013.03.17 17:05:20 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013.03.17 17:05:20 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013.03.17 17:05:20 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013.03.17 17:05:20 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013.03.17 17:05:20 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013.03.17 17:05:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013.03.17 17:05:20 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013.03.17 17:05:20 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013.03.17 17:05:20 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013.03.17 17:05:20 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013.03.17 17:05:20 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013.03.17 17:05:19 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013.03.17 17:05:19 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013.03.17 17:05:19 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013.03.17 17:05:19 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013.03.17 17:05:19 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013.03.17 17:05:19 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013.03.17 17:05:19 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013.03.17 17:05:19 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013.03.17 17:05:19 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013.03.17 17:05:19 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013.03.17 17:05:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013.03.17 17:05:19 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013.03.17 17:05:19 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013.03.17 17:05:19 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013.03.17 17:05:18 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013.03.17 17:05:18 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013.03.17 17:05:18 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013.03.17 17:05:18 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013.03.17 17:05:18 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013.03.17 17:05:18 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013.03.17 17:05:17 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.03.17 17:05:17 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013.03.17 17:05:17 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.03.17 17:05:17 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013.03.17 17:05:17 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013.03.17 17:05:17 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013.03.17 17:05:17 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013.03.17 17:05:17 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013.03.17 17:05:17 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013.03.17 17:05:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013.03.17 17:05:17 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013.03.17 17:05:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013.03.17 17:05:17 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013.03.17 17:05:17 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013.03.17 17:05:17 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013.03.17 17:05:17 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013.03.17 17:05:17 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013.03.17 17:05:17 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2013.03.17 17:05:17 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013.03.17 17:05:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013.03.17 17:05:16 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013.03.17 17:05:16 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013.03.17 17:05:16 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013.03.17 17:05:16 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013.03.17 17:05:16 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013.03.17 17:05:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013.03.17 17:05:16 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013.03.17 17:05:16 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013.03.17 17:05:16 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013.03.17 17:05:16 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013.03.17 17:05:16 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013.03.17 17:05:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013.03.17 17:05:15 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013.03.17 17:05:15 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013.03.17 17:05:15 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013.03.17 17:05:15 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013.03.17 17:05:15 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013.03.17 17:05:15 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013.03.17 17:05:15 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013.03.17 17:05:15 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013.03.17 17:05:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013.03.17 17:05:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013.03.17 17:05:15 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013.03.17 17:05:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013.03.17 17:05:15 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013.03.17 17:05:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013.03.17 17:05:14 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013.03.17 17:05:14 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013.03.17 17:05:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013.03.17 17:05:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013.03.17 17:05:14 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013.03.17 17:05:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013.03.17 17:05:12 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.03.17 17:05:12 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013.03.17 17:05:11 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013.03.17 17:05:11 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013.03.17 17:05:11 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013.03.17 17:05:11 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013.03.17 17:05:11 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013.03.17 17:05:11 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013.03.17 17:05:11 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013.03.17 17:05:11 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013.03.17 17:05:11 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013.03.17 17:05:11 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013.03.17 17:05:10 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013.03.17 17:05:10 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013.03.17 17:05:10 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013.03.17 17:05:10 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013.03.17 17:05:09 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013.03.17 17:05:09 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013.03.17 16:55:13 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Gameforge4d
[2013.03.17 16:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
[2013.03.17 16:54:50 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Programs
[2013.03.17 16:40:31 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\DoNotTrackPlus
[2013.03.17 16:40:26 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\AskToolbar
[2013.03.17 16:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.03.17 16:19:56 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\WinRAR
[2013.03.17 16:19:56 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.03.17 16:19:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.03.17 16:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.03.17 16:18:55 | 000,262,144 | ---- | C] (SONIX) -- C:\Windows\tsnpstd3.exe
[2013.03.17 16:18:55 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\amcap.exe
[2013.03.17 16:18:54 | 010,246,144 | ---- | C] (Sonix Co. Ltd.) -- C:\Windows\SysWow64\drivers\snpstd3.sys
[2013.03.17 16:18:54 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013.03.17 16:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB PC Camera Plus
[2013.03.17 16:18:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\snpstd3
[2013.03.17 16:18:38 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\InstallShield
