FRST:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by Markus (administrator) on MARKUS-PC on 05-10-2013 12:05:57
Running from C:\Users\Markus\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
(Nalpeiron Ltd.) C:\Windows\system32\NLSSRV32.EXE
() C:\Windows\system32\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Dell) C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Valve Corporation) E:\Program Files\Steam\Steam.exe
(Dropbox, Inc.) C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Electronic Arts) C:\Program Files\Origin\Origin.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1681408 2009-09-21] (VIA)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM\...\Run: [SMB50StarMoneyRunEntry] - C:\Program Files\StarMoney Business 5.0\app\oflagent.exe [56976 2013-08-15] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1164584 2010-09-16] ()
HKLM\...\Run: [VDownloader] - C:\Program Files\VDownloader\VDownloader.exe [879104 2013-03-27] (Vitzo)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.)
HKLM\...\Run: [Redirector] - C:\Program Files\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-07-17] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [SMB60StarMoneyRunEntry] - C:\Program Files\StarMoney Business 6.0\app\oflagent.exe [48272 2013-08-26] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [Steam] - E:\Program Files\Steam\Steam.exe [1814440 2013-09-21] (Valve Corporation)
Startup: C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Markus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x970B5C39ABBECE01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 29 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\b81ztxbt.prom_unprotect
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @Citrix.com/npican - C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @esn.me/esnsonar,version=0.70.4 - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin: @esn/esnlaunch,version=2.3.0 - C:\Program Files\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @nitropdf.com/NitroPDF - C:\Program Files\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @torrentstream.net/tsplugin,version=2.0.8.6 - C:\Users\Markus\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Users\Markus\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
FF Extension: TS Magic Player - C:\Users\Markus\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (TS Magic Player) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg\1.1.29_0
CHR Extension: (Gmail) - C:\Users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [jlnfdbbladgcmhhamgkioifhbobjaoof] - C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx
========================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-08-09] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-09-24] (APN LLC.)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [49152 2013-06-09] ()
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
S3 MailList Controller; c:\program files\arclab\maillist controller\amlcSVC.exe [3028688 2013-03-16] (Arclab Software GbR)
R2 NitroDriverReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [196616 2013-04-30] (Nitro PDF Software)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-09-11] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 SONICWALL_NetExtender; C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe [335504 2013-01-05] (Dell)
S2 StarMoney Business 5.0 OnlineUpdate; C:\Program Files\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney Business 6.0 OnlineUpdate; C:\Program Files\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-06-13] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-08-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-07-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 cleanhlp; C:\EEK\Run\cleanhlp32.sys [50200 2013-10-03] (Emsisoft GmbH)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [21664 2013-03-14] (REALiX(tm))
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R3 NxDrv; C:\Windows\System32\DRIVERS\NxDrv.sys [22600 2013-01-05] (SonicWALL Inc.)
R3 P1110VID; C:\Windows\System32\DRIVERS\P1110Vid.sys [68608 2006-04-06] (Creative Technology Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1086976 2009-09-17] (VIA Technologies, Inc.)
S3 catchme; \??\C:\Users\Markus\AppData\Local\Temp\catchme.sys [x]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-05 12:05 - 2013-10-05 12:05 - 01087213 _____ (Farbar) C:\Users\Markus\Downloads\FRST.exe
2013-10-05 12:05 - 2013-10-05 12:05 - 00000000 ____D C:\FRST
2013-10-05 09:58 - 2013-10-05 09:58 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-10-05 09:40 - 2013-10-05 09:40 - 00000000 ____D C:\Program Files\ESET
2013-10-05 09:40 - 2013-10-05 09:39 - 02347384 _____ (ESET) C:\Users\Markus\Downloads\esetsmartinstaller_enu.exe
2013-10-05 09:34 - 2013-10-05 09:52 - 00000000 ____D C:\AdwCleaner
2013-10-05 09:33 - 2013-10-05 09:33 - 01045226 _____ C:\Users\Markus\Downloads\adwcleaner.exe
2013-10-04 19:48 - 2013-10-04 19:48 - 03820328 _____ C:\Users\Markus\Downloads\battlelog-web-plugins_2.3.0_119.exe
2013-10-04 14:15 - 2013-10-04 19:23 - 00000000 ____D C:\Users\Markus\AppData\Roaming\FileZilla
2013-10-04 14:15 - 2013-10-04 14:15 - 00000000 ____D C:\Users\Markus\Downloads\FileZilla_3.7.3_win32
2013-10-04 14:14 - 2013-10-04 14:15 - 07241860 _____ C:\Users\Markus\Downloads\FileZilla_3.7.3_win32.zip
