|
Log-Analyse und Auswertung: "Monstermarketplace" - TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.09.2013, 08:37 | #1 |
| "Monstermarketplace" - Trojaner wie schon das Thema sagt habe ich mir den Monstermarketplace Trojaner eingefangen. Es werden mir also imerzu im Browser Worter als Verlinkungen angezeigt und wenn darauf kommt öffnet sich ein kleines Fenster mit der Frage pb man dies sucht usw.. Habe mich an die Anleitung gehalten und hier sind meine bisherigen Logfiles. Als erstes die Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02 Ran by David at 2013-09-30 09:15:01 Running from C:\Users\David\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: ESET Smart Security 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Personal Firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} ==================== Installed Programs ====================== µTorrent (x32 Version: 3.2.1.28086) Adobe Bridge 1.0 (x32 Version: 001.000.001) Adobe Common File Installer (x32 Version: 1.00.001) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Help Center 1.0 (x32 Version: 1.0.1) Adobe Photoshop CS2 (x32 Version: 9.0) Adobe Stock Photos 1.0 (x32 Version: 1.0.1) Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17) ANNO 2070 - Complete Edition (x32 Version: 2.00.7780) Any Video Converter 3.5.8 (x32) Apple Application Support (x32 Version: 2.3) Apple Software Update (x32 Version: 2.1.3.127) Ashampoo Burning Studio 6 FREE v.6.81 (x32 Version: 6.8.1) Ashampoo Burning Studio 6 FREE v.6.84 (x32 Version: 6.8.4) Battlefield 3 (x32 Version: v1.0) Biet-O-Matic v2.14.12 (x32 Version: 2.14.12) BioShock Infinite (x32) Browser Guard (x32) Call of Duty: Black Ops (x32) Canon Easy-PhotoPrint EX (x32) Canon Easy-WebPrint EX (x32) Canon MG5200 series MP Drivers Canon MP Navigator EX 4.0 (x32) Canon My Printer (x32) Canon Solution Menu EX (x32) CCleaner (Version: 4.00) Coby Media Manager (x32 Version: 1.0.6316) CyberLink PowerDVD 10 (x32 Version: 10.0.4427.02) DAEMON Tools Lite (x32 Version: 4.47.1.0333) Diablo III (x32 Version: 1.0.8.16603) DivX-Setup (x32 Version: 2.6.1.22) DmC: Devil May Cry (x32 Version: 1.0) ESET Smart Security (Version: 5.2.9.12) Farming Simulator 2013 (x32) FIFA Manager 13 (x32 Version: 1.0.4.0) FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2) Game of Thrones - Blood_Bound Version 1.0.0.0 (x32 Version: 1.0.0.0) Game of Thrones Version 1.4.2.0 (x32 Version: 1.4.2.0) GeForce Experience NvStream Client Components (Version: 0.1.87) GfK Internet-Monitor (x32 Version: 12.6.186) GIMP 2.6.11 (x32 Version: 2.6.11) Grand Theft Auto IV (x32 Version: 1.0.0013.131) Guild Wars 2 (x32) Intel(R) Management Engine Components (x32 Version: 8.1.0.1281) Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel® Trusted Connect Service Client (Version: 1.24.738.1) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 9 (64-bit) (Version: 7.0.90) Java Auto Updater (x32 Version: 2.1.9.5) Java SE Development Kit 7 Update 9 (64-bit) (Version: 1.7.0.90) KeePass Password Safe 1.24 (x32 Version: 1.24) LEGO® Der Herr der Ringe™ (x32 Version: 1.0.0.0) Logitech Gaming Software (Version: 8.40.83) Logitech Gaming Software 8.40 (Version: 8.40.83) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.0.0) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0) Microsoft Office (x32 Version: 14.0.6120.5004) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft VC9 runtime libraries (x32 Version: 2.0.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610) Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) Neverwinter (x32) Notepad++ (x32 Version: 6.2.3) NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01) NVIDIA 3D Vision Treiber 327.23 (Version: 327.23) NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1) NVIDIA Grafiktreiber 327.23 (Version: 327.23) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.902) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723) NVIDIA Systemsteuerung 327.23 (Version: 327.23) NVIDIA Update 8.3.14 (Version: 8.3.14) NVIDIA Update Components (Version: 8.3.14) NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5) OpenAL (x32) OpenOffice.org 3.4.1 (x32 Version: 3.41.9593) Outlast (x32 Version: 1) Panel+ (x32 Version: 5.3.5) PDFCreator (x32 Version: 1.6.2) Peggle Deluxe (x32) PlanetSide 2 (HKCU Version: 1.0.3.183) PlanetSide 2 (x32) QuickTime (x32 Version: 7.74.80.86) Ravensburger tiptoi (x32) RCT3 Soaked (x32 Version: 1.00.000) Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662) ROCCAT Kone XTD Mouse Driver (x32) RollerCoaster Tycoon 3 (x32 Version: 1.00.000) Saints Row IV (x32 Version: 1.0.5.0) SHIELD Streaming (Version: 1.05.28) Steam (x32 Version: 1.0.0.0) TeamSpeak 3 Client (Version: 3.0.6) Tomb Raider (x32) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0) Winamp (x32 Version: 5.64 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Utils (x32) WinRAR 4.20 (64-Bit) (Version: 4.20.0) XAMPP 1.8.1 (x32) ==================== Restore Points ========================= 15-09-2013 15:23:34 Entfernt Grand Theft Auto IV 23-09-2013 06:56:11 Geplanter Prüfpunkt 28-09-2013 12:12:55 Free YouTube Download Manager 30-09-2013 06:41:59 Free YouTube Download Manager ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {17CD5477-30AB-400E-BDE3-31EC573F96ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {38621F5A-BA98-451C-B665-BB48BF911D92} - \Software Updater No Task File Task: {407B5460-3BF9-4D3E-9EE0-4B79DCCB2A18} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation) Task: {45FF9BF5-CE8C-4665-A638-2830D7C893ED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {C0C56FF8-EE49-4AC9-835C-60E08C59028F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation) ==================== Loaded Modules (whitelisted) ============= 2013-06-01 11:04 - 2013-06-01 11:05 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2013-09-01 00:06 - 2013-09-01 00:06 - 01179136 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\9fbc5975a21c5638ba05f81b9febfaee\Windows.UI.ni.dll 2013-01-24 01:05 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll 2013-07-23 18:01 - 2013-07-15 09:09 - 02180584 _____ () C:\Program Files (x86)\gfklspservice\pcproxydll.dll 2013-02-21 16:18 - 2013-02-21 16:18 - 00032768 _____ () C:\Users\David\AppData\Local\Panel+\service\TrotiNet.dll 2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2012-12-21 17:27 - 2012-06-17 12:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll 2013-08-17 11:13 - 2013-08-17 11:13 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-08-15 08:39 - 2013-08-15 08:39 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\26def6ab53d268e53635f2a61a1b2ed3\PSIClient.ni.dll 2012-10-16 10:42 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/30/2013 08:42:16 AM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden. Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000015C,0x00530194,0000000000000000,0,00000090E0540080,4096,[0]). Vorgang: Schattenkopien abfragen Error: (09/29/2013 11:24:37 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/29/2013 11:24:36 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/29/2013 11:24:32 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/29/2013 11:24:24 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/29/2013 01:47:19 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/24/2013 08:53:12 AM) (Source: Application Hang) (User: ) Description: Programm firefox.exe, Version 23.0.1.4974 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1d2c Startzeit: 01ceb8ef1f0e7243 Endzeit: 25 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Berichts-ID: f8adf979-24e5-11e3-bf04-902b349f0328 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (09/24/2013 08:15:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: PAPAMASCHIENE) Description: Das Paket „microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe“ wurde beendet, da das Anhalten zu lange dauerte. Error: (09/22/2013 02:10:57 PM) (Source: NVIDIA OpenGL Driver) (User: ) Description: The NVIDIA OpenGL driver detected a problem with the display driver and is unable to continue. The application must close. Error code: 3 Visit hxxp://www.nvidia.com/page/support.html for more information. Error: (09/22/2013 00:31:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PAPAMASCHIENE) Description: Bei der Aktivierung der App „Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. System errors: ============= Error: (09/28/2013 02:12:53 PM) (Source: Service Control Manager) (User: ) Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/28/2013 02:12:36 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (09/25/2013 07:05:22 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/25/2013 07:05:22 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (09/25/2013 10:01:20 AM) (Source: Ntfs) (User: NT-AUTORITÄT) Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt. Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Error: (09/25/2013 10:01:13 AM) (Source: Ntfs) (User: NT-AUTORITÄT) Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt. Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Error: (09/24/2013 08:18:59 AM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 24.09.2013 um 08:14:10 unerwartet heruntergefahren. Error: (09/23/2013 08:57:51 AM) (Source: Ntfs) (User: NT-AUTORITÄT) Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt. Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Error: (09/23/2013 08:56:08 AM) (Source: Ntfs) (User: NT-AUTORITÄT) Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt. Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Error: (09/22/2013 00:29:33 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 22.09.2013 um 12:27:44 unerwartet heruntergefahren. Microsoft Office Sessions: ========================= Error: (09/30/2013 08:42:16 AM) (Source: VSS)(User: ) Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000015C,0x00530194,0000000000000000,0,00000090E0540080,4096,[0]) Vorgang: Schattenkopien abfragen Error: (09/29/2013 11:24:37 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/29/2013 11:24:36 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/29/2013 11:24:32 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/29/2013 11:24:24 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/29/2013 01:47:19 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/24/2013 08:53:12 AM) (Source: Application Hang)(User: ) Description: firefox.exe23.0.1.49741d2c01ceb8ef1f0e724325C:\Program Files (x86)\Mozilla Firefox\firefox.exef8adf979-24e5-11e3-bf04-902b349f0328 Error: (09/24/2013 08:15:35 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: PAPAMASCHIENE) Description: microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe Error: (09/22/2013 02:10:57 PM) (Source: NVIDIA OpenGL Driver)(User: ) Description: The NVIDIA OpenGL driver detected a problem with the display driver and is unable to continue. The application must close. Error code: 3 Visit hxxp://www.nvidia.com/page/support.html for more information. Error: (09/22/2013 00:31:10 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PAPAMASCHIENE) Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2144927142 ==================== Memory info =========================== Percentage of memory in use: 29% Total physical RAM: 8134.25 MB Available physical RAM: 5739.94 MB Total Pagefile: 9350.25 MB Available Pagefile: 6809.17 MB Total Virtual: 8192 MB Available Virtual: 8191.71 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:916.35 GB) (Free:823.31 GB) NTFS Drive f: (Volume) (Fixed) (Total:931.51 GB) (Free:350.29 GB) NTFS Drive g: (Outlast) (CDROM) (Total:3.49 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 241ACCFA) Partition: GPT Partition Type ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 01C974AF) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02 Ran by David (administrator) on PAPAMASCHIENE on 30-09-2013 09:11:12 Running from C:\Users\David\Downloads Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe (GfK) C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (PixArt Imaging Incorporation) C:\Windows\Philips\SPC500NC\Monitor.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Ipsos) C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe () C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe\KeePass.exe (Microsoft Corporation) C:\Windows\system32\wwahost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET) HKLM\...\Run: [SPC500NC_Monitor] - C:\Windows\Philips\SPC500NC\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.) HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Panel+] - C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe [140880 2013-02-21] (Ipsos) MountPoints2: {56c54f68-2ba2-11e2-be87-902b349f0328} - "J:\Launcher.exe" MountPoints2: {6e2b7242-9e9e-11e2-bec9-902b349f0328} - "G:\setup.exe" HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation) HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] () HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] () HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.) HKLM-x32\...\Run: [RoccatKoneXTD] - C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [558944 2012-11-30] (ROCCAT GmbH) HKLM-x32\...