Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: "Monstermarketplace" - Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 30.09.2013, 08:37   #1
DavidH.
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



wie schon das Thema sagt habe ich mir den Monstermarketplace Trojaner eingefangen. Es werden mir also imerzu im Browser Worter als Verlinkungen angezeigt und wenn darauf kommt öffnet sich ein kleines Fenster mit der Frage pb man dies sucht usw..

Habe mich an die Anleitung gehalten und hier sind meine bisherigen Logfiles.

Als erstes die Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by David at 2013-09-30 09:15:01
Running from C:\Users\David\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

µTorrent (x32 Version: 3.2.1.28086)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
ANNO 2070 - Complete Edition (x32 Version: 2.00.7780)
Any Video Converter 3.5.8 (x32)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
Ashampoo Burning Studio 6 FREE v.6.81 (x32 Version: 6.8.1)
Ashampoo Burning Studio 6 FREE v.6.84 (x32 Version: 6.8.4)
Battlefield 3 (x32 Version: v1.0)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12)
BioShock Infinite (x32)
Browser Guard (x32)
Call of Duty: Black Ops (x32)
Canon Easy-PhotoPrint EX (x32)
Canon Easy-WebPrint EX (x32)
Canon MG5200 series MP Drivers
Canon MP Navigator EX 4.0 (x32)
Canon My Printer (x32)
Canon Solution Menu EX (x32)
CCleaner (Version: 4.00)
Coby Media Manager (x32 Version: 1.0.6316)
CyberLink PowerDVD 10 (x32 Version: 10.0.4427.02)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Diablo III (x32 Version: 1.0.8.16603)
DivX-Setup (x32 Version: 2.6.1.22)
DmC: Devil May Cry (x32 Version: 1.0)
ESET Smart Security (Version: 5.2.9.12)
Farming Simulator 2013 (x32)
FIFA Manager 13 (x32 Version: 1.0.4.0)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
Game of Thrones - Blood_Bound Version 1.0.0.0 (x32 Version: 1.0.0.0)
Game of Thrones Version 1.4.2.0 (x32 Version: 1.4.2.0)
GeForce Experience NvStream Client Components (Version: 0.1.87)
GfK Internet-Monitor (x32 Version: 12.6.186)
GIMP 2.6.11 (x32 Version: 2.6.11)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Guild Wars 2 (x32)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1281)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.738.1)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.5)
Java SE Development Kit 7 Update 9 (64-bit) (Version: 1.7.0.90)
KeePass Password Safe 1.24 (x32 Version: 1.24)
LEGO® Der Herr der Ringe™ (x32 Version: 1.0.0.0)
Logitech Gaming Software (Version: 8.40.83)
Logitech Gaming Software 8.40 (Version: 8.40.83)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.0.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Neverwinter (x32)
Notepad++ (x32 Version: 6.2.3)
NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 327.23 (Version: 327.23)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723)
NVIDIA Systemsteuerung 327.23 (Version: 327.23)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Outlast (x32 Version: 1)
Panel+ (x32 Version: 5.3.5)
PDFCreator (x32 Version: 1.6.2)
Peggle Deluxe (x32)
PlanetSide 2 (HKCU Version: 1.0.3.183)
PlanetSide 2 (x32)
QuickTime (x32 Version: 7.74.80.86)
Ravensburger tiptoi (x32)
RCT3 Soaked (x32 Version: 1.00.000)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
ROCCAT Kone XTD Mouse Driver (x32)
RollerCoaster Tycoon 3 (x32 Version: 1.00.000)
Saints Row IV (x32 Version: 1.0.5.0)
SHIELD Streaming (Version: 1.05.28)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.6)
Tomb Raider (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Winamp (x32 Version: 5.64 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Utils (x32)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
XAMPP 1.8.1 (x32)

==================== Restore Points  =========================

15-09-2013 15:23:34 Entfernt Grand Theft Auto IV
23-09-2013 06:56:11 Geplanter Prüfpunkt
28-09-2013 12:12:55 Free YouTube Download Manager
30-09-2013 06:41:59 Free YouTube Download Manager

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {17CD5477-30AB-400E-BDE3-31EC573F96ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {38621F5A-BA98-451C-B665-BB48BF911D92} - \Software Updater No Task File
Task: {407B5460-3BF9-4D3E-9EE0-4B79DCCB2A18} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {45FF9BF5-CE8C-4665-A638-2830D7C893ED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C0C56FF8-EE49-4AC9-835C-60E08C59028F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)

==================== Loaded Modules (whitelisted) =============

2013-06-01 11:04 - 2013-06-01 11:05 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-09-01 00:06 - 2013-09-01 00:06 - 01179136 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\9fbc5975a21c5638ba05f81b9febfaee\Windows.UI.ni.dll
2013-01-24 01:05 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2013-07-23 18:01 - 2013-07-15 09:09 - 02180584 _____ () C:\Program Files (x86)\gfklspservice\pcproxydll.dll
2013-02-21 16:18 - 2013-02-21 16:18 - 00032768 _____ () C:\Users\David\AppData\Local\Panel+\service\TrotiNet.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2012-12-21 17:27 - 2012-06-17 12:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2013-08-17 11:13 - 2013-08-17 11:13 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-15 08:39 - 2013-08-15 08:39 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\26def6ab53d268e53635f2a61a1b2ed3\PSIClient.ni.dll
2012-10-16 10:42 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/30/2013 08:42:16 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000015C,0x00530194,0000000000000000,0,00000090E0540080,4096,[0]).


Vorgang:
   Schattenkopien abfragen

Error: (09/29/2013 11:24:37 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/29/2013 11:24:36 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/29/2013 11:24:32 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/29/2013 11:24:24 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/29/2013 01:47:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/24/2013 08:53:12 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 23.0.1.4974 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d2c

Startzeit: 01ceb8ef1f0e7243

Endzeit: 25

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: f8adf979-24e5-11e3-bf04-902b349f0328

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/24/2013 08:15:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: PAPAMASCHIENE)
Description: Das Paket „microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (09/22/2013 02:10:57 PM) (Source: NVIDIA OpenGL Driver) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.


Error code: 3
Visit hxxp://www.nvidia.com/page/support.html for more information.

Error: (09/22/2013 00:31:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PAPAMASCHIENE)
Description: Bei der Aktivierung der App „Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (09/28/2013 02:12:53 PM) (Source: Service Control Manager) (User: )
Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/28/2013 02:12:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (09/25/2013 07:05:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/25/2013 07:05:22 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (09/25/2013 10:01:20 AM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (09/25/2013 10:01:13 AM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (09/24/2013 08:18:59 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎24.‎09.‎2013 um 08:14:10 unerwartet heruntergefahren.

Error: (09/23/2013 08:57:51 AM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (09/23/2013 08:56:08 AM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (09/22/2013 00:29:33 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎22.‎09.‎2013 um 12:27:44 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (09/30/2013 08:42:16 AM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000015C,0x00530194,0000000000000000,0,00000090E0540080,4096,[0])

Vorgang:
   Schattenkopien abfragen

Error: (09/29/2013 11:24:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/29/2013 11:24:36 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/29/2013 11:24:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/29/2013 11:24:24 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/29/2013 01:47:19 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/24/2013 08:53:12 AM) (Source: Application Hang)(User: )
Description: firefox.exe23.0.1.49741d2c01ceb8ef1f0e724325C:\Program Files (x86)\Mozilla Firefox\firefox.exef8adf979-24e5-11e3-bf04-902b349f0328

Error: (09/24/2013 08:15:35 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: PAPAMASCHIENE)
Description: microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe

Error: (09/22/2013 02:10:57 PM) (Source: NVIDIA OpenGL Driver)(User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.


Error code: 3
Visit hxxp://www.nvidia.com/page/support.html for more information.