2013-10-03 14:40 - 2013-10-03 14:40 - 00002096 _____ C:\Users\Public\Desktop\StarMoney Business 6.0.lnk
2013-10-03 14:38 - 2013-10-04 14:49 - 00000000 ____D C:\Program Files\StarMoney Business 6.0
2013-10-03 14:34 - 2013-10-03 14:34 - 00000000 ____D C:\Users\Markus\profil - Kopie
2013-10-03 14:04 - 2013-10-03 14:20 - 00000000 ____D C:\ProgramData\HitmanPro
2013-10-03 14:03 - 2013-10-03 14:04 - 12247350 _____ C:\Users\Markus\Downloads\HitmanPro_3.7.7.205.zip
2013-10-03 13:55 - 2013-10-03 13:55 - 02828552 _____ (AVAST Software) C:\Users\Markus\Downloads\avast-browser-cleanup_8.0.1484.29.exe
2013-10-03 13:38 - 2013-10-03 13:38 - 00000000 ____D C:\Users\Markus\Downloads\backups
2013-10-03 13:36 - 2013-10-03 13:36 - 00010837 _____ C:\Users\Markus\Documents\hijackthis.log
2013-10-03 13:35 - 2013-10-03 13:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Markus\Downloads\HijackThis.exe
2013-10-03 13:35 - 2013-10-03 13:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Markus\Downloads\HijackThis (1).exe
2013-10-03 13:06 - 2013-10-03 13:06 - 00000000 ____D C:\Windows\Sun
2013-10-03 12:19 - 2013-10-03 12:19 - 00000583 _____ C:\Users\Markus\Desktop\Emsisoft Emergency Kit.lnk
2013-10-03 12:19 - 2013-10-03 12:19 - 00000000 ____D C:\EEK
2013-10-03 12:12 - 2013-10-03 12:18 - 197750352 _____ C:\Users\Markus\Downloads\EmsisoftEmergencyKit.exe
2013-10-03 12:00 - 2013-10-03 12:00 - 00004149 _____ C:\Users\Markus\Desktop\JRT.txt
2013-10-03 11:58 - 2013-10-03 11:58 - 00000000 ____D C:\Windows\ERUNT
2013-10-03 11:57 - 2013-10-03 11:57 - 01030305 _____ (Thisisu) C:\Users\Markus\Downloads\JRT.exe
2013-10-03 11:55 - 2013-10-03 11:55 - 00025775 _____ C:\ComboFix.txt
2013-10-03 11:41 - 2013-10-03 11:55 - 00000000 ____D C:\Qoobox
2013-10-03 11:41 - 2013-10-03 11:48 - 00000000 ____D C:\Windows\erdnt
2013-10-03 11:41 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-03 11:41 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-03 11:41 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-03 11:41 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-03 11:41 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-03 11:41 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-03 11:41 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-03 11:41 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-03 11:40 - 2013-10-03 11:40 - 05132885 ____R (Swearware) C:\Users\Markus\Downloads\ComboFix.exe
2013-10-03 10:13 - 2013-10-03 11:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-03 10:13 - 2013-10-03 10:14 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-03 10:13 - 2009-01-25 13:14 - 00015224 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2013-10-03 10:10 - 2013-10-03 10:11 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Markus\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-02 21:08 - 2013-10-02 21:08 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Malwarebytes
2013-10-02 21:08 - 2013-10-02 21:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-02 21:08 - 2013-10-02 21:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-02 21:08 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-02 21:07 - 2013-10-02 21:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Markus\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-01 23:27 - 2013-10-05 09:55 - 00000000 ___RD C:\Users\Markus\Dropbox
2013-10-01 23:25 - 2013-10-05 09:55 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Dropbox
2013-10-01 23:25 - 2013-10-01 23:25 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-01 23:22 - 2013-10-01 23:23 - 35282952 _____ (Dropbox, Inc.) C:\Users\Markus\Downloads\Dropbox 2.4.0.exe
2013-10-01 23:20 - 2013-10-01 23:20 - 00000000 ____D C:\Users\Markus\AppData\Local\AskPartnerNetwork
2013-10-01 21:53 - 2013-10-01 21:53 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Avira
2013-10-01 21:53 - 2013-10-01 21:52 - 00066144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-01 21:52 - 2013-10-01 21:52 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-10-01 21:52 - 2013-10-01 21:52 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-10-01 21:47 - 2013-10-01 21:47 - 00000000 ____D C:\ProgramData\Avira
2013-10-01 21:47 - 2013-10-01 21:47 - 00000000 ____D C:\Program Files\Avira
2013-10-01 21:47 - 2013-08-22 17:39 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-01 21:47 - 2013-07-29 17:37 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-01 21:47 - 2013-03-06 16:13 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-01 21:47 - 2012-08-27 15:50 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-10-01 21:41 - 2013-10-01 21:44 - 115068344 _____ C:\Users\Markus\Downloads\avira_free_antivirus_de.exe
2013-10-01 21:33 - 2013-10-01 21:34 - 00000000 ____D C:\Users\Markus\Documents\Any Video Converter
2013-10-01 21:33 - 2013-10-01 21:33 - 00000000 ____D C:\Users\Markus\Documents\Any Video Converter Professional
2013-10-01 21:33 - 2013-10-01 21:33 - 00000000 ____D C:\Users\Markus\AppData\Roaming\AnvSoft
2013-10-01 21:32 - 2013-10-01 21:32 - 00000000 ____D C:\Program Files\AnvSoft
2013-10-01 21:31 - 2013-10-01 21:32 - 35631456 _____ (Any-Video-Converter.com ) C:\Users\Markus\Downloads\avc-free.exe
2013-10-01 21:16 - 2013-10-01 21:16 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-10-01 21:16 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\Windows\system32\avisynth.dll