\Run: [GfK-WatchDog] - C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2013-07-15] () HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL [253816 2013-03-12] () AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [ ] () Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== ProxyServer: http=localhost:44413 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms} SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=1&dbCode=1&command={searchTerms} SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms} SearchScopes: HKLM-x32 - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Winsock: Catalog9 01 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 02 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 03 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 04 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 15 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9-x64 01 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 02 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 03 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 04 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 15 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default FF NewTab: about:home FF Homepage: about:home FF NetworkProxy: "type", 1 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin HKCU: @IpsosPanelPlus@ipsosinteractive.com - C:\Users\David\AppData\Local\Panel+\toolbar_ff\plugins\npIpsosCommPlugin.dll (IDM) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.) FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\aol-suche.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com FF Extension: pricealarm - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\ich@maltegoetz.de FF Extension: admin - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\admin@proxy-listen.de.xpi FF Extension: DivXWebPlayer - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\DivXWebPlayer@divx.com.xpi FF Extension: nasanightlaunch - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\nasanightlaunch@example.com.xpi FF Extension: Noia4Options - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\Noia4Options@ArisT2.xpi FF Extension: YoutubeDownloader - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi FF Extension: No Name - C:\Program Files (x86)\Browser Guard\browserguard.xpi FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKCU\...\Firefox\Extensions: [IpsosPanelPlus@ipsosinteractive.com] - C:\Users\David\AppData\Local\Panel+\toolbar_ff\ FF Extension: Panel+ - C:\Users\David\AppData\Local\Panel+\toolbar_ff\ ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-13] (Adobe Systems) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET) R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3019752 2013-07-15] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1376232 2013-07-15] () R2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2013-07-15] (GfK) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-04-06] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET) S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider) S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) R3 SPC500NC; C:\Windows\system32\DRIVERS\SPC500NC.SYS [481280 2007-06-21] (PixArt Imaging Inc.) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe 2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST 2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log 2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable 2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe 2013-09-29 14:18 - 2013-09-29 14:18 - 00000643 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD.torrent 2013-09-29 14:15 - 2013-09-29 14:15 - 00003939 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Incl.Patch-MeGaHeRTZ.torrent 2013-09-29 13:57 - 2013-09-29 13:57 - 00001080 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-29 13:57 - 2013-09-29 13:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-29 13:57 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt 2013-09-29 01:48 - 2013-09-29 01:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt 2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe 2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT 2013-09-29 01:37 - 2013-09-30 08:56 - 00000000 ____D C:\AdwCleaner 2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe 2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe 2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard 2013-09-28 14:12 - 2013-09-28 16:07 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-28 14:09 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe 2013-09-28 14:05 - 2013-09-28 14:05 - 00735880 _____ C:\Users\David\Downloads\youtube-dlm_1.0_de-DE.exe 2013-09-24 23:53 - 2013-09-25 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa.zip 2013-09-24 19:11 - 2013-09-24 19:19 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi 2013-09-24 19:10 - 2013-09-24 19:14 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk 2013-09-24 19:10 - 2013-09-24 19:14 - 00000000 ____D C:\ProgramData\RavensburgerTipToi 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi 2013-09-23 00:00 - 2013-09-23 00:02 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip 2013-09-22 23:59 - 2013-09-23 00:14 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip 2013-09-22 23:58 - 2013-09-23 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip 2013-09-22 22:11 - 2013-09-28 17:39 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db 2013-09-22 15:34 - 2013-09-22 15:37 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip 2013-09-22 15:31 - 2013-09-22 15:34 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip 2013-09-22 15:16 - 2013-09-30 00:23 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft 2013-09-22 15:09 - 2013-09-22 15:12 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip 2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213 2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe 2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip 2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar 2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar 2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2013-09-22 12:34 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-22 12:34 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-22 12:34 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2013-09-22 12:34 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk 2013-09-21 10:43 - 2013-09-21 10:57 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip 2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip 2013-09-21 10:28 - 2013-09-21 10:29 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar 2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip 2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe 2013-09-15 21:59 - 2013-09-15 22:02 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk 2013-09-15 17:58 - 2013-09-15 17:59 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip 2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk 2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13 2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect 2013-09-15 17:03 - 2013-09-15 17:04 - 02256056 _____ C:\Users\David\Downloads\PW.zip 2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 20:36 - 2013-09-12 20:36 - 00023773 _____ C:\Users\David\Downloads\BTF-VA.-.German.Top.100.Single.Charts.16.09.2013.MP3.VBR.torrent 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-11 18:43 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2013-09-11 18:43 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2013-09-11 18:43 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-09-11 18:43 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2013-09-11 18:43 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2013-09-11 18:43 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2013-09-11 18:43 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2013-09-11 18:43 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-09-11 18:43 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2013-09-11 18:43 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll 2013-09-11 18:43 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll 2013-09-11 18:42 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-11 18:42 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-11 18:42 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-11 18:42 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-11 18:42 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-11 18:42 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-11 18:42 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-11 18:42 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-11 18:42 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2013-09-11 18:41 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll 2013-09-11 18:41 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-11 18:41 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2013-09-11 18:41 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-09-11 18:41 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-09-11 18:41 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll 2013-09-11 18:41 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2013-09-11 18:41 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2013-09-11 18:41 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll 2013-09-11 18:41 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll 2013-09-11 18:41 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-09-11 18:41 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-09-11 18:41 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-09-11 18:41 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2013-09-11 18:41 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-09-11 18:41 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-09-11 18:41 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-09-11 18:41 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2013-09-11 18:41 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml 2013-09-11 18:41 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe 2013-09-11 18:41 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe 2013-09-11 18:41 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-09-11 18:41 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-09-11 18:41 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2013-09-11 18:41 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-09-11 18:41 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2013-09-11 18:41 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2013-09-11 18:41 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-09-11 18:41 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-09-11 18:41 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2013-09-11 18:41 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2013-09-11 18:41 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2013-09-11 18:41 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2013-09-11 18:41 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2013-09-11 18:41 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-09-11 18:41 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-09-11 18:41 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-09-11 18:41 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-09-11 18:41 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-09-11 18:41 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-09-11 18:41 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-09-11 18:41 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-09-11 18:41 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-09-11 18:41 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2013-09-10 11:10 - 2013-09-10 20:58 - 00000000 ____D C:\Users\David\Desktop\ESW 2013-09-05 19:21 - 2013-09-05 19:21 - 00000000 ____D C:\Users\David\Downloads\ACE Wood V1.62 2013-09-05 19:18 - 2013-09-05 19:20 - 04407283 _____ C:\Users\David\Downloads\ACE Wood V1.62.zip 2013-09-05 19:01 - 2013-09-05 19:01 - 00000000 ____D C:\Users\David\Downloads\ACE Wood V1.61 2013-09-05 19:00 - 2013-09-05 19:01 - 04407177 _____ C:\Users\David\Downloads\ACE Wood V1.61.zip 2013-09-05 18:33 - 2013-09-05 18:33 - 00000000 ____D C:\Users\David\Downloads\AKAIO.1.9.0 2013-09-05 18:31 - 2013-09-05 18:32 - 05303571 _____ C:\Users\David\Downloads\AKAIO.1.9.0.zip 2013-09-03 00:10 - 2013-09-03 00:10 - 00066494 _____ C:\Users\David\Downloads\X-RayMod_v042.zip ==================== One Month Modified Files and Folders ======= 2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe 2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST 2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log 2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable 2013-09-30 09:09 - 2012-11-10 22:21 - 00000000 ____D C:\Users\David 2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe 2013-09-30 09:03 - 2012-11-10 22:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176403951-1178010183-3754737978-1002 2013-09-30 09:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-30 08:58 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfKLSPService 2013-09-30 08:58 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfK Internet-Monitor 2013-09-30 08:57 - 2012-10-16 12:46 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-30 08:57 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-30 08:57 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI 2013-09-30 08:56 - 2013-09-29 01:37 - 00000000 ____D C:\AdwCleaner 2013-09-30 08:52 - 2012-11-10 22:21 - 01709076 _____ C:\Windows\WindowsUpdate.log 2013-09-30 08:42 - 2013-08-22 22:05 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-30 07:19 - 2012-11-11 14:15 - 00000000 ____D C:\Users\David\Documents\DLS HANKO 2013-09-30 00:23 - 2013-09-22 15:16 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft 2013-09-29 14:27 - 2012-11-12 19:09 - 00000000 ____D C:\Users\David\AppData\Roaming\uTorrent 2013-09-29 14:27 - 2012-10-16 08:30 - 00820374 _____ C:\Windows\PFRO.log 2013-09-29 14:18 - 2013-09-29 14:18 - 00000643 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Keygen.Only-BRD.torrent 2013-09-29 14:15 - 2013-09-29 14:15 - 00003939 _____ C:\Users\David\Downloads\BTF-Malwarebytes.Anti-Malware.Pro.v1.75.0.1300.Incl.Patch-MeGaHeRTZ.torrent 2013-09-29 13:57 - 2013-09-29 13:57 - 00001080 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-09-29 13:57 - 2013-09-29 13:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt 2013-09-29 01:49 - 2013-09-29 01:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt 2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe 2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT 2013-09-29 01:38 - 2012-11-10 22:23 - 00000000 ___RD C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe 2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe 2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe 2013-09-28 17:39 - 2013-09-22 22:11 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db 2013-09-28 16:08 - 2012-12-21 23:33 - 00000000 ____D C:\ProgramData\ashampoo 2013-09-28 16:07 - 2013-09-28 14:12 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard 2013-09-28 14:09 - 2013-08-17 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-28 14:05 - 2013-09-28 14:05 - 00735880 _____ C:\Users\David\Downloads\youtube-dlm_1.0_de-DE.exe 2013-09-26 18:31 - 2012-12-31 02:10 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-26 08:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-09-25 19:24 - 2012-07-26 12:27 - 00752930 _____ C:\Windows\system32\perfh007.dat 2013-09-25 19:24 - 2012-07-26 12:27 - 00156156 _____ C:\Windows\system32\perfc007.dat 2013-09-25 19:24 - 2012-07-26 09:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-25 00:07 - 2013-09-24 23:53 - 64079267 _____ C:\Users\David\Downloads\Misa.zip 2013-09-24 19:19 - 2013-09-24 19:11 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi 2013-09-24 19:14 - 2013-09-24 19:10 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk 2013-09-24 19:14 - 2013-09-24 19:10 - 00000000 ____D C:\ProgramData\RavensburgerTipToi 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi 2013-09-24 19:10 - 2012-07-26 09:21 - 00043732 _____ C:\Windows\setupact.log 2013-09-23 00:14 - 2013-09-22 23:59 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip 2013-09-23 00:07 - 2013-09-22 23:58 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip 2013-09-23 00:02 - 2013-09-23 00:00 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip 2013-09-22 15:37 - 2013-09-22 15:34 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip 2013-09-22 15:34 - 2013-09-22 15:31 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip 2013-09-22 15:12 - 2013-09-22 15:09 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip 2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213 2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe 2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip 2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar 2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar 2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-22 12:37 - 2012-10-16 12:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2013-09-21 10:57 - 2013-09-21 10:43 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip 2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk 2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip 2013-09-21 10:29 - 2013-09-21 10:28 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar 2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip 2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe 2013-09-20 07:16 - 2012-11-13 02:02 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps 2013-09-19 01:26 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-19 01:26 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-15 22:02 - 2013-09-15 21:59 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk 2013-09-15 22:02 - 2013-05-12 11:43 - 00000000 ____D C:\ProgramData\Steam 2013-09-15 22:02 - 2012-12-09 02:18 - 00000000 ____D C:\Users\David\Documents\My Games 2013-09-15 18:00 - 2012-11-18 18:43 - 00000000 ____D C:\Users\David\Desktop\Hockeyprogramme 2013-09-15 17:59 - 2013-09-15 17:58 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip 2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk 2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13 2013-09-15 17:46 - 2012-11-16 18:41 - 00000000 ____D C:\Users\David\Documents\FUSSBALL MANAGER 13 2013-09-15 17:40 - 2012-11-11 03:03 - 00182162 _____ C:\Windows\DirectX.log 2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect 2013-09-15 17:26 - 2012-10-16 08:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-15 17:04 - 2013-09-15 17:03 - 02256056 _____ C:\Users\David\Downloads\PW.zip 2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 20:36 - 2013-09-12 20:36 - 00023773 _____ C:\Users\David\Downloads\BTF-VA.-.German.Top.100.Single.Charts.16.09.2013.MP3.VBR.torrent 2013-09-12 10:58 - 2013-09-22 12:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-12 10:58 - 2013-09-22 12:34 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 00022814 _____ C:\Windows\system32\nvinfo.pb 2013-09-12 10:58 - 2012-07-25 22:22 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-09-12 09:25 - 2012-10-16 12:46 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-09-12 09:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2013-09-12 08:28 - 2012-11-21 19:08 - 00000000 ____D C:\ProgramData\CanonIJPLM 2013-09-12 08:10 - 2012-11-20 22:09 - 00000000 ____D C:\Users\David\AppData\Roaming\TS3Client 2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore 2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-09-12 08:03 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-12 00:06 - 2012-10-16 12:46 - 03361114 _____ C:\Windows\system32\nvcoproc.bin 2013-09-11 19:47 - 2013-08-14 08:05 - 00000000 ____D C:\Windows\system32\MRT 2013-09-11 19:46 - 2012-12-12 07:50 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-10 20:58 - 2013-09-10 11:10 - 00000000 ____D C:\Users\David\Desktop\ESW 2013-09-05 19:21 - 2013-09-05 19:21 - 00000000 ____D C:\Users\David\Downloads\ACE Wood V1.62 2013-09-05 19:20 - 2013-09-05 19:18 - 04407283 _____ C:\Users\David\Downloads\ACE Wood V1.62.zip 2013-09-05 19:01 - 2013-09-05 19:01 - 00000000 ____D C:\Users\David\Downloads\ACE Wood V1.61 2013-09-05 19:01 - 2013-09-05 19:00 - 04407177 _____ C:\Users\David\Downloads\ACE Wood V1.61.zip 2013-09-05 18:33 - 2013-09-05 18:33 - 00000000 ____D C:\Users\David\Downloads\AKAIO.1.9.0 2013-09-05 18:32 - 2013-09-05 18:31 - 05303571 _____ C:\Users\David\Downloads\AKAIO.1.9.0.zip 2013-09-03 21:08 - 2012-11-12 20:52 - 00000000 ____D C:\Users\David\Documents\Euro Truck Simulator 2 2013-09-03 00:10 - 2013-09-03 00:10 - 00066494 _____ C:\Users\David\Downloads\X-RayMod_v042.zip Some content of TEMP: ==================== C:\Users\David\AppData\Local\Temp\$avantbrowser$.update.exe C:\Users\David\AppData\Local\Temp\apptorun.exe C:\Users\David\AppData\Local\Temp\COMAP.EXE C:\Users\David\AppData\Local\Temp\DivXSetup.exe C:\Users\David\AppData\Local\Temp\DTLite4471-0333.exe C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\David\AppData\Local\Temp\Gw2.exe C:\Users\David\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\LEGOLOTR.exe C:\Users\David\AppData\Local\Temp\MSETUP4.EXE C:\Users\David\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\David\AppData\Local\Temp\nvSCPAPI.dll C:\Users\David\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\David\AppData\Local\Temp\nvStereoApiI.dll C:\Users\David\AppData\Local\Temp\nvStInit.dll C:\Users\David\AppData\Local\Temp\nvStInit64.dll C:\Users\David\AppData\Local\Temp\nvStInst.exe C:\Users\David\AppData\Local\Temp\oi_{1847C19F-3FB8-483C-A7AD-CA92D7E9E5BB}.exe C:\Users\David\AppData\Local\Temp\PanelPlusNotify.exe C:\Users\David\AppData\Local\Temp\Quarantine.exe C:\Users\David\AppData\Local\Temp\Uninstaller-2636.exe C:\Users\David\AppData\Local\Temp\Uninstaller-5564.exe C:\Users\David\AppData\Local\Temp\Uninstaller-7012.exe C:\Users\David\AppData\Local\Temp\xmlUpdater.exe C:\Users\David\AppData\Local\Temp\_inst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-29 11:30 ==================== End Of Log ============================ Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net Rootkit scan 2013-09-30 09:26:46 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003c Hitachi_HDS721010DLE630 rev.MS2OA650 931,51GB Running: gmer_2.1.19163.exe; Driver: C:\Users\David\AppData\Local\Temp\kwlorpob.sys ---- User code sections - GMER 2.1 ---- .text C:\Windows\system32\dwm.exe[648] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff568f177a 4 bytes [8F, 56, FF, 07] .text C:\Windows\system32\dwm.exe[648] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff568f1782 4 bytes [8F, 56, FF, 07] .text C:\Windows\System32\spoolsv.exe[1400] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff568f177a 4 bytes [8F, 56, FF, 07] .text C:\Windows\System32\spoolsv.exe[1400] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff568f1782 4 bytes [8F, 56, FF, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff568f177a 4 bytes [8F, 56, FF, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1484] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff568f1782 4 bytes [8F, 56, FF, 07] .text C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\MSIMG32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\MSIMG32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff568f177a 4 bytes [8F, 56, FF, 07] .text C:\Windows\system32\nvvsvc.exe[1512] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff568f1782 4 bytes [8F, 56, FF, 07] .text C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff568f177a 4 bytes [8F, 56, FF, 07] .text C:\Windows\system32\wbem\wmiprvse.exe[3940] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff568f1782 4 bytes [8F, 56, FF, 07] .text C:\Windows\Explorer.EXE[4780] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff568f177a 4 bytes [8F, 56, FF, 07] .text C:\Windows\Explorer.EXE[4780] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff568f1782 4 bytes [8F, 56, FF, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5056] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5056] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5056] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[5480] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[5480] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[5480] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\ESET\ESET Smart Security\egui.exe[5188] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\ESET\ESET Smart Security\egui.exe[5188] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\ESET\ESET Smart Security\egui.exe[5188] C:\Windows\SYSTEM32\msimg32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Logitech Gaming Software\LCore.exe[5936] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306 000007ff568f177a 4 bytes [8F, 56, FF, 07] .text C:\Program Files\Logitech Gaming Software\LCore.exe[5936] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314 000007ff568f1782 4 bytes [8F, 56, FF, 07] .text C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[5344] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[5344] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[5344] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe[5852] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe[5852] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe[5852] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5500] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5500] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5500] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Windows\splwow64.exe[6516] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ff4f4f1532 4 bytes [4F, 4F, FF, 07] .text C:\Windows\splwow64.exe[6516] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ff4f4f153a 4 bytes [4F, 4F, FF, 07] .text C:\Windows\splwow64.exe[6516] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ff4f4f165a 4 bytes [4F, 4F, FF, 07] .text C:\Windows\splwow64.exe[6516] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff568f177a 4 bytes [8F, 56, FF, 07] .text C:\Windows\splwow64.exe[6516] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff568f1782 4 bytes [8F, 56, FF, 07] .text C:\Windows\system32\wwahost.exe[4636] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ff568f177a 4 bytes [8F, 56, FF, 07] .text C:\Windows\system32\wwahost.exe[4636] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ff568f1782 4 bytes [8F, 56, FF, 07] ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\csrss.exe [644:680] fffff960008915e8 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7692] 000007ff5378bbd0 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7908] 000007ff5378bbd0 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7936] 000007ff5378bbd0 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7940] 000007ff5378bbd0 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7944] 000007ff5378bbd0 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7948] 000007ff5378bbd0 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7952] 000007ff5378bbd0 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7836] 000007ff5378bbd0 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7892] 000007ff537a4c70 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:7796] 000007ff537a4c70 Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [8076:8012] 000007ff537a4c70 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ---- Schonmal besten Dank für eure Mühen. |
30.09.2013, 08:46 | #2 | |
/// TB-Ausbilder | "Monstermarketplace" - Trojaner Hi,
__________________Zitat:
Das unterstützen wir nicht: http://www.trojaner-board.de/95394-c...-software.html Wenn ich dir helfen soll, dann deinstalliere und entferne jetzt zuerst restlos alle illegale Software (Cracks, Keygens, etc.). Sobald alles weg ist, können wir loslegen. Sollte ich im weiteren Verlauf aber trotz dieser Warnung nochmals sowas sehen, ist Schluss. Gib mir Bescheid, sobald es hier weiter geht.