Error: (09/22/2013 00:31:10 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PAPAMASCHIENE)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2144927142


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 8134.25 MB
Available physical RAM: 5739.94 MB
Total Pagefile: 9350.25 MB
Available Pagefile: 6809.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.71 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:916.35 GB) (Free:823.31 GB) NTFS
Drive f: (Volume) (Fixed) (Total:931.51 GB) (Free:350.29 GB) NTFS
Drive g: (Outlast) (CDROM) (Total:3.49 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 241ACCFA)

Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 01C974AF)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
nun die FRST.txt:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by David (administrator) on PAPAMASCHIENE on 30-09-2013 09:11:12
Running from C:\Users\David\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
(GfK) C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(PixArt Imaging Incorporation) C:\Windows\Philips\SPC500NC\Monitor.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Ipsos) C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
() C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe\KeePass.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [SPC500NC_Monitor] - C:\Windows\Philips\SPC500NC\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Panel+] - C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe [140880 2013-02-21] (Ipsos)
MountPoints2: {56c54f68-2ba2-11e2-be87-902b349f0328} - "J:\Launcher.exe" 
MountPoints2: {6e2b7242-9e9e-11e2-bec9-902b349f0328} - "G:\setup.exe" 
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [RoccatKoneXTD] - C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [558944 2012-11-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [GfK-WatchDog] - C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2013-07-15] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL [253816 2013-03-12] ()
AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [ ] ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

ProxyServer: http=localhost:44413
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms}
SearchScopes: HKLM-x32 - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Winsock: Catalog9 01 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 15 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 02 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 03 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 04 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 15 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default
FF NewTab: about:home
FF Homepage: about:home
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin HKCU: @IpsosPanelPlus@ipsosinteractive.com - C:\Users\David\AppData\Local\Panel+\toolbar_ff\plugins\npIpsosCommPlugin.dll (IDM)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
FF Extension: pricealarm - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\ich@maltegoetz.de
FF Extension: admin - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\admin@proxy-listen.de.xpi
FF Extension: DivXWebPlayer - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\DivXWebPlayer@divx.com.xpi
FF Extension: nasanightlaunch - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: Noia4Options - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\Noia4Options@ArisT2.xpi
FF Extension: YoutubeDownloader - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor
FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor
FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF Extension: No Name - C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [IpsosPanelPlus@ipsosinteractive.com] - C:\Users\David\AppData\Local\Panel+\toolbar_ff\
FF Extension: Panel+ - C:\Users\David\AppData\Local\Panel+\toolbar_ff\

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-13] (Adobe Systems)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3019752 2013-07-15] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1376232 2013-07-15] ()
R2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2013-07-15] (GfK)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-04-06] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R3 SPC500NC; C:\Windows\system32\DRIVERS\SPC500NC.SYS [481280 2007-06-21] (PixArt Imaging Inc.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST
2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log
2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable
2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe
2013-09-29 14:18 - 2013-09-29 14:18 - 00000643 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD.torrent
2013-09-29 14:15 - 2013-09-29 14:15 - 00003939 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Incl.Patch-MeGaHeRTZ.torrent
2013-09-29 13:57 - 2013-09-29 13:57 - 00001080 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-29 13:57 - 2013-09-29 13:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 13:57 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt
2013-09-29 01:48 - 2013-09-29 01:49 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt
2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe
2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 01:37 - 2013-09-30 08:56 - 00000000 ____D C:\AdwCleaner
2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe
2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-09-28 14:12 - 2013-09-28 16:07 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-28 14:09 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-28 14:05 - 2013-09-28 14:05 - 00735880 _____ C:\Users\David\Downloads\youtube-dlm_1.0_de-DE.exe
2013-09-24 23:53 - 2013-09-25 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa.zip
2013-09-24 19:11 - 2013-09-24 19:19 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi
2013-09-24 19:10 - 2013-09-24 19:14 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk
2013-09-24 19:10 - 2013-09-24 19:14 - 00000000 ____D C:\ProgramData\RavensburgerTipToi
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2013-09-23 00:00 - 2013-09-23 00:02 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip
2013-09-22 23:59 - 2013-09-23 00:14 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip
2013-09-22 23:58 - 2013-09-23 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip
2013-09-22 22:11 - 2013-09-28 17:39 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db
2013-09-22 15:34 - 2013-09-22 15:37 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip
2013-09-22 15:31 - 2013-09-22 15:34 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip
2013-09-22 15:16 - 2013-09-30 00:23 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft
2013-09-22 15:09 - 2013-09-22 15:12 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip
2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213
2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe
2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip
2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar
2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar
2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-22 12:34 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-22 12:34 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-22 12:34 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-22 12:34 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk
2013-09-21 10:43 - 2013-09-21 10:57 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip
2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip
2013-09-21 10:28 - 2013-09-21 10:29 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar
2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip
2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe
2013-09-15 21:59 - 2013-09-15 22:02 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk
2013-09-15 17:58 - 2013-09-15 17:59 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip
2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk
2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13
2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect
2013-09-15 17:03 - 2013-09-15 17:04 - 02256056 _____ C:\Users\David\Downloads\PW.zip
2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 20:36 - 2013-09-12 20:36 - 00023773 _____ C:\Users\David\Downloads\BTF-VA.-.German.Top.100.Single.Charts.16.09.2013.MP3.VBR.torrent
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-11 18:43 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 18:43 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 18:43 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 18:43 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 18:43 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 18:43 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 18:43 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 18:43 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 18:43 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 18:43 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 18:43 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 18:42 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 18:42 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 18:42 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 18:42 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 18:42 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 18:42 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 18:42 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 18:42 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 18:42 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-09-11 18:41 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-09-11 18:41 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 18:41 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 18:41 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 18:41 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 18:41 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 18:41 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 18:41 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 18:41 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 18:41 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 18:41 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 18:41 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 18:41 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 18:41 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 18:41 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 18:41 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 18:41 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 18:41 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 18:41 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 18:41 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 18:41 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 18:41 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 18:41 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 18:41 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 18:41 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 18:41 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 18:41 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 18:41 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 18:41 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 18:41 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 18:41 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 18:41 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 18:41 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 18:41 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 18:41 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 18:41 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 18:41 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 18:41 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 18:41 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 18:41 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 18:41 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 18:41 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 18:41 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 18:41 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-10 11:10 - 2013-09-10 20:58 - 00000000 ____D C:\Users\David\Desktop\ESW
2013-09-05 19:21 - 2013-09-05 19:21 - 00000000 ____D C:\Users\David\Downloads\ACE Wood V1.62
2013-09-05 19:18 - 2013-09-05 19:20 - 04407283 _____ C:\Users\David\Downloads\ACE Wood V1.62.zip
2013-09-05 19:01 - 2013-09-05 19:01 - 00000000 ____D C:\Users\David\Downloads\ACE Wood V1.61
2013-09-05 19:00 - 2013-09-05 19:01 - 04407177 _____ C:\Users\David\Downloads\ACE Wood V1.61.zip
2013-09-05 18:33 - 2013-09-05 18:33 - 00000000 ____D C:\Users\David\Downloads\AKAIO.1.9.0
2013-09-05 18:31 - 2013-09-05 18:32 - 05303571 _____ C:\Users\David\Downloads\AKAIO.1.9.0.zip
2013-09-03 00:10 - 2013-09-03 00:10 - 00066494 _____ C:\Users\David\Downloads\X-RayMod_v042.zip