2013-10-01 21:16 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\system32\AVSredirect.dll
2013-10-01 21:16 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\Windows\system32\devil.dll
2013-10-01 21:16 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\system32\yv12vfw.dll
2013-10-01 21:16 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\Windows\system32\i420vfw.dll
2013-10-01 21:12 - 2013-10-01 21:12 - 00000000 ____D C:\Users\Markus\Documents\eRightSoft
2013-10-01 21:12 - 2013-10-01 21:12 - 00000000 ____D C:\Program Files\eRightSoft
2013-10-01 21:12 - 2012-10-05 19:54 - 00188416 __RSH C:\Windows\system32\winDCE32.dll
2013-10-01 21:12 - 2011-06-14 20:05 - 00121344 __RSH C:\Windows\system32\TAKDSDecoder.ax
2013-10-01 21:12 - 2011-02-11 11:26 - 00112128 __RSH C:\Windows\system32\OptimFROG.dll
2013-10-01 21:12 - 2010-01-07 00:00 - 00107520 __RSH C:\Windows\system32\TAKDSDecoder.dll
2013-10-01 21:12 - 2009-03-17 10:38 - 00070656 __RSH C:\Windows\system32\RLAPEDec.ax
2013-10-01 21:12 - 2009-01-18 17:15 - 00120832 __RSH C:\Windows\system32\MPCDx.ax
2013-10-01 21:12 - 2009-01-18 12:03 - 00107520 __RSH C:\Windows\system32\RLMPCDec.ax
2013-10-01 21:12 - 2008-03-16 14:30 - 00216064 __RSH (MONOGRAM Multimedia, s.r.o.) C:\Windows\system32\nbDX.dll
2013-10-01 21:12 - 2007-02-21 12:47 - 00031232 __RSH (Hans Mayerl) C:\Windows\system32\msfDX.dll
2013-10-01 21:12 - 2006-09-12 12:46 - 00227328 __RSH () C:\Windows\system32\ac3DX.ax
2013-10-01 21:12 - 2006-08-16 15:53 - 00175104 __RSH () C:\Windows\system32\CoreAAC.ax
2013-10-01 21:12 - 2006-05-03 11:06 - 00163328 __RSH (Gabest) C:\Windows\system32\flvDX.dll
2013-10-01 21:12 - 2006-03-10 21:21 - 00195584 __RSH C:\Windows\system32\MatroskaDX.ax
2013-10-01 21:12 - 2006-01-13 00:23 - 00123904 __RSH (CoreCodec) C:\Windows\system32\AVCDX.ax
2013-10-01 21:12 - 2005-11-25 21:46 - 00161792 __RSH (Gabest) C:\Windows\system32\RealMediaDX.ax
2013-10-01 21:12 - 2005-02-22 17:55 - 00081920 __RSH C:\Windows\system32\aac_parser.ax
2013-10-01 21:12 - 2005-02-13 00:00 - 00186880 __RSH (RadLight) C:\Windows\system32\RLOgg.ax
2013-10-01 21:12 - 2005-02-13 00:00 - 00067584 __RSH (RadLight, LLC) C:\Windows\system32\RLTheoraDec.ax
2013-10-01 21:12 - 2005-02-13 00:00 - 00051712 __RSH C:\Windows\system32\RLSpeexDec.ax
2013-10-01 21:12 - 2005-02-06 00:00 - 00092672 __RSH (RadLight) C:\Windows\system32\RLVorbisDec.ax
2013-10-01 21:12 - 2005-01-18 00:26 - 00179200 __RSH (Gabest) C:\Windows\system32\DiracSplitter.ax
2013-10-01 21:12 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\system32\pncrt.dll
2013-10-01 21:12 - 2004-09-17 04:07 - 00090112 __RSH (-) C:\Windows\system32\TTADSSplitter.ax
2013-10-01 21:12 - 2004-08-22 11:56 - 00090112 __RSH (-) C:\Windows\system32\TTADSDecoder.ax
2013-10-01 21:12 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\system32\drvc.dll
2013-10-01 21:12 - 2004-04-27 17:03 - 00017408 __RSH (RadLight) C:\Windows\system32\RLOFRDec.ax
2013-10-01 21:12 - 2003-12-07 08:59 - 00097280 __RSH C:\Windows\system32\FLACDX.ax
2013-10-01 21:05 - 2013-10-01 21:09 - 54864650 _____ (eRightSoft ) C:\Users\Markus\Downloads\SUPERsetup.exe
2013-10-01 09:01 - 2013-10-01 21:13 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-25 20:34 - 2013-09-25 20:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-09-24 20:11 - 2013-09-24 20:12 - 00538800 _____ C:\Windows\EPSTPLOG.BAK
2013-09-24 20:11 - 2013-09-24 20:11 - 05778944 _____ C:\Users\Markus\Downloads\epson20369eu.exe
2013-09-24 20:11 - 2013-09-24 20:11 - 00000000 ____D C:\EPSON
2013-09-24 20:11 - 2004-05-21 05:04 - 00079622 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_FLM9BE.DLL
2013-09-24 20:11 - 2003-07-16 13:14 - 00031744 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_DCINST.DLL
2013-09-24 20:11 - 2003-05-21 02:27 - 00064000 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_FBCB9BE.DLL
2013-09-24 20:11 - 2000-06-07 01:01 - 00034304 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_FBCH9BE.DLL
2013-09-24 18:44 - 2013-10-02 21:35 - 00000000 ____D C:\Program Files\Overwolf
2013-09-24 18:43 - 2013-09-29 18:47 - 00000000 ____D C:\Users\Markus\AppData\Local\Overwolf
2013-09-24 18:43 - 2013-09-28 10:49 - 00000000 ____D C:\Users\Markus\AppData\Roaming\TS3Client
2013-09-24 18:43 - 2013-09-24 18:43 - 00001157 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-09-24 18:43 - 2013-09-24 18:43 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-09-24 18:39 - 2013-09-24 18:40 - 30010384 _____ (TeamSpeak Systems GmbH) C:\Users\Markus\Downloads\TeamSpeak3-Client-win32-3.0.12.exe
2013-09-21 06:25 - 2013-09-21 06:25 - 00000000 ____D C:\Users\Markus\Desktop\SCHOLPP
2013-09-16 20:54 - 2013-09-16 20:54 - 04380949 _____ C:\Users\Markus\Desktop\DIGI-WebApp-release_v1.6.0.3874.Android.apk
2013-09-16 20:54 - 2013-09-16 20:54 - 00569738 _____ C:\Users\Markus\Desktop\DIGIServiceApp.apk
2013-09-15 15:01 - 2013-09-15 15:01 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-14 22:49 - 2013-09-14 22:49 - 00001355 _____ C:\Users\Markus\Desktop\Eigene Bilder - Verknüpfung.lnk
2013-09-12 03:02 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 03:02 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 03:02 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 03:02 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 03:02 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 03:02 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 03:02 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 22:04 - 2013-09-11 22:09 - 00000000 ____D C:\Users\Markus\Documents\FIFA 14 Demo