__________________ |
30.09.2013, 16:40 | #3 |
| "Monstermarketplace" - Trojaner so habe den torrent gelöscht und das Programm deinstalliert. Hatte eben gehofft mit der version das Ding loszuwerden.
__________________Übrigends hatte das auch etwas gefunden ein Firefox Addon namens Plus-HD-3.8. Hatte es deinstalliert und mit Malewarebytes nochmal bereinigt. Habe nachgeschaut und es ist wieder da. Eventuell hilft dir das ja. Geändert von DavidH. (30.09.2013 um 16:46 Uhr) |
30.09.2013, 16:52 | #4 |
/// TB-Ausbilder | "Monstermarketplace" - Trojaner Starte noch einmal FRST.
__________________ cheers, Leo |
30.09.2013, 17:19 | #5 |
| "Monstermarketplace" - Trojaner addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02 Ran by David at 2013-09-30 18:18:09 Running from C:\Users\David\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: ESET Smart Security 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Personal Firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} ==================== Installed Programs ====================== µTorrent (x32 Version: 3.2.1.28086) Adobe Bridge 1.0 (x32 Version: 001.000.001) Adobe Common File Installer (x32 Version: 1.00.001) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Help Center 1.0 (x32 Version: 1.0.1) Adobe Photoshop CS2 (x32 Version: 9.0) Adobe Stock Photos 1.0 (x32 Version: 1.0.1) Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17) ANNO 2070 - Complete Edition (x32 Version: 2.00.7780) Any Video Converter 3.5.8 (x32) Apple Application Support (x32 Version: 2.3) Apple Software Update (x32 Version: 2.1.3.127) Ashampoo Burning Studio 6 FREE v.6.81 (x32 Version: 6.8.1) Ashampoo Burning Studio 6 FREE v.6.84 (x32 Version: 6.8.4) Battlefield 3 (x32 Version: v1.0) Biet-O-Matic v2.14.12 (x32 Version: 2.14.12) BioShock Infinite (x32) Browser Guard (x32) Call of Duty: Black Ops (x32) Canon Easy-PhotoPrint EX (x32) Canon Easy-WebPrint EX (x32) Canon MG5200 series MP Drivers Canon MP Navigator EX 4.0 (x32) Canon My Printer (x32) Canon Solution Menu EX (x32) CCleaner (Version: 4.00) Coby Media Manager (x32 Version: 1.0.6316) CyberLink PowerDVD 10 (x32 Version: 10.0.4427.02) DAEMON Tools Lite (x32 Version: 4.47.1.0333) Diablo III (x32 Version: 1.0.8.16603) DivX-Setup (x32 Version: 2.6.1.22) DmC: Devil May Cry (x32 Version: 1.0) ESET Smart Security (Version: 5.2.9.12) Farming Simulator 2013 (x32) FIFA Manager 13 (x32 Version: 1.0.4.0) FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2) Game of Thrones - Blood_Bound Version 1.0.0.0 (x32 Version: 1.0.0.0) Game of Thrones Version 1.4.2.0 (x32 Version: 1.4.2.0) GeForce Experience NvStream Client Components (Version: 0.1.87) GfK Internet-Monitor (x32 Version: 12.6.186) GIMP 2.6.11 (x32 Version: 2.6.11) Grand Theft Auto IV (x32 Version: 1.0.0013.131) Guild Wars 2 (x32) Intel(R) Management Engine Components (x32 Version: 8.1.0.1281) Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149) Intel® Trusted Connect Service Client (Version: 1.24.738.1) Java 7 Update 25 (x32 Version: 7.0.250) Java 7 Update 9 (64-bit) (Version: 7.0.90) Java Auto Updater (x32 Version: 2.1.9.5) Java SE Development Kit 7 Update 9 (64-bit) (Version: 1.7.0.90) KeePass Password Safe 1.24 (x32 Version: 1.24) LEGO® Der Herr der Ringe™ (x32 Version: 1.0.0.0) Logitech Gaming Software (Version: 8.40.83) Logitech Gaming Software 8.40 (Version: 8.40.83) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.0.0) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0) Microsoft Office (x32 Version: 14.0.6120.5004) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft VC9 runtime libraries (x32 Version: 2.0.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610) Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) Neverwinter (x32) Notepad++ (x32 Version: 6.2.3) NVIDIA 3D Vision Controller-Treiber 326.01 (Version: 326.01) NVIDIA 3D Vision Treiber 327.23 (Version: 327.23) NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1) NVIDIA Grafiktreiber 327.23 (Version: 327.23) NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4) NVIDIA Install Application (Version: 2.1002.133.902) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723) NVIDIA Systemsteuerung 327.23 (Version: 327.23) NVIDIA Update 8.3.14 (Version: 8.3.14) NVIDIA Update Components (Version: 8.3.14) NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5) OpenAL (x32) OpenOffice.org 3.4.1 (x32 Version: 3.41.9593) Outlast (x32 Version: 1) Panel+ (x32 Version: 5.3.5) PDFCreator (x32 Version: 1.6.2) Peggle Deluxe (x32) PlanetSide 2 (HKCU Version: 1.0.3.183) PlanetSide 2 (x32) QuickTime (x32 Version: 7.74.80.86) Ravensburger tiptoi (x32) RCT3 Soaked (x32 Version: 1.00.000) Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662) ROCCAT Kone XTD Mouse Driver (x32) RollerCoaster Tycoon 3 (x32 Version: 1.00.000) Saints Row IV (x32 Version: 1.0.5.0) SHIELD Streaming (Version: 1.05.28) Steam (x32 Version: 1.0.0.0) TeamSpeak 3 Client (Version: 3.0.6) Tomb Raider (x32) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0) Winamp (x32 Version: 5.64 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Utils (x32) WinRAR 4.20 (64-Bit) (Version: 4.20.0) XAMPP 1.8.1 (x32) ==================== Restore Points ========================= 15-09-2013 15:23:34 Entfernt Grand Theft Auto IV 23-09-2013 06:56:11 Geplanter Prüfpunkt 28-09-2013 12:12:55 Free YouTube Download Manager 30-09-2013 06:41:59 Free YouTube Download Manager ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {17CD5477-30AB-400E-BDE3-31EC573F96ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {38621F5A-BA98-451C-B665-BB48BF911D92} - \Software Updater No Task File Task: {407B5460-3BF9-4D3E-9EE0-4B79DCCB2A18} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation) Task: {45FF9BF5-CE8C-4665-A638-2830D7C893ED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {C0C56FF8-EE49-4AC9-835C-60E08C59028F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation) ==================== Loaded Modules (whitelisted) ============= 2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2013-06-01 11:04 - 2013-06-01 11:05 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2013-09-01 00:06 - 2013-09-01 00:06 - 01179136 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\9fbc5975a21c5638ba05f81b9febfaee\Windows.UI.ni.dll 2013-01-24 01:05 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll 2013-08-15 08:39 - 2013-08-15 08:39 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\26def6ab53d268e53635f2a61a1b2ed3\PSIClient.ni.dll 2012-10-16 10:42 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-07-23 18:01 - 2013-07-15 09:09 - 02180584 _____ () C:\Program Files (x86)\gfklspservice\pcproxydll.dll 2013-02-21 16:18 - 2013-02-21 16:18 - 00032768 _____ () C:\Users\David\AppData\Local\Panel+\service\TrotiNet.dll 2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2012-12-21 17:27 - 2012-06-17 12:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll 2013-08-17 11:13 - 2013-08-17 11:13 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/30/2013 05:37:44 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (09/30/2013 09:37:40 AM) (Source: .NET Runtime) (User: ) Description: Anwendung: IAStorIcon.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.InvalidOperationException Stapel: Server stack trace: bei System.ServiceModel.Channels.ServiceChannel.PrepareCall(ProxyOperationRuntime operation, Boolean oneway, ProxyRpc& rpc) bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32) bei IAStorDataMgrSvcInterfaces.IPublisher.Unsubscribe() bei IAStorIcon.StorageIcon.Stop() bei IAStorIcon.Program.Application_ApplicationExit(System.Object, System.EventArgs) bei System.Windows.Forms.Application.RaiseExit() bei System.Windows.Forms.Application+ThreadContext.Dispose(Boolean) bei System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext) bei System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext) bei System.Windows.Forms.Application.Run() bei IAStorIcon.Program.Main() Error: (09/30/2013 09:28:10 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: GfKLSPService.exe, Version: 12.8.325.0, Zeitstempel: 0x51e39f4e Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00055aac ID des fehlerhaften Prozesses: 0x1518 Startzeit der fehlerhaften Anwendung: 0xGfKLSPService.exe0 Pfad der fehlerhaften Anwendung: GfKLSPService.exe1 Pfad des fehlerhaften Moduls: GfKLSPService.exe2 Berichtskennung: GfKLSPService.exe3 Vollständiger Name des fehlerhaften Pakets: GfKLSPService.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GfKLSPService.exe5 Error: (09/30/2013 08:42:16 AM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden. Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000015C,0x00530194,0000000000000000,0,00000090E0540080,4096,[0]). Vorgang: Schattenkopien abfragen Error: (09/29/2013 11:24:37 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/29/2013 11:24:36 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/29/2013 11:24:32 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/29/2013 11:24:24 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/29/2013 01:47:19 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (09/24/2013 08:53:12 AM) (Source: Application Hang) (User: ) Description: Programm firefox.exe, Version 23.0.1.4974 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1d2c Startzeit: 01ceb8ef1f0e7243 Endzeit: 25 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Berichts-ID: f8adf979-24e5-11e3-bf04-902b349f0328 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: System errors: ============= Error: (09/30/2013 05:31:43 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT) Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "H:" können nicht gelesen werden. Error: (09/30/2013 09:28:10 AM) (Source: Service Control Manager) (User: ) Description: Dienst "GfKLSPService" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert. Error: (09/30/2013 09:28:03 AM) (Source: Service Control Manager) (User: ) Description: Dienst "GfKLSPService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/28/2013 02:12:53 PM) (Source: Service Control Manager) (User: ) Description: Dienst "SProtection" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/28/2013 02:12:36 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (09/25/2013 07:05:22 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/25/2013 07:05:22 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (09/25/2013 10:01:20 AM) (Source: Ntfs) (User: NT-AUTORITÄT) Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt. Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Error: (09/25/2013 10:01:13 AM) (Source: Ntfs) (User: NT-AUTORITÄT) Description: In der Dateisystemstruktur auf Volume "Windows" wurde eine Beschädigung erkannt. Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Error: (09/24/2013 08:18:59 AM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 24.09.2013 um 08:14:10 unerwartet heruntergefahren. Microsoft Office Sessions: ========================= Error: (09/30/2013 05:37:44 PM) (Source: SideBySide)(User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\David\Downloads\vcredist_arm.exe Error: (09/30/2013 09:37:40 AM) (Source: .NET Runtime)(User: ) Description: Anwendung: IAStorIcon.