==================== One Month Modified Files and Folders =======

2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST
2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log
2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable
2013-09-30 09:09 - 2012-11-10 22:21 - 00000000 ____D C:\Users\David
2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe
2013-09-30 09:03 - 2012-11-10 22:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176403951-1178010183-3754737978-1002
2013-09-30 09:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-30 08:58 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfKLSPService
2013-09-30 08:58 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfK Internet-Monitor
2013-09-30 08:57 - 2012-10-16 12:46 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-30 08:57 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-30 08:57 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-09-30 08:56 - 2013-09-29 01:37 - 00000000 ____D C:\AdwCleaner
2013-09-30 08:52 - 2012-11-10 22:21 - 01709076 _____ C:\Windows\WindowsUpdate.log
2013-09-30 08:42 - 2013-08-22 22:05 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-30 07:19 - 2012-11-11 14:15 - 00000000 ____D C:\Users\David\Documents\DLS HANKO
2013-09-30 00:23 - 2013-09-22 15:16 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft
2013-09-29 14:27 - 2012-11-12 19:09 - 00000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2013-09-29 14:27 - 2012-10-16 08:30 - 00820374 _____ C:\Windows\PFRO.log
2013-09-29 14:18 - 2013-09-29 14:18 - 00000643 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD.torrent
2013-09-29 14:15 - 2013-09-29 14:15 - 00003939 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Incl.Patch-MeGaHeRTZ.torrent
2013-09-29 13:57 - 2013-09-29 13:57 - 00001080 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-29 13:57 - 2013-09-29 13:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt
2013-09-29 01:49 - 2013-09-29 01:48 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt
2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe
2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 01:38 - 2012-11-10 22:23 - 00000000 ___RD C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe
2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe
2013-09-28 17:39 - 2013-09-22 22:11 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db
2013-09-28 16:08 - 2012-12-21 23:33 - 00000000 ____D C:\ProgramData\ashampoo
2013-09-28 16:07 - 2013-09-28 14:12 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-09-28 14:09 - 2013-08-17 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-28 14:05 - 2013-09-28 14:05 - 00735880 _____ C:\Users\David\Downloads\youtube-dlm_1.0_de-DE.exe
2013-09-26 18:31 - 2012-12-31 02:10 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-26 08:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-25 19:24 - 2012-07-26 12:27 - 00752930 _____ C:\Windows\system32\perfh007.dat
2013-09-25 19:24 - 2012-07-26 12:27 - 00156156 _____ C:\Windows\system32\perfc007.dat
2013-09-25 19:24 - 2012-07-26 09:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-25 00:07 - 2013-09-24 23:53 - 64079267 _____ C:\Users\David\Downloads\Misa.zip
2013-09-24 19:19 - 2013-09-24 19:11 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi
2013-09-24 19:14 - 2013-09-24 19:10 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk
2013-09-24 19:14 - 2013-09-24 19:10 - 00000000 ____D C:\ProgramData\RavensburgerTipToi
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2013-09-24 19:10 - 2012-07-26 09:21 - 00043732 _____ C:\Windows\setupact.log
2013-09-23 00:14 - 2013-09-22 23:59 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip
2013-09-23 00:07 - 2013-09-22 23:58 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip
2013-09-23 00:02 - 2013-09-23 00:00 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip
2013-09-22 15:37 - 2013-09-22 15:34 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip
2013-09-22 15:34 - 2013-09-22 15:31 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip
2013-09-22 15:12 - 2013-09-22 15:09 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip
2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213
2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe
2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip
2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar
2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar
2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-22 12:37 - 2012-10-16 12:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-21 10:57 - 2013-09-21 10:43 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip
2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk
2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip
2013-09-21 10:29 - 2013-09-21 10:28 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar
2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip
2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe
2013-09-20 07:16 - 2012-11-13 02:02 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2013-09-19 01:26 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 01:26 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-15 22:02 - 2013-09-15 21:59 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk
2013-09-15 22:02 - 2013-05-12 11:43 - 00000000 ____D C:\ProgramData\Steam
2013-09-15 22:02 - 2012-12-09 02:18 - 00000000 ____D C:\Users\David\Documents\My Games
2013-09-15 18:00 - 2012-11-18 18:43 - 00000000 ____D C:\Users\David\Desktop\Hockeyprogramme
2013-09-15 17:59 - 2013-09-15 17:58 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip
2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk
2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13
2013-09-15 17:46 - 2012-11-16 18:41 - 00000000 ____D C:\Users\David\Documents\FUSSBALL MANAGER 13
2013-09-15 17:40 - 2012-11-11 03:03 - 00182162 _____ C:\Windows\DirectX.log
2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect
2013-09-15 17:26 - 2012-10-16 08:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-15 17:04 - 2013-09-15 17:03 - 02256056 _____ C:\Users\David\Downloads\PW.zip
2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 20:36 - 2013-09-12 20:36 - 00023773 _____ C:\Users\David\Downloads\BTF-VA.-.German.Top.100.Single.Charts.16.09.2013.MP3.VBR.torrent
2013-09-12 10:58 - 2013-09-22 12:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-12 10:58 - 2013-09-22 12:34 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 00022814 _____ C:\Windows\system32\nvinfo.pb
2013-09-12 10:58 - 2012-07-25 22:22 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-12 09:25 - 2012-10-16 12:46 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-12 09:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-12 08:28 - 2012-11-21 19:08 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-12 08:10 - 2012-11-20 22:09 - 00000000 ____D C:\Users\David\AppData\Roaming\TS3Client
2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-12 08:03 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-12 00:06 - 2012-10-16 12:46 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-09-11 19:47 - 2013-08-14 08:05 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 19:46 - 2012-12-12 07:50 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 20:58 - 2013-09-10 11:10 - 00000000 ____D C:\Users\David\Desktop\ESW
2013-09-05 19:21 - 2013-09-05 19:21 - 00000000 ____D C:\Users\David\Downloads\ACE Wood V1.62
2013-09-05 19:20 - 2013-09-05 19:18 - 04407283 _____ C:\Users\David\Downloads\ACE Wood V1.62.zip
2013-09-05 19:01 - 2013-09-05 19:01 - 00000000 ____D C:\Users\David\Downloads\ACE Wood V1.61
2013-09-05 19:01 - 2013-09-05 19:00 - 04407177 _____ C:\Users\David\Downloads\ACE Wood V1.61.zip
2013-09-05 18:33 - 2013-09-05 18:33 - 00000000 ____D C:\Users\David\Downloads\AKAIO.1.9.0
2013-09-05 18:32 - 2013-09-05 18:31 - 05303571 _____ C:\Users\David\Downloads\AKAIO.1.9.0.zip
2013-09-03 21:08 - 2012-11-12 20:52 - 00000000 ____D C:\Users\David\Documents\Euro Truck Simulator 2
2013-09-03 00:10 - 2013-09-03 00:10 - 00066494 _____ C:\Users\David\Downloads\X-RayMod_v042.zip

Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\$avantbrowser$.update.exe
C:\Users\David\AppData\Local\Temp\apptorun.exe
C:\Users\David\AppData\Local\Temp\COMAP.EXE
C:\Users\David\AppData\Local\Temp\DivXSetup.exe
C:\Users\David\AppData\Local\Temp\DTLite4471-0333.exe
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\David\AppData\Local\Temp\Gw2.exe
C:\Users\David\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\David\AppData\Local\Temp\MSETUP4.EXE
C:\Users\David\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\David\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\David\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\David\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\David\AppData\Local\Temp\nvStInit.dll
C:\Users\David\AppData\Local\Temp\nvStInit64.dll
C:\Users\David\AppData\Local\Temp\nvStInst.exe
C:\Users\David\AppData\Local\Temp\oi_{1847C19F-3FB8-483C-A7AD-CA92D7E9E5BB}.exe
C:\Users\David\AppData\Local\Temp\PanelPlusNotify.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\Uninstaller-2636.exe
C:\Users\David\AppData\Local\Temp\Uninstaller-5564.exe
C:\Users\David\AppData\Local\Temp\Uninstaller-7012.exe
C:\Users\David\AppData\Local\Temp\xmlUpdater.exe
C:\Users\David\AppData\Local\Temp\_inst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-29 11:30

==================== End Of Log ============================
         
zu guter Letzt die gmer.txt:

Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-30 09:26:46
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003c Hitachi_HDS721010DLE630 rev.MS2OA650 931,51GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\David\AppData\Local\Temp\kwlorpob.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\system32\dwm.exe[648] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                  000007ff568f177a 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\system32\dwm.exe[648] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                  000007ff568f1782 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\System32\spoolsv.exe[1400] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                             000007ff568f177a 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\System32\spoolsv.exe[1400] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                             000007ff568f1782 4 bytes [8F, 56, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690              000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698              000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246            000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306    000007ff568f177a 4 bytes [8F, 56, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314    000007ff568f1782 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\MSIMG32.dll!GradientFill + 690                                        000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\MSIMG32.dll!GradientFill + 698                                        000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246                                      000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                              000007ff568f177a 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                              000007ff568f1782 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                               000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                       000007ff568f177a 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                       000007ff568f1782 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\Explorer.EXE[4780] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                     000007ff568f177a 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\Explorer.EXE[4780] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                     000007ff568f1782 4 bytes [8F, 56, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5056] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5056] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5056] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246              000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[5480] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                       000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[5480] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                       000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[5480] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                     000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[5188] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 690                    000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[5188] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 698                    000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[5188] C:\Windows\SYSTEM32\msimg32.dll!TransparentBlt + 246                  000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\LCore.exe[5936] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306         000007ff568f177a 4 bytes [8F, 56, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\LCore.exe[5936] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314         000007ff568f1782 4 bytes [8F, 56, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[5344] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690          000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[5344] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698          000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[5344] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246        000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe[5852] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690         000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe[5852] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698         000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe[5852] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246       000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5500] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690    000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5500] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698    000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5500] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246  000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\splwow64.exe[6516] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                               000007ff4f4f1532 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\splwow64.exe[6516] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                               000007ff4f4f153a 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\splwow64.exe[6516] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                             000007ff4f4f165a 4 bytes [4F, 4F, FF, 07]
.text   C:\Windows\splwow64.exe[6516] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                     000007ff568f177a 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\splwow64.exe[6516] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                     000007ff568f1782 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\system32\wwahost.exe[4636] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                             000007ff568f177a 4 bytes [8F, 56, FF, 07]
.text   C:\Windows\system32\wwahost.exe[4636] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                             000007ff568f1782 4 bytes [8F, 56, FF, 07]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [644:680]                                                                                        fffff960008915e8
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7692]                                                                 000007ff5378bbd0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7908]                                                                 000007ff5378bbd0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7936]                                                                 000007ff5378bbd0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7940]                                                                 000007ff5378bbd0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7944]                                                                 000007ff5378bbd0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7948]                                                                 000007ff5378bbd0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7952]                                                                 000007ff5378bbd0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7836]                                                                 000007ff5378bbd0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7892]                                                                 000007ff537a4c70
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7796]                                                                 000007ff537a4c70
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:8012]                                                                 000007ff537a4c70

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                          unknown MBR code

---- EOF - GMER 2.1 ----
         
so hoffe habe erstmal alles richtig gemacht und ihr könnt damit erste Anhaltspunkte finden.