2013-09-11 22:04 - 2013-09-11 22:04 - 00000000 __SHD C:\ProgramData\DSS
2013-09-11 12:58 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 12:58 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 12:58 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 12:58 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 12:58 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 12:58 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 12:58 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 12:58 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 12:58 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 22:41 - 2013-09-10 22:41 - 00000000 ____D C:\Users\Markus\AppData\Local\Criterion Games
2013-09-09 20:41 - 2013-10-05 10:07 - 00280904 _____ C:\Windows\system32\PnkBstrB.xtr
2013-09-09 20:41 - 2013-09-09 20:41 - 00000000 ____D C:\Users\Markus\AppData\Local\PunkBuster
2013-09-09 20:39 - 2013-09-09 20:39 - 00000000 ____D C:\Users\Markus\AppData\Roaming\ATI
2013-09-09 20:39 - 2013-09-09 20:39 - 00000000 ____D C:\Users\Markus\AppData\Local\ATI
2013-09-09 20:39 - 2013-09-09 20:39 - 00000000 ____D C:\Users\Markus\AppData\Local\AMD
2013-09-09 20:39 - 2013-09-09 20:39 - 00000000 ____D C:\ProgramData\ATI
2013-09-09 20:38 - 2013-09-09 20:38 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-09-09 20:37 - 2013-09-09 20:37 - 00000000 ____D C:\Program Files\AMD AVT
2013-09-09 20:36 - 2013-09-09 20:37 - 00000000 ____D C:\ProgramData\AMD
2013-09-09 20:36 - 2013-09-09 20:37 - 00000000 ____D C:\Program Files\ATI Technologies
2013-09-09 20:36 - 2013-09-09 20:36 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-09-09 20:36 - 2013-09-09 20:36 - 00000000 ____D C:\Program Files\ATI
2013-09-09 20:35 - 2013-09-09 20:35 - 00000000 ____D C:\AMD
2013-09-09 20:32 - 2013-09-09 20:35 - 94204656 _____ (Advanced Micro Devices, Inc.) C:\Users\Markus\Downloads\13-4_win7_win8_32_dd_ccc_whql.exe
2013-09-08 11:54 - 2013-10-05 09:10 - 00000000 ____D C:\Program Files\Battlelog Web Plugins
2013-09-08 11:54 - 2013-09-09 20:42 - 00000000 ____D C:\Users\Markus\Documents\Battlefield 3
2013-09-08 11:54 - 2013-09-08 11:54 - 00000000 ____D C:\Users\Markus\AppData\Local\ESN
2013-09-08 11:52 - 2013-09-08 11:52 - 03820480 _____ C:\Users\Markus\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-09-08 11:50 - 2013-09-08 11:50 - 00000000 ____D C:\ProgramData\EA Core
2013-09-07 23:36 - 2013-10-05 10:07 - 00140072 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-09-07 23:36 - 2013-09-07 23:36 - 00138056 _____ C:\Users\Markus\AppData\Roaming\PnkBstrK.sys
2013-09-07 23:35 - 2013-10-05 10:07 - 00280904 _____ C:\Windows\system32\PnkBstrB.exe
2013-09-07 23:35 - 2013-10-04 19:49 - 00280904 _____ C:\Windows\system32\PnkBstrB.ex0
2013-09-07 23:35 - 2013-09-11 23:18 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-09-07 14:18 - 2013-09-07 14:18 - 00000000 ____D C:\Program Files\Origin Games
2013-09-07 14:13 - 2013-09-08 11:50 - 00000000 ____D C:\Users\Markus\AppData\Local\Origin
2013-09-07 14:13 - 2013-09-07 14:18 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Origin
2013-09-07 14:10 - 2013-10-05 10:06 - 00000000 ____D C:\Program Files\Origin
2013-09-07 14:10 - 2013-09-11 22:04 - 00000000 ____D C:\ProgramData\Origin
2013-09-07 14:10 - 2013-09-08 11:50 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-09-07 14:09 - 2013-09-07 14:09 - 16949160 _____ (Electronic Arts, Inc.) C:\Users\Markus\Downloads\OriginThinSetup.exe
2013-09-07 13:43 - 2013-09-07 13:57 - 00000000 ____D C:\Users\Markus\Downloads\GetFoldersizePortable24
2013-09-07 13:43 - 2013-09-07 13:43 - 02630028 _____ C:\Users\Markus\Downloads\GetFoldersizePortable24.zip
2013-09-06 22:22 - 2013-09-06 22:23 - 15380480 _____ C:\Users\Markus\Downloads\2013-08-14-rel.tar
2013-09-06 22:22 - 2013-09-06 22:22 - 04751360 _____ C:\Users\Markus\Downloads\2013-07-18-rel.tar
==================== One Month Modified Files and Folders =======
2013-10-05 12:05 - 2013-10-05 12:05 - 01087213 _____ (Farbar) C:\Users\Markus\Downloads\FRST.exe
2013-10-05 12:05 - 2013-10-05 12:05 - 00000000 ____D C:\FRST
2013-10-05 12:02 - 2009-07-14 06:39 - 00422207 _____ C:\Windows\setupact.log
2013-10-05 11:56 - 2013-03-18 20:23 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Skype
2013-10-05 11:50 - 2013-03-13 21:59 - 01067398 _____ C:\Windows\WindowsUpdate.log
2013-10-05 10:07 - 2013-09-09 20:41 - 00280904 _____ C:\Windows\system32\PnkBstrB.xtr
2013-10-05 10:07 - 2013-09-07 23:36 - 00140072 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-10-05 10:07 - 2013-09-07 23:35 - 00280904 _____ C:\Windows\system32\PnkBstrB.exe
2013-10-05 10:06 - 2013-09-07 14:10 - 00000000 ____D C:\Program Files\Origin
2013-10-05 10:01 - 2009-07-14 06:34 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-05 10:01 - 2009-07-14 06:34 - 00022000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-05 10:00 - 2010-11-20 23:01 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-05 09:58 - 2013-10-05 09:58 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-10-05 09:55 - 2013-10-01 23:27 - 00000000 ___RD C:\Users\Markus\Dropbox
2013-10-05 09:55 - 2013-10-01 23:25 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Dropbox