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.InvalidOperationException Stapel: Server stack trace: bei System.ServiceModel.Channels.ServiceChannel.PrepareCall(ProxyOperationRuntime operation, Boolean oneway, ProxyRpc& rpc) bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage) bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32) bei IAStorDataMgrSvcInterfaces.IPublisher.Unsubscribe() bei IAStorIcon.StorageIcon.Stop() bei IAStorIcon.Program.Application_ApplicationExit(System.Object, System.EventArgs) bei System.Windows.Forms.Application.RaiseExit() bei System.Windows.Forms.Application+ThreadContext.Dispose(Boolean) bei System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext) bei System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext) bei System.Windows.Forms.Application.Run() bei IAStorIcon.Program.Main() Error: (09/30/2013 09:28:10 AM) (Source: Application Error)(User: ) Description: GfKLSPService.exe12.8.325.051e39f4entdll.dll6.2.9200.16578515fac6ec000000500055aac151801cebdae9cfff3ecC:\Program Files (x86)\GfKLSPService\GfKLSPService.exeC:\Windows\SYSTEM32\ntdll.dlldb15f77c-29a1-11e3-bf07-902b349f0328 Error: (09/30/2013 08:42:16 AM) (Source: VSS)(User: ) Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000015C,0x00530194,0000000000000000,0,00000090E0540080,4096,[0]) Vorgang: Schattenkopien abfragen Error: (09/29/2013 11:24:37 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/29/2013 11:24:36 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/29/2013 11:24:32 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/29/2013 11:24:24 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/29/2013 01:47:19 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe Error: (09/24/2013 08:53:12 AM) (Source: Application Hang)(User: ) Description: firefox.exe23.0.1.49741d2c01ceb8ef1f0e724325C:\Program Files (x86)\Mozilla Firefox\firefox.exef8adf979-24e5-11e3-bf04-902b349f0328 ==================== Memory info =========================== Percentage of memory in use: 28% Total physical RAM: 8134.25 MB Available physical RAM: 5855.03 MB Total Pagefile: 9350.25 MB Available Pagefile: 7054.02 MB Total Virtual: 8192 MB Available Virtual: 8191.78 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:916.35 GB) (Free:823.22 GB) NTFS Drive f: (Volume) (Fixed) (Total:931.51 GB) (Free:350.29 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 241ACCFA) Partition: GPT Partition Type ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 01C974AF) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02 Ran by David (administrator) on PAPAMASCHIENE on 30-09-2013 18:16:23 Running from C:\Users\David\Downloads Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (GfK) C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (PixArt Imaging Incorporation) C:\Windows\Philips\SPC500NC\Monitor.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Ipsos) C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe () C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET) HKLM\...\Run: [SPC500NC_Monitor] - C:\Windows\Philips\SPC500NC\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.) HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Panel+] - C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe [140880 2013-02-21] (Ipsos) MountPoints2: {56c54f68-2ba2-11e2-be87-902b349f0328} - "J:\Launcher.exe" HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation) HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] () HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] () HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.) HKLM-x32\...\Run: [RoccatKoneXTD] - C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [558944 2012-11-30] (ROCCAT GmbH) HKLM-x32\...\Run: [GfK-WatchDog] - C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2013-07-15] () HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL [253816 2013-03-12] () AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [ ] () Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== ProxyServer: http=localhost:44413 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms} SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=1&dbCode=1&command={searchTerms} SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms} SearchScopes: HKLM-x32 - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Winsock: Catalog9 01 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 02 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 03 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 04 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 15 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9-x64 01 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 02 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 03 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 04 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 15 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default FF NewTab: about:home FF Homepage: about:home FF NetworkProxy: "type", 1 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin HKCU: @IpsosPanelPlus@ipsosinteractive.com - C:\Users\David\AppData\Local\Panel+\toolbar_ff\plugins\npIpsosCommPlugin.dll (IDM) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.) FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\aol-suche.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com FF Extension: pricealarm - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\ich@maltegoetz.de FF Extension: admin - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\admin@proxy-listen.de.xpi FF Extension: DivXWebPlayer - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\DivXWebPlayer@divx.com.xpi FF Extension: nasanightlaunch - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\nasanightlaunch@example.com.xpi FF Extension: Noia4Options - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\Noia4Options@ArisT2.xpi FF Extension: YoutubeDownloader - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi FF Extension: No Name - C:\Program Files (x86)\Browser Guard\browserguard.xpi FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKCU\...\Firefox\Extensions: [IpsosPanelPlus@ipsosinteractive.com] - C:\Users\David\AppData\Local\Panel+\toolbar_ff\ FF Extension: Panel+ - C:\Users\David\AppData\Local\Panel+\toolbar_ff\ ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-13] (Adobe Systems) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET) R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3019752 2013-07-15] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1376232 2013-07-15] () R2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2013-07-15] (GfK) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-04-06] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET) S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider) S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) R3 SPC500NC; C:\Windows\system32\DRIVERS\SPC500NC.SYS [481280 2007-06-21] (PixArt Imaging Inc.) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation) R4 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [x] U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation) U3 kwlorpob; \??\C:\Users\David\AppData\Local\Temp\kwlorpob.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-30 09:26 - 2013-09-30 09:26 - 00010949 _____ C:\Users\David\Downloads\gmer.txt 2013-09-30 09:19 - 2013-09-30 09:19 - 00377856 _____ C:\Users\David\Downloads\gmer_2.1.19163.exe 2013-09-30 09:15 - 2013-09-30 18:08 - 00027351 _____ C:\Users\David\Downloads\Addition.txt 2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe 2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST 2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log 2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable 2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe 2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt 2013-09-29 01:48 - 2013-09-29 01:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt 2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe 2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT 2013-09-29 01:37 - 2013-09-30 08:56 - 00000000 ____D C:\AdwCleaner 2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe 2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe 2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard 2013-09-28 14:12 - 2013-09-28 16:07 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-28 14:09 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe 2013-09-24 23:53 - 2013-09-25 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa.zip 2013-09-24 19:11 - 2013-09-24 19:19 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi 2013-09-24 19:10 - 2013-09-24 19:14 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk 2013-09-24 19:10 - 2013-09-24 19:14 - 00000000 ____D C:\ProgramData\RavensburgerTipToi 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi 2013-09-23 00:00 - 2013-09-23 00:02 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip 2013-09-22 23:59 - 2013-09-23 00:14 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip 2013-09-22 23:58 - 2013-09-23 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip 2013-09-22 22:11 - 2013-09-28 17:39 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db 2013-09-22 15:34 - 2013-09-22 15:37 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip 2013-09-22 15:31 - 2013-09-22 15:34 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip 2013-09-22 15:16 - 2013-09-30 00:23 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft 2013-09-22 15:09 - 2013-09-22 15:12 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip 2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213 2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe 2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip 2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar 2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar 2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2013-09-22 12:34 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-22 12:34 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-22 12:34 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2013-09-22 12:34 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk 2013-09-21 10:43 - 2013-09-21 10:57 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip 2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip 2013-09-21 10:28 - 2013-09-21 10:29 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar 2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip 2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe 2013-09-15 21:59 - 2013-09-15 22:02 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk 2013-09-15 17:58 - 2013-09-15 17:59 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip 2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk 2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13 2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect 2013-09-15 17:03 - 2013-09-15 17:04 - 02256056 _____ C:\Users\David\Downloads\PW.zip 2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-11 18:43 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2013-09-11 18:43 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2013-09-11 18:43 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-09-11 18:43 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2013-09-11 18:43 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2013-09-11 18:43 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2013-09-11 18:43 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2013-09-11 18:43 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-09-11 18:43 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2013-09-11 18:43 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll 2013-09-11 18:43 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll 2013-09-11 18:42 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-11 18:42 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-11 18:42 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-11 18:42 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-11 18:42 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-11 18:42 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-11 18:42 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-11 18:42 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-11 18:42 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2013-09-11 18:41 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll 2013-09-11 18:41 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-11 