Schonmal besten Dank für eure Mühen.

Alt 30.09.2013, 08:46   #2
aharonov
/// TB-Ausbilder
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



Hi,

Zitat:
2013-09-29 14:18 - 2013-09-29 14:18 - 00000643 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD.torrent
2013-09-29 14:15 - 2013-09-29 14:15 - 00003939 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Incl.Patch-MeGaHeRTZ.torrent
Warum denn das? Die bieten einen kostenlosen Freeware-Scanner..

Das unterstützen wir nicht: http://www.trojaner-board.de/95394-c...-software.html

Wenn ich dir helfen soll, dann deinstalliere und entferne jetzt zuerst restlos alle illegale Software (Cracks, Keygens, etc.). Sobald alles weg ist, können wir loslegen. Sollte ich im weiteren Verlauf aber trotz dieser Warnung nochmals sowas sehen, ist Schluss.

Gib mir Bescheid, sobald es hier weiter geht.
__________________

__________________

Alt 30.09.2013, 16:40   #3
DavidH.
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



so habe den torrent gelöscht und das Programm deinstalliert. Hatte eben gehofft mit der version das Ding loszuwerden.
Übrigends hatte das auch etwas gefunden ein Firefox Addon namens Plus-HD-3.8. Hatte es deinstalliert und mit Malewarebytes nochmal bereinigt. Habe nachgeschaut und es ist wieder da. Eventuell hilft dir das ja.
__________________

Geändert von DavidH. (30.09.2013 um 16:46 Uhr)

Alt 30.09.2013, 16:52   #4
aharonov
/// TB-Ausbilder
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



Starte noch einmal FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.
__________________
cheers,
Leo

Alt 30.09.2013, 17:19   #5
DavidH.
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by David at 2013-09-30 18:18:09
Running from C:\Users\David\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

µTorrent (x32 Version: 3.2.1.28086)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
ANNO 2070 - Complete Edition (x32 Version: 2.00.7780)
Any Video Converter 3.5.8 (x32)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
Ashampoo Burning Studio 6 FREE v.6.81 (x32 Version: 6.8.1)
Ashampoo Burning Studio 6 FREE v.6.84 (x32 Version: 6.8.4)
Battlefield 3 (x32 Version: v1.0)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12)
BioShock Infinite (x32)
Browser Guard (x32)
Call of Duty: Black Ops (x32)
Canon Easy-PhotoPrint EX (x32)
Canon Easy-WebPrint EX (x32)
Canon MG5200 series MP Drivers
Canon MP Navigator EX 4.0 (x32)
Canon My Printer (x32)
Canon Solution Menu EX (x32)
CCleaner (Version: 4.00)
Coby Media Manager (x32 Version: 1.0.6316)
CyberLink PowerDVD 10 (x32 Version: 10.0.4427.02)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Diablo III (x32 Version: 1.0.8.16603)
DivX-Setup (x32 Version: 2.6.1.22)
DmC: Devil May Cry (x32 Version: 1.0)
ESET Smart Security (Version: 5.2.9.12)
Farming Simulator 2013 (x32)
FIFA Manager 13 (x32 Version: 1.0.4.0)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
Game of Thrones - Blood_Bound Version 1.0.0.0 (x32 Version: 1.0.0.0)
Game of Thrones Version 1.4.2.0 (x32 Version: 1.4.2.0)
GeForce Experience NvStream Client Components (Version: 0.1.87)
GfK Internet-Monitor (x32 Version: 12.6.186)
GIMP 2.6.11 (x32 Version: 2.6.11)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Guild Wars 2 (x32)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1281)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.738.1)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.5)
Java SE Development Kit 7 Update 9 (64-bit) (Version: 1.7.0.90)
KeePass Password Safe 1.24 (x32 Version: 1.24)
LEGO® Der Herr der Ringe™ (x32 Version: 1.0.0.0)
Logitech Gaming Software (Version: 8.40.83)
Logitech Gaming Software 8.40 (Version: 8.40.83)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.0.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Neverwinter (x32)
Notepad++ (x32 Version: 6.2.3)
NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 327.23 (Version: 327.23)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723)
NVIDIA Systemsteuerung 327.23 (Version: 327.23)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Outlast (x32 Version: 1)
Panel+ (x32 Version: 5.3.5)
PDFCreator (x32 Version: 1.6.2)
Peggle Deluxe (x32)
PlanetSide 2 (HKCU Version: 1.0.3.183)
PlanetSide 2 (x32)
QuickTime (x32 Version: 7.74.80.86)
Ravensburger tiptoi (x32)
RCT3 Soaked (x32 Version: 1.00.000)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
ROCCAT Kone XTD Mouse Driver (x32)
RollerCoaster Tycoon 3 (x32 Version: 1.00.000)
Saints Row IV (x32 Version: 1.0.5.0)
SHIELD Streaming (Version: 1.05.28)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.6)
Tomb Raider (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Winamp (x32 Version: 5.64 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Utils (x32)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
XAMPP 1.8.1 (x32)

==================== Restore Points  =========================

15-09-2013 15:23:34 Entfernt Grand Theft Auto IV
23-09-2013 06:56:11 Geplanter Prüfpunkt
28-09-2013 12:12:55 Free YouTube Download Manager
30-09-2013 06:41:59 Free YouTube Download Manager

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {17CD5477-30AB-400E-BDE3-31EC573F96ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {38621F5A-BA98-451C-B665-BB48BF911D92} - \Software Updater No Task File
Task: {407B5460-3BF9-4D3E-9EE0-4B79DCCB2A18} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {45FF9BF5-CE8C-4665-A638-2830D7C893ED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C0C56FF8-EE49-4AC9-835C-60E08C59028F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)

==================== Loaded Modules (whitelisted) =============

2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-06-01 11:04 - 2013-06-01 11:05 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-09-01 00:06 - 2013-09-01 00:06 - 01179136 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\9fbc5975a21c5638ba05f81b9febfaee\Windows.UI.ni.dll
2013-01-24 01:05 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2013-08-15 08:39 - 2013-08-15 08:39 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\26def6ab53d268e53635f2a61a1b2ed3\PSIClient.ni.dll
2012-10-16 10:42 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-07-23 18:01 - 2013-07-15 09:09 - 02180584 _____ () C:\Program Files (x86)\gfklspservice\pcproxydll.dll
2013-02-21 16:18 - 2013-02-21 16:18 - 00032768 _____ () C:\Users\David\AppData\Local\Panel+\service\TrotiNet.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2012-12-21 17:27 - 2012-06-17 12:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2013-08-17 11:13 - 2013-08-17 11:13 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/30/2013 05:37:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/30/2013 09:37:40 AM) (Source: .NET Runtime) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:

Server stack trace: 
   bei System.ServiceModel.Channels.ServiceChannel.PrepareCall(ProxyOperationRuntime operation, Boolean oneway, ProxyRpc& rpc)
   bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   bei IAStorDataMgrSvcInterfaces.IPublisher.Unsubscribe()
   bei IAStorIcon.StorageIcon.Stop()
   bei IAStorIcon.Program.Application_ApplicationExit(System.Object, System.EventArgs)
   bei System.Windows.Forms.Application.RaiseExit()
   bei System.Windows.Forms.Application+ThreadContext.Dispose(Boolean)
   bei System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
   bei System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
   bei System.Windows.Forms.Application.Run()
   bei IAStorIcon.Program.Main()

Error: (09/30/2013 09:28:10 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GfKLSPService.exe, Version: 12.8.325.0, Zeitstempel: 0x51e39f4e
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00055aac
ID des fehlerhaften Prozesses: 0x1518
Startzeit der fehlerhaften Anwendung: 0xGfKLSPService.exe0
Pfad der fehlerhaften Anwendung: GfKLSPService.exe1
Pfad des fehlerhaften Moduls: GfKLSPService.exe2
Berichtskennung: GfKLSPService.exe3
Vollständiger Name des fehlerhaften Pakets: GfKLSPService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GfKLSPService.exe5

Error: (09/30/2013 08:42:16 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000015C,0x00530194,0000000000000000,0,00000090E0540080,4096,[0]).