2013-10-05 09:52 - 2013-10-05 09:34 - 00000000 ____D C:\AdwCleaner
2013-10-05 09:40 - 2013-10-05 09:40 - 00000000 ____D C:\Program Files\ESET
2013-10-05 09:39 - 2013-10-05 09:40 - 02347384 _____ (ESET) C:\Users\Markus\Downloads\esetsmartinstaller_enu.exe
2013-10-05 09:33 - 2013-10-05 09:33 - 01045226 _____ C:\Users\Markus\Downloads\adwcleaner.exe
2013-10-05 09:10 - 2013-09-08 11:54 - 00000000 ____D C:\Program Files\Battlelog Web Plugins
2013-10-05 09:10 - 2010-11-20 23:48 - 00128176 _____ C:\Windows\PFRO.log
2013-10-05 09:10 - 2009-07-14 06:33 - 00325168 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-04 20:46 - 2013-03-18 21:19 - 00000000 ____D C:\Users\Markus\AppData\Roaming\vlc
2013-10-04 19:49 - 2013-09-07 23:35 - 00280904 _____ C:\Windows\system32\PnkBstrB.ex0
2013-10-04 19:48 - 2013-10-04 19:48 - 03820328 _____ C:\Users\Markus\Downloads\battlelog-web-plugins_2.3.0_119.exe
2013-10-04 19:23 - 2013-10-04 14:15 - 00000000 ____D C:\Users\Markus\AppData\Roaming\FileZilla
2013-10-04 14:49 - 2013-10-03 14:38 - 00000000 ____D C:\Program Files\StarMoney Business 6.0
2013-10-04 14:15 - 2013-10-04 14:15 - 00000000 ____D C:\Users\Markus\Downloads\FileZilla_3.7.3_win32
2013-10-04 14:15 - 2013-10-04 14:14 - 07241860 _____ C:\Users\Markus\Downloads\FileZilla_3.7.3_win32.zip
2013-10-04 12:07 - 2013-03-13 22:12 - 00002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-04 07:23 - 2013-03-16 17:20 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Thunderbird
2013-10-03 15:00 - 2013-03-13 22:09 - 00071128 _____ C:\Users\Markus\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-03 14:55 - 2013-03-17 14:35 - 00000000 ____D C:\Sicherung_MGS
2013-10-03 14:40 - 2013-10-03 14:40 - 00002096 _____ C:\Users\Public\Desktop\StarMoney Business 6.0.lnk
2013-10-03 14:40 - 2013-08-14 21:43 - 00000000 ____D C:\ProgramData\StarMoney Business 6.0
2013-10-03 14:39 - 2009-07-14 04:04 - 00017486 _____ C:\Windows\system32\Drivers\etc\services
2013-10-03 14:38 - 2013-03-14 08:53 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-03 14:34 - 2013-10-03 14:34 - 00000000 ____D C:\Users\Markus\profil - Kopie
2013-10-03 14:34 - 2013-03-13 21:59 - 00000000 ____D C:\Users\Markus
2013-10-03 14:21 - 2013-03-17 13:42 - 00002020 ____H C:\Users\Markus\Documents\Default.rdp
2013-10-03 14:20 - 2013-10-03 14:04 - 00000000 ____D C:\ProgramData\HitmanPro
2013-10-03 14:04 - 2013-10-03 14:03 - 12247350 _____ C:\Users\Markus\Downloads\HitmanPro_3.7.7.205.zip
2013-10-03 13:55 - 2013-10-03 13:55 - 02828552 _____ (AVAST Software) C:\Users\Markus\Downloads\avast-browser-cleanup_8.0.1484.29.exe
2013-10-03 13:38 - 2013-10-03 13:38 - 00000000 ____D C:\Users\Markus\Downloads\backups
2013-10-03 13:36 - 2013-10-03 13:36 - 00010837 _____ C:\Users\Markus\Documents\hijackthis.log
2013-10-03 13:35 - 2013-10-03 13:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Markus\Downloads\HijackThis.exe
2013-10-03 13:35 - 2013-10-03 13:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Markus\Downloads\HijackThis (1).exe
2013-10-03 13:06 - 2013-10-03 13:06 - 00000000 ____D C:\Windows\Sun
2013-10-03 12:19 - 2013-10-03 12:19 - 00000583 _____ C:\Users\Markus\Desktop\Emsisoft Emergency Kit.lnk
2013-10-03 12:19 - 2013-10-03 12:19 - 00000000 ____D C:\EEK
2013-10-03 12:18 - 2013-10-03 12:12 - 197750352 _____ C:\Users\Markus\Downloads\EmsisoftEmergencyKit.exe
2013-10-03 12:00 - 2013-10-03 12:00 - 00004149 _____ C:\Users\Markus\Desktop\JRT.txt
2013-10-03 11:58 - 2013-10-03 11:58 - 00000000 ____D C:\Windows\ERUNT
2013-10-03 11:57 - 2013-10-03 11:57 - 01030305 _____ (Thisisu) C:\Users\Markus\Downloads\JRT.exe
2013-10-03 11:55 - 2013-10-03 11:55 - 00025775 _____ C:\ComboFix.txt
2013-10-03 11:55 - 2013-10-03 11:41 - 00000000 ____D C:\Qoobox
2013-10-03 11:55 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-10-03 11:55 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-10-03 11:48 - 2013-10-03 11:41 - 00000000 ____D C:\Windows\erdnt
2013-10-03 11:47 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-10-03 11:40 - 2013-10-03 11:40 - 05132885 ____R (Swearware) C:\Users\Markus\Downloads\ComboFix.exe
2013-10-03 11:36 - 2013-05-20 07:57 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-10-03 11:24 - 2013-03-13 22:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-03 11:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\security
2013-10-03 11:20 - 2013-10-03 10:13 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-03 10:55 - 2013-03-14 08:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-03 10:33 - 2013-03-13 22:09 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-03 10:33 - 2013-03-13 22:09 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-03 10:14 - 2013-10-03 10:13 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-10-03 10:11 - 2013-10-03 10:10 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\Markus\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-02 21:35 - 2013-09-24 18:44 - 00000000 ____D C:\Program Files\Overwolf
2013-10-02 21:08 - 2013-10-02 21:08 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Malwarebytes
2013-10-02 21:08 - 2013-10-02 21:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-02 21:08 - 2013-10-02 21:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-02 21:07 - 2013-10-02 21:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Markus\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-01 23:25 - 2013-10-01 23:25 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-10-01 23:23 - 2013-10-01 23:22 - 35282952 _____ (Dropbox, Inc.) C:\Users\Markus\Downloads\Dropbox 2.4.0.exe