18:41 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2013-09-11 18:41 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-09-11 18:41 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-09-11 18:41 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll 2013-09-11 18:41 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2013-09-11 18:41 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2013-09-11 18:41 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll 2013-09-11 18:41 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll 2013-09-11 18:41 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-09-11 18:41 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-09-11 18:41 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-09-11 18:41 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2013-09-11 18:41 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-09-11 18:41 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-09-11 18:41 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-09-11 18:41 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2013-09-11 18:41 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml 2013-09-11 18:41 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe 2013-09-11 18:41 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe 2013-09-11 18:41 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-09-11 18:41 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-09-11 18:41 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2013-09-11 18:41 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-09-11 18:41 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2013-09-11 18:41 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2013-09-11 18:41 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-09-11 18:41 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-09-11 18:41 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2013-09-11 18:41 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2013-09-11 18:41 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2013-09-11 18:41 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2013-09-11 18:41 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2013-09-11 18:41 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-09-11 18:41 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-09-11 18:41 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-09-11 18:41 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-09-11 18:41 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-09-11 18:41 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-09-11 18:41 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-09-11 18:41 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-09-11 18:41 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-09-11 18:41 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2013-09-10 11:10 - 2013-09-10 20:58 - 00000000 ____D C:\Users\David\Desktop\ESW ==================== One Month Modified Files and Folders ======= 2013-09-30 18:08 - 2013-09-30 09:15 - 00027351 _____ C:\Users\David\Downloads\Addition.txt 2013-09-30 18:08 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfKLSPService 2013-09-30 18:08 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfK Internet-Monitor 2013-09-30 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-30 17:52 - 2012-11-10 22:21 - 01734633 _____ C:\Windows\WindowsUpdate.log 2013-09-30 17:50 - 2012-11-10 22:31 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176403951-1178010183-3754737978-1002 2013-09-30 13:00 - 2012-11-11 14:15 - 00000000 ____D C:\Users\David\Documents\DLS HANKO 2013-09-30 09:26 - 2013-09-30 09:26 - 00010949 _____ C:\Users\David\Downloads\gmer.txt 2013-09-30 09:19 - 2013-09-30 09:19 - 00377856 _____ C:\Users\David\Downloads\gmer_2.1.19163.exe 2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe 2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST 2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log 2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable 2013-09-30 09:09 - 2012-11-10 22:21 - 00000000 ____D C:\Users\David 2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe 2013-09-30 08:57 - 2012-10-16 12:46 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-30 08:57 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-30 08:57 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI 2013-09-30 08:56 - 2013-09-29 01:37 - 00000000 ____D C:\AdwCleaner 2013-09-30 08:42 - 2013-08-22 22:05 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-30 00:23 - 2013-09-22 15:16 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft 2013-09-29 14:27 - 2012-11-12 19:09 - 00000000 ____D C:\Users\David\AppData\Roaming\uTorrent 2013-09-29 14:27 - 2012-10-16 08:30 - 00820374 _____ C:\Windows\PFRO.log 2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt 2013-09-29 01:49 - 2013-09-29 01:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt 2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe 2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT 2013-09-29 01:38 - 2012-11-10 22:23 - 00000000 ___RD C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe 2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe 2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe 2013-09-28 17:39 - 2013-09-22 22:11 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db 2013-09-28 16:08 - 2012-12-21 23:33 - 00000000 ____D C:\ProgramData\ashampoo 2013-09-28 16:07 - 2013-09-28 14:12 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard 2013-09-28 14:09 - 2013-08-17 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-26 18:31 - 2012-12-31 02:10 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-26 08:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-09-25 19:24 - 2012-07-26 12:27 - 00752930 _____ C:\Windows\system32\perfh007.dat 2013-09-25 19:24 - 2012-07-26 12:27 - 00156156 _____ C:\Windows\system32\perfc007.dat 2013-09-25 19:24 - 2012-07-26 09:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-25 00:07 - 2013-09-24 23:53 - 64079267 _____ C:\Users\David\Downloads\Misa.zip 2013-09-24 19:19 - 2013-09-24 19:11 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi 2013-09-24 19:14 - 2013-09-24 19:10 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk 2013-09-24 19:14 - 2013-09-24 19:10 - 00000000 ____D C:\ProgramData\RavensburgerTipToi 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi 2013-09-24 19:10 - 2012-07-26 09:21 - 00043732 _____ C:\Windows\setupact.log 2013-09-23 00:14 - 2013-09-22 23:59 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip 2013-09-23 00:07 - 2013-09-22 23:58 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip 2013-09-23 00:02 - 2013-09-23 00:00 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip 2013-09-22 15:37 - 2013-09-22 15:34 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip 2013-09-22 15:34 - 2013-09-22 15:31 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip 2013-09-22 15:12 - 2013-09-22 15:09 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip 2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213 2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe 2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip 2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar 2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar 2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-22 12:37 - 2012-10-16 12:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2013-09-21 10:57 - 2013-09-21 10:43 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip 2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk 2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip 2013-09-21 10:29 - 2013-09-21 10:28 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar 2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip 2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe 2013-09-20 07:16 - 2012-11-13 02:02 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps 2013-09-19 01:26 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-19 01:26 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-15 22:02 - 2013-09-15 21:59 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk 2013-09-15 22:02 - 2013-05-12 11:43 - 00000000 ____D C:\ProgramData\Steam 2013-09-15 22:02 - 2012-12-09 02:18 - 00000000 ____D C:\Users\David\Documents\My Games 2013-09-15 18:00 - 2012-11-18 18:43 - 00000000 ____D C:\Users\David\Desktop\Hockeyprogramme 2013-09-15 17:59 - 2013-09-15 17:58 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip 2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk 2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13 2013-09-15 17:46 - 2012-11-16 18:41 - 00000000 ____D C:\Users\David\Documents\FUSSBALL MANAGER 13 2013-09-15 17:40 - 2012-11-11 03:03 - 00182162 _____ C:\Windows\DirectX.log 2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect 2013-09-15 17:26 - 2012-10-16 08:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-15 17:04 - 2013-09-15 17:03 - 02256056 _____ C:\Users\David\Downloads\PW.zip 2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 10:58 - 2013-09-22 12:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-12 10:58 - 2013-09-22 12:34 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 00022814 _____ C:\Windows\system32\nvinfo.pb 2013-09-12 10:58 - 2012-07-25 22:22 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-09-12 09:25 - 2012-10-16 12:46 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-09-12 09:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2013-09-12 08:28 - 2012-11-21 19:08 - 00000000 ____D C:\ProgramData\CanonIJPLM 2013-09-12 08:10 - 2012-11-20 22:09 - 00000000 ____D C:\Users\David\AppData\Roaming\TS3Client 2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore 2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-09-12 08:03 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-12 00:06 - 2012-10-16 12:46 - 03361114 _____ C:\Windows\system32\nvcoproc.bin 2013-09-11 19:47 - 2013-08-14 08:05 - 00000000 ____D C:\Windows\system32\MRT 2013-09-11 19:46 - 2012-12-12 07:50 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-10 20:58 - 2013-09-10 11:10 - 00000000 ____D C:\Users\David\Desktop\ESW 2013-09-03 21:08 - 2012-11-12 20:52 - 00000000 ____D C:\Users\David\Documents\Euro Truck Simulator 2 Some content of TEMP: ==================== C:\Users\David\AppData\Local\Temp\$avantbrowser$.update.exe C:\Users\David\AppData\Local\Temp\apptorun.exe C:\Users\David\AppData\Local\Temp\COMAP.EXE C:\Users\David\AppData\Local\Temp\DivXSetup.exe C:\Users\David\AppData\Local\Temp\DTLite4471-0333.exe C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\David\AppData\Local\Temp\Gw2.exe C:\Users\David\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\LEGOLOTR.exe C:\Users\David\AppData\Local\Temp\MSETUP4.EXE C:\Users\David\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\David\AppData\Local\Temp\nvSCPAPI.dll C:\Users\David\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\David\AppData\Local\Temp\nvStereoApiI.dll C:\Users\David\AppData\Local\Temp\nvStInit.dll C:\Users\David\AppData\Local\Temp\nvStInit64.dll C:\Users\David\AppData\Local\Temp\nvStInst.exe C:\Users\David\AppData\Local\Temp\oi_{1847C19F-3FB8-483C-A7AD-CA92D7E9E5BB}.exe C:\Users\David\AppData\Local\Temp\PanelPlusNotify.exe C:\Users\David\AppData\Local\Temp\Quarantine.exe C:\Users\David\AppData\Local\Temp\Uninstaller-2636.exe C:\Users\David\AppData\Local\Temp\Uninstaller-5564.exe C:\Users\David\AppData\Local\Temp\Uninstaller-7012.exe C:\Users\David\AppData\Local\Temp\xmlUpdater.exe C:\Users\David\AppData\Local\Temp\_inst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-29 11:30 ==================== End Of Log ============================ |
30.09.2013, 17:23 | #6 |
/// TB-Ausbilder | "Monstermarketplace" - Trojaner ok. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Starte noch einmal FRST.