Vorgang:
   Schattenkopien abfragen

Error: (09/29/2013 11:24:37 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/29/2013 11:24:36 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/29/2013 11:24:32 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/29/2013 11:24:24 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/29/2013 01:47:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (09/24/2013 08:53:12 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 23.0.1.4974 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d2c

Startzeit: 01ceb8ef1f0e7243

Endzeit: 25

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: f8adf979-24e5-11e3-bf04-902b349f0328

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (09/30/2013 05:31:43 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "H:" können nicht gelesen werden.

Error: (09/30/2013 09:28:10 AM) (Source: Service Control Manager) (User: )
Description: Dienst "GfKLSPService" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (09/30/2013 09:28:03 AM) (Source: Service Control Manager) (User: )
Description: Dienst "GfKLSPService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/28/2013 02:12:53 PM) (Source: Service Control Manager) (User: )
Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/28/2013 02:12:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (09/25/2013 07:05:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/25/2013 07:05:22 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (09/25/2013 10:01:20 AM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (09/25/2013 10:01:13 AM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (09/24/2013 08:18:59 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎24.‎09.‎2013 um 08:14:10 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (09/30/2013 05:37:44 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\David\Downloads\vcredist_arm.exe

Error: (09/30/2013 09:37:40 AM) (Source: .NET Runtime)(User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:

Server stack trace: 
   bei System.ServiceModel.Channels.ServiceChannel.PrepareCall(ProxyOperationRuntime operation, Boolean oneway, ProxyRpc& rpc)
   bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   bei IAStorDataMgrSvcInterfaces.IPublisher.Unsubscribe()
   bei IAStorIcon.StorageIcon.Stop()
   bei IAStorIcon.Program.Application_ApplicationExit(System.Object, System.EventArgs)
   bei System.Windows.Forms.Application.RaiseExit()
   bei System.Windows.Forms.Application+ThreadContext.Dispose(Boolean)
   bei System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)
   bei System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)
   bei System.Windows.Forms.Application.Run()
   bei IAStorIcon.Program.Main()

Error: (09/30/2013 09:28:10 AM) (Source: Application Error)(User: )
Description: GfKLSPService.exe12.8.325.051e39f4entdll.dll6.2.9200.16578515fac6ec000000500055aac151801cebdae9cfff3ecC:\Program Files (x86)\GfKLSPService\GfKLSPService.exeC:\Windows\SYSTEM32\ntdll.dlldb15f77c-29a1-11e3-bf07-902b349f0328

Error: (09/30/2013 08:42:16 AM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000015C,0x00530194,0000000000000000,0,00000090E0540080,4096,[0])

Vorgang:
   Schattenkopien abfragen

Error: (09/29/2013 11:24:37 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/29/2013 11:24:36 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/29/2013 11:24:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/29/2013 11:24:24 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/29/2013 01:47:19 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (09/24/2013 08:53:12 AM) (Source: Application Hang)(User: )
Description: firefox.exe23.0.1.49741d2c01ceb8ef1f0e724325C:\Program Files (x86)\Mozilla Firefox\firefox.exef8adf979-24e5-11e3-bf04-902b349f0328


==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 8134.25 MB
Available physical RAM: 5855.03 MB
Total Pagefile: 9350.25 MB
Available Pagefile: 7054.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:916.35 GB) (Free:823.22 GB) NTFS
Drive f: (Volume) (Fixed) (Total:931.51 GB) (Free:350.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 241ACCFA)

Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 01C974AF)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by David (administrator) on PAPAMASCHIENE on 30-09-2013 18:16:23
Running from C:\Users\David\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(GfK) C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(PixArt Imaging Incorporation) C:\Windows\Philips\SPC500NC\Monitor.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Ipsos) C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
() C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [SPC500NC_Monitor] - C:\Windows\Philips\SPC500NC\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Panel+] - C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe [140880 2013-02-21] (Ipsos)
MountPoints2: {56c54f68-2ba2-11e2-be87-902b349f0328} - "J:\Launcher.exe" 
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [RoccatKoneXTD] - C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [558944 2012-11-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [GfK-WatchDog] - C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2013-07-15] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL [253816 2013-03-12] ()
AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [ ] ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

ProxyServer: http=localhost:44413
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms}
SearchScopes: HKLM-x32 - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Winsock: Catalog9 01 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 15 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 02 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 03 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 04 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 15 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default
FF NewTab: about:home
FF Homepage: about:home
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin HKCU: @IpsosPanelPlus@ipsosinteractive.com - C:\Users\David\AppData\Local\Panel+\toolbar_ff\plugins\npIpsosCommPlugin.dll (IDM)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com
FF Extension: pricealarm - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\ich@maltegoetz.de
FF Extension: admin - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\admin@proxy-listen.de.xpi
FF Extension: DivXWebPlayer - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\DivXWebPlayer@divx.com.xpi
FF Extension: nasanightlaunch - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: Noia4Options - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\Noia4Options@ArisT2.xpi
FF Extension: YoutubeDownloader - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor
FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor
FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF Extension: No Name - C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [IpsosPanelPlus@ipsosinteractive.com] - C:\Users\David\AppData\Local\Panel+\toolbar_ff\
FF Extension: Panel+ - C:\Users\David\AppData\Local\Panel+\toolbar_ff\

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-13] (Adobe Systems)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3019752 2013-07-15] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1376232 2013-07-15] ()
R2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2013-07-15] (GfK)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-04-06] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R3 SPC500NC; C:\Windows\system32\DRIVERS\SPC500NC.SYS [481280 2007-06-21] (PixArt Imaging Inc.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
R4 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)
U3 kwlorpob; \??\C:\Users\David\AppData\Local\Temp\kwlorpob.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-30 09:26 - 2013-09-30 09:26 - 00010949 _____ C:\Users\David\Downloads\gmer.txt
2013-09-30 09:19 - 2013-09-30 09:19 - 00377856 _____ C:\Users\David\Downloads\gmer_2.1.19163.exe
2013-09-30 09:15 - 2013-09-30 18:08 - 00027351 _____ C:\Users\David\Downloads\Addition.txt
2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST
2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log
2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable
2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe
2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt
2013-09-29 01:48 - 2013-09-29 01:49 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt
2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe
2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 01:37 - 2013-09-30 08:56 - 00000000 ____D C:\AdwCleaner
2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe
2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-09-28 14:12 - 2013-09-28 16:07 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-28 14:09 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-24 23:53 - 2013-09-25 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa.zip
2013-09-24 19:11 - 2013-09-24 19:19 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi
2013-09-24 19:10 - 2013-09-24 19:14 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk
2013-09-24 19:10 - 2013-09-24 19:14 - 00000000 ____D C:\ProgramData\RavensburgerTipToi
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2013-09-23 00:00 - 2013-09-23 00:02 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip
2013-09-22 23:59 - 2013-09-23 00:14 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip
2013-09-22 23:58 - 2013-09-23 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip
2013-09-22 22:11 - 2013-09-28 17:39 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db
2013-09-22 15:34 - 2013-09-22 15:37 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip
2013-09-22 15:31 - 2013-09-22 15:34 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip
2013-09-22 15:16 - 2013-09-30 00:23 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft
2013-09-22 15:09 - 2013-09-22 15:12 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip
2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213
2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe
2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip
2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar
2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar
2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-22 12:34 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-22 12:34 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-22 12:34 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-22 12:34 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk
2013-09-21 10:43 - 2013-09-21 10:57 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip
2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip
2013-09-21 10:28 - 2013-09-21 10:29 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar
2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip
2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe
2013-09-15 21:59 - 2013-09-15 22:02 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk
2013-09-15 17:58 - 2013-09-15 17:59 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip
2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk
2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13
2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect
2013-09-15 17:03 - 2013-09-15 17:04 - 02256056 _____ C:\Users\David\Downloads\PW.zip
2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-11 18:43 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 18:43 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 18:43 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 18:43 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 18:43 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 18:43 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 18:43 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 18:43 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 18:43 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 18:43 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 18:43 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 18:42 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 18:42 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 18:42 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 18:42 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 18:42 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 18:42 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 18:42 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 18:42 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 18:42 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-09-11 18:41 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-09-11 18:41 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 18:41 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 18:41 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 18:41 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 18:41 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 18:41 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 18:41 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 18:41 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 18:41 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 18:41 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 18:41 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 18:41 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 18:41 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 18:41 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 18:41 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 18:41 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 18:41 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 18:41 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 18:41 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 18:41 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 18:41 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 18:41 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 18:41 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 18:41 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 18:41 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 18:41 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 18:41 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 18:41 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 18:41 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 18:41 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 18:41 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 18:41 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 18:41 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 18:41 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 18:41 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 18:41 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 18:41 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 18:41 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 18:41 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 18:41 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 18:41 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 18:41 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 18:41 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-10 11:10 - 2013-09-10 20:58 - 00000000 ____D C:\Users\David\Desktop\ESW