[2013.03.17 16:13:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2013.03.17 16:04:46 | 001,085,344 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.03.17 16:04:46 | 000,963,488 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.03.17 16:04:46 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.03.17 16:04:44 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.03.17 16:04:44 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.03.17 16:04:44 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.03.17 16:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.03.17 16:02:18 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Avira
[2013.03.17 16:00:02 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\DivX
[2013.03.17 15:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013.03.17 15:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.03.17 15:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.03.17 15:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.03.17 15:56:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2013.03.17 15:56:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.03.17 15:56:22 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.17 15:56:22 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.17 15:56:22 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.17 15:56:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.03.17 15:56:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.03.17 15:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.03.17 15:49:28 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013.03.17 15:49:28 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013.03.17 15:49:28 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013.03.17 15:49:17 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013.03.17 15:49:17 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013.03.17 15:49:17 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013.03.17 15:49:12 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013.03.17 15:49:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013.03.17 15:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.03.17 15:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2013.03.17 15:41:57 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Skype
[2013.03.17 15:41:55 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.03.17 15:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.03.17 15:41:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.03.17 15:41:53 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.03.17 15:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.03.17 15:37:33 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Roaming\Mozilla
[2013.03.17 15:37:33 | 000,000,000 | ---D | C] -- C:\Users\Malte\AppData\Local\Mozilla
[2013.03.17 15:37:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.03.17 15:37:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.17 15:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.02.26 00:32:44 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.02.26 00:32:44 | 002,505,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.02.26 00:32:42 | 015,129,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.02.26 00:32:40 | 006,262,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.02.26 00:32:40 | 002,826,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.02.26 00:32:38 | 018,055,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.02.26 00:32:38 | 001,814,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2013.02.26 00:32:38 | 001,107,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.02.26 00:32:36 | 026,929,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.02.26 00:32:36 | 002,720,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.02.26 00:32:36 | 000,958,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.02.26 00:32:34 | 007,932,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.02.26 00:32:34 | 002,346,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.02.26 00:32:32 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2013.02.26 00:32:32 | 000,245,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.02.26 00:32:28 | 002,904,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.02.26 00:32:26 | 020,449,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.02.26 00:32:26 | 015,053,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.02.26 00:32:24 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.02.26 00:32:08 | 012,641,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.02.26 00:32:08 | 007,564,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.02.26 00:32:08 | 001,985,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.02.26 00:32:06 | 009,390,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.02.26 00:32:04 | 000,201,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.20 18:16:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.20 18:16:16 | 4279,431,166 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.20 17:21:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Malte\Desktop\OTL.exe
[2013.03.17 21:54:42 | 000,020,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.17 21:54:42 | 000,020,672 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.17 21:53:53 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.17 21:53:53 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.17 21:53:53 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.17 21:53:53 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.17 21:53:53 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.17 19:50:37 | 000,275,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.17 18:32:46 | 000,001,962 | ---- | M] () -- C:\Users\Public\Desktop\AION Free-to-Play.lnk
[2013.03.17 18:27:16 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Gameforge Live.lnk
[2013.03.17 17:14:38 | 000,055,513 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.03.17 17:14:38 | 000,055,513 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013.03.17 17:13:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.03.17 16:20:45 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.03.17 16:04:40 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.03.17 16:04:40 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.03.17 16:04:40 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.03.17 16:04:40 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.03.17 16:04:40 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.03.17 16:04:40 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.03.17 15:57:03 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.03.17 15:48:12 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.03.17 15:41:55 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.03.17 15:37:31 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.02.26 00:32:44 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.02.26 00:32:44 | 002,505,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.02.26 00:32:42 | 015,129,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.02.26 00:32:40 | 006,262,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.02.26 00:32:40 | 002,826,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.02.26 00:32:40 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.02.26 00:32:38 | 018,055,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.02.26 00:32:38 | 001,814,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2013.02.26 00:32:38 | 001,107,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.02.26 00:32:36 | 026,929,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.02.26 00:32:36 | 002,720,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.02.26 00:32:36 | 000,958,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.02.26 00:32:34 | 007,932,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.02.26 00:32:34 | 002,346,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.02.26 00:32:32 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2013.02.26 00:32:32 | 000,245,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.02.26 00:32:28 | 002,904,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.02.26 00:32:26 | 020,449,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.02.26 00:32:26 | 015,053,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.02.26 00:32:24 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.02.26 00:32:08 | 012,641,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.02.26 00:32:08 | 007,564,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.02.26 00:32:08 | 001,985,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.02.26 00:32:08 | 000,017,266 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.02.26 00:32:06 | 009,390,760 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.02.26 00:32:06 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.02.26 00:32:04 | 000,201,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
 