__________________ --> "Monstermarketplace" - Trojaner |
30.09.2013, 17:43 | #7 |
| "Monstermarketplace" - Trojaner ADW Cleaner.log Code:
ATTFilter # AdwCleaner v3.005 - Bericht erstellt am 30/09/2013 um 18:28:46 # Updated 22/09/2013 von Xplode # Betriebssystem : Windows 8 (64 bits) # Benutzername : David - PAPAMASCHIENE # Gestartet von : C:\Users\David\Downloads\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Datei Gelöscht : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\foxydeal.sqlite ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Browser ] ***** -\\ Internet Explorer v10.0.9200.16688 -\\ Mozilla Firefox v23.0.1 (de) [ Datei : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\prefs.js ] Zeile gelöscht : user_pref("extensions.DivXWebPlayer@divx.com.install-event-fired", true); Zeile gelöscht : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,admin%40proxy-listen.de:1.0.4.5,IpsosPanelPlus%40ipsosinteractive.com:5.3.5,ich%40maltegoetz.de:1.5.2,Noia4Options%40ArisT2:1.[...] [ Datei : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_435771\prefs.js ] ************************* AdwCleaner[R0].txt - [16472 octets] - [29/09/2013 01:37:07] AdwCleaner[R1].txt - [5005 octets] - [30/09/2013 08:49:37] AdwCleaner[R2].txt - [1541 octets] - [30/09/2013 18:28:27] AdwCleaner[S0].txt - [14178 octets] - [29/09/2013 01:38:30] AdwCleaner[S1].txt - [5066 octets] - [30/09/2013 08:56:18] AdwCleaner[S2].txt - [1462 octets] - [30/09/2013 18:28:46] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1522 octets] ########## FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02 Ran by David (administrator) on PAPAMASCHIENE on 30-09-2013 18:33:57 Running from C:\Users\David\Downloads Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe (GfK) C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (PixArt Imaging Incorporation) C:\Windows\Philips\SPC500NC\Monitor.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Ipsos) C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (Microsoft Corporation) C:\Windows\splwow64.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe () C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe (Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe (Microsoft Corporation) C:\Windows\system32\msiexec.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET) HKLM\...\Run: [SPC500NC_Monitor] - C:\Windows\Philips\SPC500NC\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation) HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.) HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Panel+] - C:\Users\David\AppData\Local\Panel+\service\PanelPlusService.exe [140880 2013-02-21] (Ipsos) MountPoints2: {56c54f68-2ba2-11e2-be87-902b349f0328} - "J:\Launcher.exe" HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation) HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] () HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] () HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.) HKLM-x32\...\Run: [RoccatKoneXTD] - C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [558944 2012-11-30] (ROCCAT GmbH) HKLM-x32\...\Run: [GfK-WatchDog] - C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2013-07-15] () HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL [253816 2013-03-12] () AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [ ] () Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== ProxyServer: http=localhost:44413 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms} SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=1&dbCode=1&command={searchTerms} SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380370149531&tguid=66920-6787-1380370149531-EC80CA3432379DCB50B011F94CEC16DF&q={searchTerms} SearchScopes: HKLM-x32 - {BD14BC9F-07F6-4B4A-9122-12E2614404F7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Winsock: Catalog9 01 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 02 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 03 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 04 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9 15 C:\Windows\system32\GfKLSPService.DLL File Not found () Winsock: Catalog9-x64 01 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 02 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 03 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 04 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Winsock: Catalog9-x64 15 C:\Windows\system32\GfKLSPService64.DLL [380664] (GfK) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default FF NewTab: about:home FF Homepage: about:home FF NetworkProxy: "type", 1 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin HKCU: @IpsosPanelPlus@ipsosinteractive.com - C:\Users\David\AppData\Local\Panel+\toolbar_ff\plugins\npIpsosCommPlugin.dll (IDM) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.) FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\aol-suche.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: pricealarm - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\ich@maltegoetz.de FF Extension: admin - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\admin@proxy-listen.de.xpi FF Extension: DivXWebPlayer - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\DivXWebPlayer@divx.com.xpi FF Extension: nasanightlaunch - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\nasanightlaunch@example.com.xpi FF Extension: Noia4Options - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\Noia4Options@ArisT2.xpi FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: No Name - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qa426oi2.default\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor FF HKLM-x32\...\Firefox\Extensions: [{20d1f7b3-7721-4da0-b6f3-78bb4d7248f4}] - C:\Program Files (x86)\Browser Guard\browserguard.xpi FF Extension: No Name - C:\Program Files (x86)\Browser Guard\browserguard.xpi FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF HKCU\...\Firefox\Extensions: [IpsosPanelPlus@ipsosinteractive.com] - C:\Users\David\AppData\Local\Panel+\toolbar_ff\ FF Extension: Panel+ - C:\Users\David\AppData\Local\Panel+\toolbar_ff\ ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-13] (Adobe Systems) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET) R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3019752 2013-07-15] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1376232 2013-07-15] () R2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2013-07-15] (GfK) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-04-06] (DT Soft Ltd) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET) S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider) S3 gdrv; C:\Windows\gdrv.sys [25640 2012-11-11] (Windows (R) Server 2003 DDK provider) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) R3 SPC500NC; C:\Windows\system32\DRIVERS\SPC500NC.SYS [481280 2007-06-21] (PixArt Imaging Inc.) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [64000 2012-07-26] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-30 09:26 - 2013-09-30 09:26 - 00010949 _____ C:\Users\David\Downloads\gmer.txt 2013-09-30 09:19 - 2013-09-30 09:19 - 00377856 _____ C:\Users\David\Downloads\gmer_2.1.19163.exe 2013-09-30 09:15 - 2013-09-30 18:18 - 00027290 _____ C:\Users\David\Downloads\Addition.txt 2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe 2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST 2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log 2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable 2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe 2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt 2013-09-29 01:48 - 2013-09-29 01:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt 2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe 2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT 2013-09-29 01:37 - 2013-09-30 18:28 - 00000000 ____D C:\AdwCleaner 2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe 2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe 2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard 2013-09-28 14:12 - 2013-09-28 16:07 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-28 14:09 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe 2013-09-24 23:53 - 2013-09-25 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa.zip 2013-09-24 19:11 - 2013-09-24 19:19 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi 2013-09-24 19:10 - 2013-09-24 19:14 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk 2013-09-24 19:10 - 2013-09-24 19:14 - 00000000 ____D C:\ProgramData\RavensburgerTipToi 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi 2013-09-23 00:00 - 2013-09-23 00:02 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip 2013-09-22 23:59 - 2013-09-23 00:14 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip 2013-09-22 23:58 - 2013-09-23 00:07 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip 2013-09-22 22:11 - 2013-09-28 17:39 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db 2013-09-22 15:34 - 2013-09-22 15:37 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip 2013-09-22 15:31 - 2013-09-22 15:34 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip 2013-09-22 15:16 - 2013-09-30 00:23 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft 2013-09-22 15:09 - 2013-09-22 15:12 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip 2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213 2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe 2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip 2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar 2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar 2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2013-09-22 12:34 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-22 12:34 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-22 12:34 - 2013-09-12 10:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-22 12:34 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2013-09-22 12:34 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk 2013-09-21 10:43 - 2013-09-21 10:57 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip 2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip 2013-09-21 10:28 - 2013-09-21 10:29 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar 2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip 2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe 2013-09-15 21:59 - 2013-09-15 22:02 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk 2013-09-15 17:58 - 2013-09-15 17:59 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip 2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk 2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13 2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect 2013-09-15 17:03 - 2013-09-15 17:04 - 02256056 _____ C:\Users\David\Downloads\PW.zip 2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-11 18:43 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2013-09-11 18:43 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2013-09-11 18:43 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-09-11 18:43 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2013-09-11 18:43 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2013-09-11 18:43 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2013-09-11 18:43 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2013-09-11 18:43 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2013-09-11 18:43 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll 2013-09-11 18:43 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-09-11 18:43 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2013-09-11 18:43 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll 2013-09-11 18:43 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll 2013-09-11 18:42 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-11 18:42 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-11 18:42 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-11 18:42 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-11 18:42 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-11 18:42 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-11 18:42 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-11 18:42 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-11 18:42 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-11 18:42 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-11 18:42 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2013-09-11 18:41 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll 2013-09-11 18:41 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-11 18:41 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2013-09-11 18:41 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-09-11 18:41 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-09-11 18:41 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll 2013-09-11 18:41 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2013-09-11 18:41 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2013-09-11 18:41 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll 2013-09-11 18:41 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll 2013-09-11 18:41 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-09-11 18:41 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-09-11 18:41 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-09-11 18:41 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2013-09-11 18:41 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-09-11 18:41 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-09-11 18:41 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-09-11 18:41 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2013-09-11 18:41 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml 2013-09-11 