==================== One Month Modified Files and Folders =======

2013-09-30 18:08 - 2013-09-30 09:15 - 00027351 _____ C:\Users\David\Downloads\Addition.txt
2013-09-30 18:08 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfKLSPService
2013-09-30 18:08 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfK Internet-Monitor
2013-09-30 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-30 17:52 - 2012-11-10 22:21 - 01734633 _____ C:\Windows\WindowsUpdate.log
2013-09-30 17:50 - 2012-11-10 22:31 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176403951-1178010183-3754737978-1002
2013-09-30 13:00 - 2012-11-11 14:15 - 00000000 ____D C:\Users\David\Documents\DLS HANKO
2013-09-30 09:26 - 2013-09-30 09:26 - 00010949 _____ C:\Users\David\Downloads\gmer.txt
2013-09-30 09:19 - 2013-09-30 09:19 - 00377856 _____ C:\Users\David\Downloads\gmer_2.1.19163.exe
2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST
2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log
2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable
2013-09-30 09:09 - 2012-11-10 22:21 - 00000000 ____D C:\Users\David
2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe
2013-09-30 08:57 - 2012-10-16 12:46 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-30 08:57 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-30 08:57 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-09-30 08:56 - 2013-09-29 01:37 - 00000000 ____D C:\AdwCleaner
2013-09-30 08:42 - 2013-08-22 22:05 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-30 00:23 - 2013-09-22 15:16 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft
2013-09-29 14:27 - 2012-11-12 19:09 - 00000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2013-09-29 14:27 - 2012-10-16 08:30 - 00820374 _____ C:\Windows\PFRO.log
2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt
2013-09-29 01:49 - 2013-09-29 01:48 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt
2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe
2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 01:38 - 2012-11-10 22:23 - 00000000 ___RD C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe
2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe
2013-09-28 17:39 - 2013-09-22 22:11 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db
2013-09-28 16:08 - 2012-12-21 23:33 - 00000000 ____D C:\ProgramData\ashampoo
2013-09-28 16:07 - 2013-09-28 14:12 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-09-28 14:09 - 2013-08-17 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-26 18:31 - 2012-12-31 02:10 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-26 08:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-25 19:24 - 2012-07-26 12:27 - 00752930 _____ C:\Windows\system32\perfh007.dat
2013-09-25 19:24 - 2012-07-26 12:27 - 00156156 _____ C:\Windows\system32\perfc007.dat
2013-09-25 19:24 - 2012-07-26 09:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-25 00:07 - 2013-09-24 23:53 - 64079267 _____ C:\Users\David\Downloads\Misa.zip
2013-09-24 19:19 - 2013-09-24 19:11 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi
2013-09-24 19:14 - 2013-09-24 19:10 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk
2013-09-24 19:14 - 2013-09-24 19:10 - 00000000 ____D C:\ProgramData\RavensburgerTipToi
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2013-09-24 19:10 - 2012-07-26 09:21 - 00043732 _____ C:\Windows\setupact.log
2013-09-23 00:14 - 2013-09-22 23:59 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip
2013-09-23 00:07 - 2013-09-22 23:58 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip
2013-09-23 00:02 - 2013-09-23 00:00 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip
2013-09-22 15:37 - 2013-09-22 15:34 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip
2013-09-22 15:34 - 2013-09-22 15:31 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip
2013-09-22 15:12 - 2013-09-22 15:09 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip
2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213
2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe
2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip
2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar
2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar
2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-22 12:37 - 2012-10-16 12:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-21 10:57 - 2013-09-21 10:43 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip
2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk
2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip
2013-09-21 10:29 - 2013-09-21 10:28 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar
2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip
2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe
2013-09-20 07:16 - 2012-11-13 02:02 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2013-09-19 01:26 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 01:26 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-15 22:02 - 2013-09-15 21:59 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk
2013-09-15 22:02 - 2013-05-12 11:43 - 00000000 ____D C:\ProgramData\Steam
2013-09-15 22:02 - 2012-12-09 02:18 - 00000000 ____D C:\Users\David\Documents\My Games
2013-09-15 18:00 - 2012-11-18 18:43 - 00000000 ____D C:\Users\David\Desktop\Hockeyprogramme
2013-09-15 17:59 - 2013-09-15 17:58 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip
2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk
2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13
2013-09-15 17:46 - 2012-11-16 18:41 - 00000000 ____D C:\Users\David\Documents\FUSSBALL MANAGER 13
2013-09-15 17:40 - 2012-11-11 03:03 - 00182162 _____ C:\Windows\DirectX.log
2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect
2013-09-15 17:26 - 2012-10-16 08:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-15 17:04 - 2013-09-15 17:03 - 02256056 _____ C:\Users\David\Downloads\PW.zip
2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 10:58 - 2013-09-22 12:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-12 10:58 - 2013-09-22 12:34 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 00022814 _____ C:\Windows\system32\nvinfo.pb
2013-09-12 10:58 - 2012-07-25 22:22 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-12 09:25 - 2012-10-16 12:46 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-12 09:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-12 08:28 - 2012-11-21 19:08 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-12 08:10 - 2012-11-20 22:09 - 00000000 ____D C:\Users\David\AppData\Roaming\TS3Client
2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-12 08:03 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-12 00:06 - 2012-10-16 12:46 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-09-11 19:47 - 2013-08-14 08:05 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 19:46 - 2012-12-12 07:50 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 20:58 - 2013-09-10 11:10 - 00000000 ____D C:\Users\David\Desktop\ESW
2013-09-03 21:08 - 2012-11-12 20:52 - 00000000 ____D C:\Users\David\Documents\Euro Truck Simulator 2

Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\$avantbrowser$.update.exe
C:\Users\David\AppData\Local\Temp\apptorun.exe
C:\Users\David\AppData\Local\Temp\COMAP.EXE
C:\Users\David\AppData\Local\Temp\DivXSetup.exe
C:\Users\David\AppData\Local\Temp\DTLite4471-0333.exe
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\David\AppData\Local\Temp\Gw2.exe
C:\Users\David\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\David\AppData\Local\Temp\MSETUP4.EXE
C:\Users\David\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\David\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\David\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\David\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\David\AppData\Local\Temp\nvStInit.dll
C:\Users\David\AppData\Local\Temp\nvStInit64.dll
C:\Users\David\AppData\Local\Temp\nvStInst.exe
C:\Users\David\AppData\Local\Temp\oi_{1847C19F-3FB8-483C-A7AD-CA92D7E9E5BB}.exe
C:\Users\David\AppData\Local\Temp\PanelPlusNotify.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\Uninstaller-2636.exe
C:\Users\David\AppData\Local\Temp\Uninstaller-5564.exe
C:\Users\David\AppData\Local\Temp\Uninstaller-7012.exe
C:\Users\David\AppData\Local\Temp\xmlUpdater.exe
C:\Users\David\AppData\Local\Temp\_inst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-29 11:30

==================== End Of Log ============================
         
--- --- ---


Alt 30.09.2013, 17:23   #6
aharonov
/// TB-Ausbilder
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



ok.


Schritt 1

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 2

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.
__________________
--> "Monstermarketplace" - Trojaner

Alt 30.09.2013, 17:43   #7
DavidH.
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



ADW Cleaner.log

Code:
ATTFilter
# AdwCleaner v3.005 - Bericht erstellt am 30/09/2013 um 18:28:46
# Updated 22/09/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : David - PAPAMASCHIENE
# Gestartet von : C:\Users\David\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\foxydeal.sqlite

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16688


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.DivXWebPlayer@divx.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,admin%40proxy-listen.de:1.0.4.5,IpsosPanelPlus%40ipsosinteractive.com:5.3.5,ich%40maltegoetz.de:1.5.2,Noia4Options%40ArisT2:1.[...]