2013-10-01 23:20 - 2013-10-01 23:20 - 00000000 ____D C:\Users\Markus\AppData\Local\AskPartnerNetwork
2013-10-01 21:53 - 2013-10-01 21:53 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Avira
2013-10-01 21:52 - 2013-10-01 21:53 - 00066144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-01 21:52 - 2013-10-01 21:52 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-10-01 21:52 - 2013-10-01 21:52 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-10-01 21:47 - 2013-10-01 21:47 - 00000000 ____D C:\ProgramData\Avira
2013-10-01 21:47 - 2013-10-01 21:47 - 00000000 ____D C:\Program Files\Avira
2013-10-01 21:44 - 2013-10-01 21:41 - 115068344 _____ C:\Users\Markus\Downloads\avira_free_antivirus_de.exe
2013-10-01 21:34 - 2013-10-01 21:33 - 00000000 ____D C:\Users\Markus\Documents\Any Video Converter
2013-10-01 21:33 - 2013-10-01 21:33 - 00000000 ____D C:\Users\Markus\Documents\Any Video Converter Professional
2013-10-01 21:33 - 2013-10-01 21:33 - 00000000 ____D C:\Users\Markus\AppData\Roaming\AnvSoft
2013-10-01 21:32 - 2013-10-01 21:32 - 00000000 ____D C:\Program Files\AnvSoft
2013-10-01 21:32 - 2013-10-01 21:31 - 35631456 _____ (Any-Video-Converter.com ) C:\Users\Markus\Downloads\avc-free.exe
2013-10-01 21:16 - 2013-10-01 21:16 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-10-01 21:13 - 2013-10-01 09:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-01 21:13 - 2013-03-13 22:14 - 00000000 ____D C:\Users\Markus\AppData\Local\Mozilla
2013-10-01 21:12 - 2013-10-01 21:12 - 00000000 ____D C:\Users\Markus\Documents\eRightSoft
2013-10-01 21:12 - 2013-10-01 21:12 - 00000000 ____D C:\Program Files\eRightSoft
2013-10-01 21:12 - 2013-05-05 12:33 - 00001290 _____ C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2013-10-01 21:12 - 2013-03-13 22:14 - 00001277 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-01 21:12 - 2013-03-13 22:00 - 00001581 _____ C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-01 21:09 - 2013-10-01 21:05 - 54864650 _____ (eRightSoft ) C:\Users\Markus\Downloads\SUPERsetup.exe
2013-10-01 21:05 - 2013-05-08 21:08 - 00006144 _____ C:\Users\Markus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-01 21:05 - 2013-05-08 21:04 - 00000000 ____D C:\Users\Markus\AppData\Local\ColdCut
2013-10-01 21:01 - 2013-05-08 21:08 - 00000000 ____D C:\Users\Markus\AppData\Roaming\DivX
2013-10-01 20:17 - 2013-05-13 22:47 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Nitro PDF
2013-09-30 17:52 - 2013-04-13 15:34 - 00000000 ____D C:\Users\Markus\AppData\Local\FRITZ!
2013-09-29 18:47 - 2013-09-24 18:43 - 00000000 ____D C:\Users\Markus\AppData\Local\Overwolf
2013-09-29 18:40 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-28 10:49 - 2013-09-24 18:43 - 00000000 ____D C:\Users\Markus\AppData\Roaming\TS3Client
2013-09-25 20:34 - 2013-09-25 20:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-09-24 20:36 - 2013-06-09 12:50 - 00000000 ____D C:\Users\Markus\AppData\Local\ArmA 2 OA
2013-09-24 20:13 - 2013-03-17 17:20 - 00000000 ____D C:\Program Files\epson
2013-09-24 20:12 - 2013-09-24 20:11 - 00538800 _____ C:\Windows\EPSTPLOG.BAK
2013-09-24 20:11 - 2013-09-24 20:11 - 05778944 _____ C:\Users\Markus\Downloads\epson20369eu.exe
2013-09-24 20:11 - 2013-09-24 20:11 - 00000000 ____D C:\EPSON
2013-09-24 19:59 - 2013-03-16 18:03 - 00000000 ____D C:\Users\Markus\AppData\Local\FreePDF_XP
2013-09-24 18:43 - 2013-09-24 18:43 - 00001157 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-09-24 18:43 - 2013-09-24 18:43 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-09-24 18:40 - 2013-09-24 18:39 - 30010384 _____ (TeamSpeak Systems GmbH) C:\Users\Markus\Downloads\TeamSpeak3-Client-win32-3.0.12.exe
2013-09-23 17:24 - 2013-03-17 17:06 - 00000000 ____D C:\Program Files\StarMoney Business 5.0
2013-09-22 19:52 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-09-22 13:36 - 2013-03-17 13:41 - 00000000 ____D C:\Users\Markus\AppData\Roaming\VMware
2013-09-21 06:25 - 2013-09-21 06:25 - 00000000 ____D C:\Users\Markus\Desktop\SCHOLPP
2013-09-19 21:55 - 2013-03-14 08:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-19 21:55 - 2013-03-14 08:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-16 20:54 - 2013-09-16 20:54 - 04380949 _____ C:\Users\Markus\Desktop\DIGI-WebApp-release_v1.6.0.3874.Android.apk
2013-09-16 20:54 - 2013-09-16 20:54 - 00569738 _____ C:\Users\Markus\Desktop\DIGIServiceApp.apk
2013-09-16 18:20 - 2013-05-06 13:32 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-15 15:01 - 2013-09-15 15:01 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-14 22:49 - 2013-09-14 22:49 - 00001355 _____ C:\Users\Markus\Desktop\Eigene Bilder - Verknüpfung.lnk
2013-09-12 03:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-12 03:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-12 03:18 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-12 03:01 - 2013-08-14 03:04 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 03:00 - 2013-03-13 22:30 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 23:18 - 2013-09-07 23:35 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-09-11 22:09 - 2013-09-11 22:04 - 00000000 ____D C:\Users\Markus\Documents\FIFA 14 Demo