========== Files Created - No Company Name ==========
 
[2013.03.17 18:32:46 | 000,001,962 | ---- | C] () -- C:\Users\Public\Desktop\AION Free-to-Play.lnk
[2013.03.17 18:27:16 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Gameforge Live.lnk
[2013.03.17 17:55:07 | 002,953,448 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.03.17 17:20:21 | 000,001,405 | ---- | C] () -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.03.17 17:20:19 | 000,001,439 | ---- | C] () -- C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.03.17 17:14:30 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.03.17 17:14:20 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.03.17 17:13:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.03.17 17:10:21 | 4279,431,166 | -HS- | C] () -- C:\hiberfil.sys
[2013.03.17 16:20:45 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.03.17 16:20:45 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.03.17 16:18:55 | 000,843,776 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2013.03.17 16:18:55 | 000,166,912 | ---- | C] ( ) -- C:\Windows\SysNative\rsnpstd3.dll
[2013.03.17 16:18:55 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2013.03.17 16:18:55 | 000,013,023 | ---- | C] () -- C:\Windows\snpstd3.src
[2013.03.17 16:18:54 | 000,172,032 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll
[2013.03.17 16:18:54 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
[2013.03.17 16:18:54 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[2013.03.17 16:18:54 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysNative\csnpstd3.dll
[2013.03.17 15:57:03 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.03.17 15:48:12 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.03.17 15:41:55 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.03.17 15:37:31 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.17 15:37:31 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.02.26 00:32:08 | 000,017,266 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Extras:

Code:

ATTFilter

OTL Extras logfile created on: 20.03.2013 18:24:50 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Malte\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 15,01 Gb Available Physical Memory | 93,94% Memory free
31,96 Gb Paging File | 31,00 Gb Available in Paging File | 97,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,45 Gb Total Space | 387,32 Gb Free Space | 84,85% Space Free | Partition Type: NTFS
Drive D: | 456,96 Gb Total Space | 456,86 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 3,72 Gb Total Space | 2,87 Gb Free Space | 77,08% Space Free | Partition Type: FAT32
 
Computer Name: MALTE-PC | User Name: Malte | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3933021910-705557541-2875534901-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{542DBE80-1599-41AD-AE17-4F8AC93A1EC5}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{5CAFD889-3E28-4431-B0D5-2EC0C86D3784}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{C72BBB1E-55BF-43F8-82DB-960C93D328C4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{D6A67AE9-C9C1-42B2-A4AE-73F3E8D487D6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{EDAA3636-110A-4009-BAA9-D6863AA8BC64}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play Version 1.0
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.0 "Legend"
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"DivX Setup" = DivX-Setup
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"TeamViewer 8" = TeamViewer 8
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3933021910-705557541-2875534901-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.03.2013 12:17:18 | Computer Name = Malte-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.03.2013 12:23:42 | Computer Name = Malte-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.03.2013 10:59:55 | Computer Name = Malte-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\DivX\DivX
 Plus Media Foundation Components\ACMWrapperDMO.dll".  Die abhängige Assemblierung
 "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.03.2013 10:59:55 | Computer Name = Malte-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\DivX\DivX
 Plus Media Foundation Components\DivXThumbnailProvider.dll".  Die abhängige Assemblierung
 "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.03.2013 10:59:56 | Computer Name = Malte-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\DivX\DivX
 Plus Media Foundation Components\DivXPropertyHandler.dll".  Die abhängige Assemblierung
 "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 17.03.2013 14:51:53 | Computer Name = Malte-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 19.03.2013 14:00:48 | Computer Name = Malte-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 19.03.2013 13:59:06 | Computer Name = Malte-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 19.03.2013 13:59:11 | Computer Name = Malte-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 19.03.2013 13:59:12 | Computer Name = Malte-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 19.03.2013 13:59:13 | Computer Name = Malte-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 20.03.2013 13:16:19 | Computer Name = Malte-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?20.?03.?2013 um 00:14:10 unerwartet heruntergefahren.
 
Error - 20.03.2013 13:16:21 | Computer Name = Malte-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   avipbb  avkmgr  discache  spldr  Wanarpv6
 
Error - 20.03.2013 13:16:27 | Computer Name = Malte-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 20.03.2013 13:16:33 | Computer Name = Malte-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 20.03.2013 13:16:34 | Computer Name = Malte-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 20.03.2013 13:16:34 | Computer Name = Malte-PC | Source = DCOM | ID = 10005
Description = 
 
 
< End of report >

cosinus · 20.03.2013, 22:41

Rootkitscan mit GMER

Bitte lade dir

GMER herunter: (Dateiname zufällig)

Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

Probiere alternativ den abgesicherten Modus.
Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

19.03.2013, 13:54	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Verdacht auf Reste vom Gvu Trojaner Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung? Abgesicherter Modus zur Bereinigung Windows mit F8-Taste beim Start in den abgesicherten Modus bringen. Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern: __________________ Logfiles bitte immer in CODE-Tags posten

Verdacht auf Reste vom Gvu Trojaner

Log-Analyse und Auswertung: Verdacht auf Reste vom Gvu Trojaner