[ Datei : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_435771\prefs.js ]


*************************

AdwCleaner[R0].txt - [16472 octets] - [29/09/2013 01:37:07]
AdwCleaner[R1].txt - [5005 octets] - [30/09/2013 08:49:37]
AdwCleaner[R2].txt - [1541 octets] - [30/09/2013 18:28:27]
AdwCleaner[S0].txt - [14178 octets] - [29/09/2013 01:38:30]
AdwCleaner[S1].txt - [5066 octets] - [30/09/2013 08:56:18]
AdwCleaner[S2].txt - [1462 octets] - [30/09/2013 18:28:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1522 octets] ##########
         
FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by David (administrator) on PAPAMASCHIENE on 30-09-2013 18:33:57
Running from C:\Users\David\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
(GfK) C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(PixArt Imaging Incorporation) C:\Windows\Philips\SPC500NC\Monitor.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Ipsos) C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
() C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [SPC500NC_Monitor] - C:\Windows\Philips\SPC500NC\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Panel+] - C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe [140880 2013-02-21] (Ipsos)
MountPoints2: {56c54f68-2ba2-11e2-be87-902b349f0328} - "J:\Launcher.exe" 
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [RoccatKoneXTD] - C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [558944 2012-11-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [GfK-WatchDog] - C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2013-07-15] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL [253816 2013-03-12] ()
AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [ ] ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

ProxyServer: http=localhost:44413
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms}
SearchScopes: HKLM-x32 - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Winsock: Catalog9 01 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9 15 C:\Windows\system32\GfKLSPService.DLL File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 02 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 03 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 04 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Winsock: Catalog9-x64 15 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default
FF NewTab: about:home
FF Homepage: about:home
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin HKCU: @IpsosPanelPlus@ipsosinteractive.com - C:\Users\David\AppData\Local\Panel+\toolbar_ff\plugins\npIpsosCommPlugin.dll (IDM)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: pricealarm - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\ich@maltegoetz.de
FF Extension: admin - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\admin@proxy-listen.de.xpi
FF Extension: DivXWebPlayer - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\DivXWebPlayer@divx.com.xpi
FF Extension: nasanightlaunch - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: Noia4Options - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\Noia4Options@ArisT2.xpi
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor
FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor
FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF Extension: No Name - C:\Program Files (x86)\Browser Guard\browserguard.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [IpsosPanelPlus@ipsosinteractive.com] - C:\Users\David\AppData\Local\Panel+\toolbar_ff\
FF Extension: Panel+ - C:\Users\David\AppData\Local\Panel+\toolbar_ff\

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-13] (Adobe Systems)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3019752 2013-07-15] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1376232 2013-07-15] ()
R2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2013-07-15] (GfK)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-04-06] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R3 SPC500NC; C:\Windows\system32\DRIVERS\SPC500NC.SYS [481280 2007-06-21] (PixArt Imaging Inc.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-30 09:26 - 2013-09-30 09:26 - 00010949 _____ C:\Users\David\Downloads\gmer.txt
2013-09-30 09:19 - 2013-09-30 09:19 - 00377856 _____ C:\Users\David\Downloads\gmer_2.1.19163.exe
2013-09-30 09:15 - 2013-09-30 18:18 - 00027290 _____ C:\Users\David\Downloads\Addition.txt
2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST
2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log
2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable
2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe
2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt
2013-09-29 01:48 - 2013-09-29 01:49 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt
2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe
2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 01:37 - 2013-09-30 18:28 - 00000000 ____D C:\AdwCleaner
2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe
2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-09-28 14:12 - 2013-09-28 16:07 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-28 14:09 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-24 23:53 - 2013-09-25 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa.zip
2013-09-24 19:11 - 2013-09-24 19:19 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi
2013-09-24 19:10 - 2013-09-24 19:14 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk
2013-09-24 19:10 - 2013-09-24 19:14 - 00000000 ____D C:\ProgramData\RavensburgerTipToi
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2013-09-23 00:00 - 2013-09-23 00:02 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip
2013-09-22 23:59 - 2013-09-23 00:14 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip
2013-09-22 23:58 - 2013-09-23 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip
2013-09-22 22:11 - 2013-09-28 17:39 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db
2013-09-22 15:34 - 2013-09-22 15:37 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip
2013-09-22 15:31 - 2013-09-22 15:34 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip
2013-09-22 15:16 - 2013-09-30 00:23 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft
2013-09-22 15:09 - 2013-09-22 15:12 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip
2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213
2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe
2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip
2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar
2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar
2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-22 12:34 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-22 12:34 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-22 12:34 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-22 12:34 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-09-22 12:34 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk
2013-09-21 10:43 - 2013-09-21 10:57 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip
2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip
2013-09-21 10:28 - 2013-09-21 10:29 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar
2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip
2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe
2013-09-15 21:59 - 2013-09-15 22:02 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk
2013-09-15 17:58 - 2013-09-15 17:59 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip
2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk
2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13
2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect
2013-09-15 17:03 - 2013-09-15 17:04 - 02256056 _____ C:\Users\David\Downloads\PW.zip
2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-11 18:43 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 18:43 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 18:43 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 18:43 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 18:43 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 18:43 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 18:43 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 18:43 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 18:43 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 18:43 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 18:43 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 18:43 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 18:43 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 18:42 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 18:42 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 18:42 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 18:42 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 18:42 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 18:42 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 18:42 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 18:42 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 18:42 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 18:42 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 18:42 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-09-11 18:41 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-09-11 18:41 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 18:41 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 18:41 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 18:41 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 18:41 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 18:41 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 18:41 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 18:41 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 18:41 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 18:41 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 18:41 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 18:41 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 18:41 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 18:41 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 18:41 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 18:41 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 18:41 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 18:41 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 18:41 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 18:41 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 18:41 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 18:41 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 18:41 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 18:41 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 18:41 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 18:41 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 18:41 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 18:41 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 18:41 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 18:41 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 18:41 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 18:41 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 18:41 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 18:41 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 18:41 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 18:41 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 18:41 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 18:41 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 18:41 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 18:41 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 18:41 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 18:41 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 18:41 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-10 11:10 - 2013-09-10 20:58 - 00000000 ____D C:\Users\David\Desktop\ESW