2013-09-11 22:04 - 2013-09-11 22:04 - 00000000 __SHD C:\ProgramData\DSS
2013-09-11 22:04 - 2013-09-07 14:10 - 00000000 ____D C:\ProgramData\Origin
2013-09-10 23:59 - 2013-03-13 21:59 - 00000000 ____D C:\Users\Markus\AppData\Local\VirtualStore
2013-09-10 23:03 - 2013-08-10 17:23 - 00000000 ____D C:\Program Files\WarThunder
2013-09-10 22:41 - 2013-09-10 22:41 - 00000000 ____D C:\Users\Markus\AppData\Local\Criterion Games
2013-09-09 23:55 - 2013-05-20 08:07 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-09 20:42 - 2013-09-08 11:54 - 00000000 ____D C:\Users\Markus\Documents\Battlefield 3
2013-09-09 20:41 - 2013-09-09 20:41 - 00000000 ____D C:\Users\Markus\AppData\Local\PunkBuster
2013-09-09 20:39 - 2013-09-09 20:39 - 00000000 ____D C:\Users\Markus\AppData\Roaming\ATI
2013-09-09 20:39 - 2013-09-09 20:39 - 00000000 ____D C:\Users\Markus\AppData\Local\ATI
2013-09-09 20:39 - 2013-09-09 20:39 - 00000000 ____D C:\Users\Markus\AppData\Local\AMD
2013-09-09 20:39 - 2013-09-09 20:39 - 00000000 ____D C:\ProgramData\ATI
2013-09-09 20:38 - 2013-09-09 20:38 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-09-09 20:37 - 2013-09-09 20:37 - 00000000 ____D C:\Program Files\AMD AVT
2013-09-09 20:37 - 2013-09-09 20:36 - 00000000 ____D C:\ProgramData\AMD
2013-09-09 20:37 - 2013-09-09 20:36 - 00000000 ____D C:\Program Files\ATI Technologies
2013-09-09 20:36 - 2013-09-09 20:36 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-09-09 20:36 - 2013-09-09 20:36 - 00000000 ____D C:\Program Files\ATI
2013-09-09 20:35 - 2013-09-09 20:35 - 00000000 ____D C:\AMD
2013-09-09 20:35 - 2013-09-09 20:32 - 94204656 _____ (Advanced Micro Devices, Inc.) C:\Users\Markus\Downloads\13-4_win7_win8_32_dd_ccc_whql.exe
2013-09-09 20:26 - 2013-04-14 03:00 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-08 17:31 - 2013-03-18 20:23 - 00000000 ___RD C:\Program Files\Skype
2013-09-08 17:31 - 2013-03-18 20:23 - 00000000 ____D C:\ProgramData\Skype
2013-09-08 11:54 - 2013-09-08 11:54 - 00000000 ____D C:\Users\Markus\AppData\Local\ESN
2013-09-08 11:52 - 2013-09-08 11:52 - 03820480 _____ C:\Users\Markus\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-09-08 11:50 - 2013-09-08 11:50 - 00000000 ____D C:\ProgramData\EA Core
2013-09-08 11:50 - 2013-09-07 14:13 - 00000000 ____D C:\Users\Markus\AppData\Local\Origin
2013-09-08 11:50 - 2013-09-07 14:10 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-09-07 23:36 - 2013-09-07 23:36 - 00138056 _____ C:\Users\Markus\AppData\Roaming\PnkBstrK.sys
2013-09-07 23:35 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-09-07 14:18 - 2013-09-07 14:18 - 00000000 ____D C:\Program Files\Origin Games
2013-09-07 14:18 - 2013-09-07 14:13 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Origin
2013-09-07 14:09 - 2013-09-07 14:09 - 16949160 _____ (Electronic Arts, Inc.) C:\Users\Markus\Downloads\OriginThinSetup.exe
2013-09-07 13:57 - 2013-09-07 13:43 - 00000000 ____D C:\Users\Markus\Downloads\GetFoldersizePortable24
2013-09-07 13:43 - 2013-09-07 13:43 - 02630028 _____ C:\Users\Markus\Downloads\GetFoldersizePortable24.zip
2013-09-06 22:23 - 2013-09-06 22:22 - 15380480 _____ C:\Users\Markus\Downloads\2013-08-14-rel.tar
2013-09-06 22:22 - 2013-09-06 22:22 - 04751360 _____ C:\Users\Markus\Downloads\2013-07-18-rel.tar
Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\catchme.dll
C:\Users\Markus\AppData\Local\Temp\Quarantine.exe
C:\Users\Markus\AppData\Local\Temp\sonarinst.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-01 00:35
==================== End Of Log ============================
--- --- ---
--- --- ---
[/CODE]
Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013
Ran by Markus at 2013-10-05 12:06:40
Running from C:\Users\Markus\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
7-Zip 9.20
Adobe AIR (Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (Version: 11.0.04)
Alt.Binz 0.39.4 (Version: 0.39.4)
Amazon MP3-Downloader 1.0.17 (Version: 1.0.17)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0328.2218.38225)
AMD Media Foundation Decoders (Version: 1.0.80328.2203)
AMD VISION Engine Control Center (Version: 2013.0328.2218.38225)
AMD Wireless Display v3.0 (Version: 1.0.0.10)
Any Video Converter 5.0.9
Arma 2: DayZ Mod
Arma 2: Operation Arrowhead Beta
Avira Free Antivirus (Version: 13.0.0.4052)
Avira SearchFree Toolbar (Version: 12.5.1.1249)
Battlefield 3™ (Version: 1.6.0.0)
Battlelog Web Plugins (Version: 2.3.0)
BattlEye for OA Uninstall
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41)
Burnout Paradise: The Ultimate Box
Call of Juarez Gunslinger Demo
Call of Juarez SP Demo (Version: 0.9.0.0de)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225)
CCC Help Czech (Version: 2013.0328.2217.38225)
CCC Help Danish (Version: 2013.0328.2217.38225)
CCC Help Dutch (Version: 2013.0328.2217.38225)
CCC Help English (Version: 2013.0328.2217.38225)
CCC Help Finnish (Version: 2013.0328.2217.38225)
CCC Help French (Version: 2013.0328.2217.38225)
CCC Help German (Version: 2013.0328.2217.38225)
CCC Help Greek (Version: 2013.0328.2217.38225)
CCC Help Hungarian (Version: 2013.0328.2217.38225)
CCC Help Italian (Version: 2013.0328.2217.38225)
CCC Help Japanese (Version: 2013.0328.2217.38225)
CCC Help Korean (Version: 2013.0328.2217.38225)
CCC Help Norwegian (Version: 2013.0328.2217.38225)
CCC Help Polish (Version: 2013.0328.2217.38225)