18:41 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe 2013-09-11 18:41 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe 2013-09-11 18:41 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-09-11 18:41 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-09-11 18:41 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2013-09-11 18:41 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-09-11 18:41 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2013-09-11 18:41 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2013-09-11 18:41 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-09-11 18:41 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-09-11 18:41 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2013-09-11 18:41 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2013-09-11 18:41 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2013-09-11 18:41 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2013-09-11 18:41 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2013-09-11 18:41 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-09-11 18:41 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-09-11 18:41 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-09-11 18:41 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-09-11 18:41 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-09-11 18:41 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-09-11 18:41 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-09-11 18:41 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-09-11 18:41 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-09-11 18:41 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2013-09-10 11:10 - 2013-09-10 20:58 - 00000000 ____D C:\Users\David\Desktop\ESW ==================== One Month Modified Files and Folders ======= 2013-09-30 18:33 - 2012-11-10 22:21 - 01752347 _____ C:\Windows\WindowsUpdate.log 2013-09-30 18:30 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfKLSPService 2013-09-30 18:30 - 2013-01-24 01:05 - 00000000 ____D C:\Program Files (x86)\GfK Internet-Monitor 2013-09-30 18:29 - 2012-10-16 12:46 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-30 18:29 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-30 18:28 - 2013-09-29 01:37 - 00000000 ____D C:\AdwCleaner 2013-09-30 18:28 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI 2013-09-30 18:18 - 2013-09-30 09:15 - 00027290 _____ C:\Users\David\Downloads\Addition.txt 2013-09-30 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-30 17:50 - 2012-11-10 22:31 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176403951-1178010183-3754737978-1002 2013-09-30 13:00 - 2012-11-11 14:15 - 00000000 ____D C:\Users\David\Documents\DLS HANKO 2013-09-30 09:26 - 2013-09-30 09:26 - 00010949 _____ C:\Users\David\Downloads\gmer.txt 2013-09-30 09:19 - 2013-09-30 09:19 - 00377856 _____ C:\Users\David\Downloads\gmer_2.1.19163.exe 2013-09-30 09:10 - 2013-09-30 09:10 - 01953880 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe 2013-09-30 09:10 - 2013-09-30 09:10 - 00000000 ____D C:\FRST 2013-09-30 09:09 - 2013-09-30 09:09 - 00000472 _____ C:\Users\David\Downloads\defogger_disable.log 2013-09-30 09:09 - 2013-09-30 09:09 - 00000168 _____ C:\Users\David\defogger_reenable 2013-09-30 09:09 - 2012-11-10 22:21 - 00000000 ____D C:\Users\David 2013-09-30 09:08 - 2013-09-30 09:08 - 00050477 _____ C:\Users\David\Downloads\Defogger.exe 2013-09-30 08:42 - 2013-08-22 22:05 - 00000000 ____D C:\ProgramData\Package Cache 2013-09-30 00:23 - 2013-09-22 15:16 - 00000000 ____D C:\Users\David\AppData\Roaming\.minecraft 2013-09-29 14:27 - 2012-11-12 19:09 - 00000000 ____D C:\Users\David\AppData\Roaming\uTorrent 2013-09-29 14:27 - 2012-10-16 08:30 - 00820374 _____ C:\Windows\PFRO.log 2013-09-29 13:55 - 2013-09-29 13:55 - 00001364 _____ C:\Users\David\Desktop\trojaner.txt 2013-09-29 01:49 - 2013-09-29 01:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\David\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-29 01:46 - 2013-09-29 01:46 - 00006177 _____ C:\Users\David\Desktop\JRT.txt 2013-09-29 01:45 - 2013-09-29 01:45 - 02347384 _____ (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe 2013-09-29 01:43 - 2013-09-29 01:43 - 00000000 ____D C:\Windows\ERUNT 2013-09-29 01:38 - 2012-11-10 22:23 - 00000000 ___RD C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-29 01:37 - 2013-09-29 01:37 - 01030305 _____ (Thisisu) C:\Users\David\Downloads\JRT.exe 2013-09-29 01:36 - 2013-09-29 01:36 - 01042066 _____ C:\Users\David\Downloads\adwcleaner.exe 2013-09-29 01:27 - 2013-09-29 01:27 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David\Downloads\SpyHunter-Installer.exe 2013-09-28 17:39 - 2013-09-22 22:11 - 00163328 ___SH C:\Users\David\Desktop\Thumbs.db 2013-09-28 16:08 - 2012-12-21 23:33 - 00000000 ____D C:\ProgramData\ashampoo 2013-09-28 16:07 - 2013-09-28 14:12 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\Documents\Free YouTube Download Manager 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Users\David\AppData\Local\Freetec 2013-09-28 14:13 - 2013-09-28 14:13 - 00000000 ____D C:\Program Files (x86)\Browser Guard 2013-09-28 14:09 - 2013-08-17 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-26 18:31 - 2012-12-31 02:10 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-26 08:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-09-25 19:24 - 2012-07-26 12:27 - 00752930 _____ C:\Windows\system32\perfh007.dat 2013-09-25 19:24 - 2012-07-26 12:27 - 00156156 _____ C:\Windows\system32\perfc007.dat 2013-09-25 19:24 - 2012-07-26 09:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-25 00:07 - 2013-09-24 23:53 - 64079267 _____ C:\Users\David\Downloads\Misa.zip 2013-09-24 19:19 - 2013-09-24 19:11 - 00000000 ____D C:\Users\David\AppData\Roaming\RavensburgerTipToi 2013-09-24 19:14 - 2013-09-24 19:10 - 00001043 _____ C:\Users\David\Desktop\tiptoi.lnk 2013-09-24 19:14 - 2013-09-24 19:10 - 00000000 ____D C:\ProgramData\RavensburgerTipToi 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2013-09-24 19:10 - 2013-09-24 19:10 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi 2013-09-24 19:10 - 2012-07-26 09:21 - 00043732 _____ C:\Windows\setupact.log 2013-09-23 00:14 - 2013-09-22 23:59 - 114903903 _____ C:\Users\David\Downloads\Sphax PureBDcraft 512x MC16.zip 2013-09-23 00:07 - 2013-09-22 23:58 - 64079267 _____ C:\Users\David\Downloads\Misa HD Texturepack.zip 2013-09-23 00:02 - 2013-09-23 00:00 - 09090781 _____ C:\Users\David\Downloads\John Smith Texturepack.zip 2013-09-22 15:37 - 2013-09-22 15:34 - 32858970 _____ C:\Users\David\Downloads\HerrSommer Texturepack.zip 2013-09-22 15:34 - 2013-09-22 15:31 - 35803644 _____ C:\Users\David\Downloads\HerrSommer Medieval Texturepack.zip 2013-09-22 15:12 - 2013-09-22 15:09 - 32738533 _____ C:\Users\David\Downloads\HerrSommer Dye Texturepack(1).zip 2013-09-22 15:02 - 2013-09-22 15:02 - 00000000 ____D C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213 2013-09-22 14:40 - 2013-09-22 14:40 - 02161521 _____ C:\Users\David\Downloads\mcpatcher-4.2.2.exe 2013-09-22 13:50 - 2013-09-22 13:50 - 00399355 _____ C:\Users\David\Downloads\Minimap Mod 1.6.4.zip 2013-09-22 13:49 - 2013-09-22 13:49 - 00421387 _____ C:\Users\David\Downloads\OptiFine 1.6.4 Preview.jar 2013-09-22 13:45 - 2013-09-22 13:45 - 02124435 _____ C:\Users\David\Downloads\Forge 1.6.4.jar 2013-09-22 12:37 - 2013-09-22 12:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-09-22 12:37 - 2012-10-16 12:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-09-22 12:36 - 2013-09-22 12:36 - 00002104 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2013-09-21 10:57 - 2013-09-21 10:43 - 89940403 _____ C:\Users\David\Downloads\LB Photo Realism x256 10.0.0-converted-1374012707213.zip 2013-09-21 10:44 - 2013-09-21 10:44 - 00000769 _____ C:\Users\David\Desktop\Minecraft.exe - Verknüpfung.lnk 2013-09-21 10:42 - 2013-09-21 10:42 - 02318238 _____ C:\Users\David\Downloads\[1.6.2]MiniDoku TSC High.zip 2013-09-21 10:29 - 2013-09-21 10:28 - 00421387 _____ C:\Users\David\Downloads\OptiFine_1.6.4_HD_U_C4.jar 2013-09-21 10:28 - 2013-09-21 10:28 - 00255632 _____ C:\Users\David\Downloads\[1.6.2]ReiMinimap_v3.4_01.zip 2013-09-20 23:28 - 2013-09-20 23:28 - 00675988 _____ C:\Users\David\Downloads\Minecraft.exe 2013-09-20 07:16 - 2012-11-13 02:02 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps 2013-09-19 01:26 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-19 01:26 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-15 22:02 - 2013-09-15 21:59 - 00000742 _____ C:\Users\Public\Desktop\Outlast.lnk 2013-09-15 22:02 - 2013-05-12 11:43 - 00000000 ____D C:\ProgramData\Steam 2013-09-15 22:02 - 2012-12-09 02:18 - 00000000 ____D C:\Users\David\Documents\My Games 2013-09-15 18:00 - 2012-11-18 18:43 - 00000000 ____D C:\Users\David\Desktop\Hockeyprogramme 2013-09-15 17:59 - 2013-09-15 17:58 - 02256048 _____ C:\Users\David\Downloads\PW(1).zip 2013-09-15 17:48 - 2013-09-15 17:48 - 00000714 _____ C:\Users\Public\Desktop\FIFA Manager 13.lnk 2013-09-15 17:46 - 2013-09-15 17:46 - 00000000 ____D C:\Users\David\Documents\FIFA MANAGER 13 2013-09-15 17:46 - 2012-11-16 18:41 - 00000000 ____D C:\Users\David\Documents\FUSSBALL MANAGER 13 2013-09-15 17:40 - 2012-11-11 03:03 - 00182162 _____ C:\Windows\DirectX.log 2013-09-15 17:29 - 2013-09-15 17:29 - 00000000 ____D C:\ProgramData\PDF Architect 2013-09-15 17:26 - 2012-10-16 08:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-15 17:04 - 2013-09-15 17:03 - 02256056 _____ C:\Users\David\Downloads\PW.zip 2013-09-12 23:06 - 2013-09-12 23:06 - 00309248 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-12 10:58 - 2013-09-22 12:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-09-12 10:58 - 2013-09-22 12:34 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2013-09-12 10:58 - 2013-09-22 12:34 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2013-09-12 10:58 - 2012-10-16 12:46 - 00022814 _____ C:\Windows\system32\nvinfo.pb 2013-09-12 10:58 - 2012-07-25 22:22 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-09-12 09:25 - 2012-10-16 12:46 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-09-12 09:25 - 2012-10-16 12:46 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-09-12 09:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2013-09-12 08:28 - 2012-11-21 19:08 - 00000000 ____D C:\ProgramData\CanonIJPLM 2013-09-12 08:10 - 2012-11-20 22:09 - 00000000 ____D C:\Users\David\AppData\Roaming\TS3Client 2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore 2013-09-12 08:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-09-12 08:03 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe 2013-09-12 01:17 - 2013-09-12 01:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2013-09-12 00:06 - 2012-10-16 12:46 - 03361114 _____ C:\Windows\system32\nvcoproc.bin 2013-09-11 19:47 - 2013-08-14 08:05 - 00000000 ____D C:\Windows\system32\MRT 2013-09-11 19:46 - 2012-12-12 07:50 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-10 20:58 - 2013-09-10 11:10 - 00000000 ____D C:\Users\David\Desktop\ESW 2013-09-03 21:08 - 2012-11-12 20:52 - 00000000 ____D C:\Users\David\Documents\Euro Truck Simulator 2 Some content of TEMP: ==================== C:\Users\David\AppData\Local\Temp\$avantbrowser$.update.exe C:\Users\David\AppData\Local\Temp\apptorun.exe C:\Users\David\AppData\Local\Temp\COMAP.EXE C:\Users\David\AppData\Local\Temp\DivXSetup.exe C:\Users\David\AppData\Local\Temp\DTLite4471-0333.exe C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\David\AppData\Local\Temp\Gw2.exe C:\Users\David\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\David\AppData\Local\Temp\LEGOLOTR.exe C:\Users\David\AppData\Local\Temp\MSETUP4.EXE C:\Users\David\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\David\AppData\Local\Temp\nvSCPAPI.dll C:\Users\David\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\David\AppData\Local\Temp\nvStereoApiI.dll C:\Users\David\AppData\Local\Temp\nvStInit.dll C:\Users\David\AppData\Local\Temp\nvStInit64.dll C:\Users\David\AppData\Local\Temp\nvStInst.exe C:\Users\David\AppData\Local\Temp\oi_{1847C19F-3FB8-483C-A7AD-CA92D7E9E5BB}.exe C:\Users\David\AppData\Local\Temp\PanelPlusNotify.exe C:\Users\David\AppData\Local\Temp\Quarantine.exe C:\Users\David\AppData\Local\Temp\Uninstaller-2636.exe C:\Users\David\AppData\Local\Temp\Uninstaller-5564.exe C:\Users\David\AppData\Local\Temp\Uninstaller-7012.exe C:\Users\David\AppData\Local\Temp\xmlUpdater.exe C:\Users\David\AppData\Local\Temp\_inst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-29 11:30 ==================== End Of Log ============================ |
30.09.2013, 18:29 | #8 |
/// TB-Ausbilder | "Monstermarketplace" - Trojaner Welche Probleme bestehen jetzt konkret noch?
__________________ cheers, Leo |
30.09.2013, 18:42 | #9 |
| "Monstermarketplace" - Trojaner also habe jetzt zudem noch diese besagt firefox addon gelöscht und nun sind die Probleme erstmal weg. Wie gesagt habe das selbe ja gestern auch getan und heute war es wieder da. Werde mal sehen ob ich morgen wieder diese Probleme habe und melde mich dann. |
01.10.2013, 15:02 | #10 |
/// TB-Ausbilder | "Monstermarketplace" - Trojaner Alles klar.
__________________ cheers, Leo |
13.10.2013, 12:40 | #11 |
/// TB-Ausbilder | "Monstermarketplace" - Trojaner Fehlende Rückmeldung Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten. Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
Themen zu "Monstermarketplace" - Trojaner |
beschädigung, black, browser, converter, cpu, defender, desktop, euro, farbar, farbar recovery scan tool, fehler, firefox, flash player, frage, help, homepage, installation, launch, nicht möglich, photoshop, programm, registry, richtlinie, scan, security, services.exe, software, sprotection, svchost.exe, temp, trojaner, windows, windows xp, windowsapps |