==================== One Month Modified Files and Folders =======

2013-09-30 18:33 - 2012-11-10 22:21 - 01752347 _____ C:\Windows\WindowsUpdate.log
2013-09-30 18:30 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfKLSPService
2013-09-30 18:30 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfK Internet-Monitor
2013-09-30 18:29 - 2012-10-16 12:46 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-30 18:29 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-30 18:28 - 2013-09-29 01:37 - 00000000 ____D C:\AdwCleaner
2013-09-30 18:28 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-09-30 18:18 - 2013-09-30 09:15 - 00027290 _____ C:\Users\David\Downloads\Addition.txt
2013-09-30 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-30 17:50 - 2012-11-10 22:31 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176403951-1178010183-3754737978-1002
2013-09-30 13:00 - 2012-11-11 14:15 - 00000000 ____D C:\Users\David\Documents\DLS HANKO
2013-09-30 09:26 - 2013-09-30 09:26 - 00010949 _____ C:\Users\David\Downloads\gmer.txt
2013-09-30 09:19 - 2013-09-30 09:19 - 00377856 _____ C:\Users\David\Downloads\gmer_2.1.19163.exe
2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST
2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log
2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable
2013-09-30 09:09 - 2012-11-10 22:21 - 00000000 ____D C:\Users\David
2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe
2013-09-30 08:42 - 2013-08-22 22:05 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-30 00:23 - 2013-09-22 15:16 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft
2013-09-29 14:27 - 2012-11-12 19:09 - 00000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2013-09-29 14:27 - 2012-10-16 08:30 - 00820374 _____ C:\Windows\PFRO.log
2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt
2013-09-29 01:49 - 2013-09-29 01:48 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt
2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe
2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 01:38 - 2012-11-10 22:23 - 00000000 ___RD C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe
2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe
2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe
2013-09-28 17:39 - 2013-09-22 22:11 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db
2013-09-28 16:08 - 2012-12-21 23:33 - 00000000 ____D C:\ProgramData\ashampoo
2013-09-28 16:07 - 2013-09-28 14:12 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec
2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-09-28 14:09 - 2013-08-17 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-26 18:31 - 2012-12-31 02:10 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-26 08:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-25 19:24 - 2012-07-26 12:27 - 00752930 _____ C:\Windows\system32\perfh007.dat
2013-09-25 19:24 - 2012-07-26 12:27 - 00156156 _____ C:\Windows\system32\perfc007.dat
2013-09-25 19:24 - 2012-07-26 09:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-25 00:07 - 2013-09-24 23:53 - 64079267 _____ C:\Users\David\Downloads\Misa.zip
2013-09-24 19:19 - 2013-09-24 19:11 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi
2013-09-24 19:14 - 2013-09-24 19:10 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk
2013-09-24 19:14 - 2013-09-24 19:10 - 00000000 ____D C:\ProgramData\RavensburgerTipToi
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2013-09-24 19:10 - 2012-07-26 09:21 - 00043732 _____ C:\Windows\setupact.log
2013-09-23 00:14 - 2013-09-22 23:59 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip
2013-09-23 00:07 - 2013-09-22 23:58 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip
2013-09-23 00:02 - 2013-09-23 00:00 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip
2013-09-22 15:37 - 2013-09-22 15:34 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip
2013-09-22 15:34 - 2013-09-22 15:31 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip
2013-09-22 15:12 - 2013-09-22 15:09 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip
2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213
2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe
2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip
2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar
2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar
2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-22 12:37 - 2012-10-16 12:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-09-21 10:57 - 2013-09-21 10:43 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip
2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk
2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip
2013-09-21 10:29 - 2013-09-21 10:28 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar
2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip
2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe
2013-09-20 07:16 - 2012-11-13 02:02 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2013-09-19 01:26 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 01:26 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-15 22:02 - 2013-09-15 21:59 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk
2013-09-15 22:02 - 2013-05-12 11:43 - 00000000 ____D C:\ProgramData\Steam
2013-09-15 22:02 - 2012-12-09 02:18 - 00000000 ____D C:\Users\David\Documents\My Games
2013-09-15 18:00 - 2012-11-18 18:43 - 00000000 ____D C:\Users\David\Desktop\Hockeyprogramme
2013-09-15 17:59 - 2013-09-15 17:58 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip
2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk
2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13
2013-09-15 17:46 - 2012-11-16 18:41 - 00000000 ____D C:\Users\David\Documents\FUSSBALL MANAGER 13
2013-09-15 17:40 - 2012-11-11 03:03 - 00182162 _____ C:\Windows\DirectX.log
2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect
2013-09-15 17:26 - 2012-10-16 08:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-15 17:04 - 2013-09-15 17:03 - 02256056 _____ C:\Users\David\Downloads\PW.zip
2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 10:58 - 2013-09-22 12:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-12 10:58 - 2013-09-22 12:34 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-12 10:58 - 2013-09-22 12:34 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-09-12 10:58 - 2012-10-16 12:46 - 00022814 _____ C:\Windows\system32\nvinfo.pb
2013-09-12 10:58 - 2012-07-25 22:22 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-12 09:25 - 2012-10-16 12:46 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-12 09:25 - 2012-10-16 12:46 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-12 09:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-12 08:28 - 2012-11-21 19:08 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-12 08:10 - 2012-11-20 22:09 - 00000000 ____D C:\Users\David\AppData\Roaming\TS3Client
2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-12 08:03 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-12 00:06 - 2012-10-16 12:46 - 03361114 _____ C:\Windows\system32\nvcoproc.bin
2013-09-11 19:47 - 2013-08-14 08:05 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 19:46 - 2012-12-12 07:50 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 20:58 - 2013-09-10 11:10 - 00000000 ____D C:\Users\David\Desktop\ESW
2013-09-03 21:08 - 2012-11-12 20:52 - 00000000 ____D C:\Users\David\Documents\Euro Truck Simulator 2

Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\$avantbrowser$.update.exe
C:\Users\David\AppData\Local\Temp\apptorun.exe
C:\Users\David\AppData\Local\Temp\COMAP.EXE
C:\Users\David\AppData\Local\Temp\DivXSetup.exe
C:\Users\David\AppData\Local\Temp\DTLite4471-0333.exe
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\David\AppData\Local\Temp\Gw2.exe
C:\Users\David\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\David\AppData\Local\Temp\MSETUP4.EXE
C:\Users\David\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\David\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\David\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\David\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\David\AppData\Local\Temp\nvStInit.dll
C:\Users\David\AppData\Local\Temp\nvStInit64.dll
C:\Users\David\AppData\Local\Temp\nvStInst.exe
C:\Users\David\AppData\Local\Temp\oi_{1847C19F-3FB8-483C-A7AD-CA92D7E9E5BB}.exe
C:\Users\David\AppData\Local\Temp\PanelPlusNotify.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\Uninstaller-2636.exe
C:\Users\David\AppData\Local\Temp\Uninstaller-5564.exe
C:\Users\David\AppData\Local\Temp\Uninstaller-7012.exe
C:\Users\David\AppData\Local\Temp\xmlUpdater.exe
C:\Users\David\AppData\Local\Temp\_inst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-29 11:30

==================== End Of Log ============================
         
--- --- ---

Alt 30.09.2013, 18:29   #8
aharonov
/// TB-Ausbilder
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



Welche Probleme bestehen jetzt konkret noch?
__________________
cheers,
Leo

Alt 30.09.2013, 18:42   #9
DavidH.
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



also habe jetzt zudem noch diese besagt firefox addon gelöscht und nun sind die Probleme erstmal weg. Wie gesagt habe das selbe ja gestern auch getan und heute war es wieder da. Werde mal sehen ob ich morgen wieder diese Probleme habe und melde mich dann.

Alt 01.10.2013, 15:02   #10
aharonov
/// TB-Ausbilder
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



Alles klar.
__________________
cheers,
Leo

Alt 13.10.2013, 12:40   #11
aharonov
/// TB-Ausbilder
 
"Monstermarketplace" - Trojaner - Standard

"Monstermarketplace" - Trojaner



Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu "Monstermarketplace" - Trojaner
beschädigung, black, browser, converter, cpu, defender, desktop, euro, farbar, farbar recovery scan tool, fehler, firefox, flash player, frage, help, homepage, installation, launch, nicht möglich, photoshop, programm, registry, richtlinie, scan, security, services.exe, software, sprotection, svchost.exe, temp, trojaner, windows, windows xp



Ähnliche Themen: "Monstermarketplace" - Trojaner


  1. "Suspicious.Cloud.9" (Trojaner) und "SAPE.DnwldSponsor.2" (Virus?, vielleicht False Positive)
    Plagegeister aller Art und deren Bekämpfung - 22.08.2015 (23)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. Trojaner-Warnung! Im Betreff: "Die Zahlung fur…" und "Dankeschon fur das Einkaufen mit uns heute! Ihre Bestellung wird derzeit verarbeitet."
    Diskussionsforum - 25.07.2014 (0)
  4. Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (77)
  5. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  6. "Antiviren Werbung" "Langsamer PC" "PC stürzt ab" Banner und Popups beim surfen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (28)
  7. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  8. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  9. Gerade GVU Trojaner mit Webcam "gehabt", ist es wirklich dank Malewarebytes weg? Wo ist die "Lücke"?
    Plagegeister aller Art und deren Bekämpfung - 10.08.2012 (23)
  10. Startseite fehlerhaft, stets "NatWest" (www.nwolb.com) Trojaner "Trojan.ZBotR.Gen" gefunden
    Log-Analyse und Auswertung - 02.04.2012 (28)
  11. Trojaner "Es besteht keine Internetverbindung" - "REATOGO X-PE Desktop" wird nicht angezeigt
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (19)
  12. Öffentliches Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Netzwerk und Hardware - 02.05.2011 (14)
  13. Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Alles rund um Windows - 16.04.2011 (0)
  14. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  15. Beheben des Problems "kein Internet"/"rsvp32_2.dll"/"Can't load library from memory"
    Plagegeister aller Art und deren Bekämpfung - 25.03.2007 (22)
  16. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)
  17. eTrust fand "einen" Trojaner, danach AntiVir noch "vier"..!!??
    Plagegeister aller Art und deren Bekämpfung - 26.12.2005 (5)

Zum Thema "Monstermarketplace" - Trojaner - wie schon das Thema sagt habe ich mir den Monstermarketplace Trojaner eingefangen. Es werden mir also imerzu im Browser Worter als Verlinkungen angezeigt und wenn darauf kommt öffnet sich ein - "Monstermarketplace" - Trojaner...
Archiv
Du betrachtest: "Monstermarketplace" - Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.