CCC Help Portuguese (Version: 2013.0328.2217.38225)
CCC Help Russian (Version: 2013.0328.2217.38225)
CCC Help Spanish (Version: 2013.0328.2217.38225)
CCC Help Swedish (Version: 2013.0328.2217.38225)
CCC Help Thai (Version: 2013.0328.2217.38225)
CCC Help Turkish (Version: 2013.0328.2217.38225)
ccc-utility (Version: 2013.0328.2218.38225)
Citrix Authentication Manager (Version: 5.0.0.60597)
Citrix Receiver (DV) (Version: 14.0.0.91)
Citrix Receiver (HDX Flash-Umleitung) (Version: 14.0.0.91)
Citrix Receiver (USB) (Version: 14.0.0.91)
Citrix Receiver (Version: 14.0.0.91)
Citrix Receiver Inside (Version: 3.4.0.45902)
Citrix Receiver Updater (Version: 4.0.0.45893)
Citrix Receiver(Aero) (Version: 14.0.0.91)
ColdCut (Version: ColdCut)
Counter-Strike: Source
Creative WebCam NX Driver (2.00.04.0000)
Crysis 2 Maximum Edition
Crysis(R) SP Demo (Version: 1.00.0000)
Crystal Reports (für DATAC24) (Version: 1.0.0)
DATAC24
DATAC24 Lohn
DayZ Commander (Version: 0.92.79)
Dell SonicWALL NetExtender (Version: 6.0.191)
DivX-Setup (Version: 2.1.0.12)
Dropbox (HKCU Version: 2.4.0)
EPSON Scan
EPSON-Drucker-Software
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
ffdshow [rev 2946] [2009-05-15] (Version: 1.0)
FIFA 14 Demo (Version: 1.0.0.0)
FreePDF (Remove only)
Google Chrome (Version: 30.0.1599.69)
GPL Ghostscript (Version: 9.04)
HWiNFO32 Version 4.14 (Version: 4.14)
Image Resizer for Windows (Version: 3.0.4802.35565)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
LemurLeap 1.0.0 (Version: 1.0.0)
LibreOffice 4.0.1.2 (Version: 4.0.1.2)
MailList Controller 9.3 (Version: 9.3)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package - SE
Microsoft Visual J# 2.0 Redistributable Package - SE (Version: 2.0.50728)
MozBackup 1.5.1
Mozilla Firefox 24.0 (x86 de) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
Mozilla Thunderbird 17.0.8 (x86 de) (Version: 17.0.8)
MyFreeCodec
MyPhoneExplorer (Version: 1.8.4)
NetSpeedMonitor 2.5.4.0 x86 (Version: 2.5.4.0)
Nitro Pro 8 (Version: 8.5.3.14)
NVIDIA Drivers (Version: 1.3)
Online Plug-in (Version: 14.0.0.91)
Origin (Version: 9.3.2.2730)
Platform (Version: 1.34)
Play withSIX (Version: 1.30.0464)
PunkBuster Services (Version: 0.991)
QuickPar 0.9 (Version: 0.9)
RedMon - Redirection Port Monitor
Samsung Kies (Version: 2.5.2.13021_10)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
Self-Service Plug-in (Version: 4.0.0.40674)
simfy (Version: 1.7.3)
Skype™ 6.6 (Version: 6.6.106)
Spybot - Search & Destroy (Version: 2.1.21)
StarMoney (Version: 3.0.5.8)
StarMoney (Version: 4.0.0.203)
StarMoney Business 5.0 (Version: 5.0)
StarMoney Business 6.0 (Version: 6.0)
Steam (Version: 1.0.0.0)
Streamripper (Remove only)
SUPER © v2013.build.57+Recorder (2013/07/13) Version v2013.buil (Version: v2013.build.57+Recorder)
System Requirements Lab CYRI (Version: 5.0.6.0)
TeamSpeak 3 Client (Version: 3.0.12)
TeamViewer 8 (Version: 8.0.20935)
TmNationsForever
Torrent Stream 2.0.8.6 (HKCU Version: 2.0.8.6)
UltraVnc (Version: 1.1.9.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VDownloader 3.9.1421
velioKalkulation 2.0 (Version: 2.0)
VIA Plattform-Geräte-Manager (Version: 1.34)
VLC media player 2.0.5 (Version: 2.0.5)
VMware vSphere Client 4.1 (Version: 4.1.0.14766)
War Thunder Launcher 1.0.1.267
Winamp (Version: 5.63 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
WinPcap 4.1.1 (Version: 4.1.0.1753)
==================== Restore Points =========================
28-09-2013 08:29:28 Windows Update
28-09-2013 08:50:15 Windows Update
02-10-2013 19:30:34 Removed Overwolf
03-10-2013 12:32:09 Installiert StarMoney
03-10-2013 12:35:55 Installiert StarMoney
03-10-2013 12:37:05 Entfernt StarMoney Business
03-10-2013 12:38:15 Installiert StarMoney
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {4707CB97-C3DE-42D1-A753-8E97B424DE82} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {49B2C9EC-A0AB-4BC3-9F9B-3257C9DF9D38} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {579BDCBD-7F6B-4E1D-83C5-5CDFB2D1B74F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-13] (Google Inc.)
Task: {67C7260C-FEAE-45C3-8840-71BDAF332853} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {6E79172D-D0DA-49D4-982E-3B061E79937F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)
Task: {AA4A0EED-E616-472B-858B-127259A49780} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-13] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-03-14 08:53 - 2009-05-07 17:50 - 00073728 ____R () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2013-03-14 08:53 - 2009-05-07 17:53 - 00106496 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2013-03-14 08:53 - 2008-02-14 14:57 - 00094208 ____R () C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
2013-03-14 08:53 - 2009-09-02 10:28 - 47628288 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll
2010-09-16 22:04 - 2010-09-16 22:04 - 00095528 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-10-03 10:13 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-10-03 10:13 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-08-14 03:06 - 2013-08-14 03:06 - 01899520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\8ec0b32a67ca5f50f882aae977d457e8\Kies.UI.ni.dll
2013-08-14 03:06 - 2013-08-14 03:06 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\c0fbbc04960625be85b6275ebeb00cb2\Kies.MVVM.ni.dll
2013-08-14 03:06 - 2013-08-14 03:06 - 00187904 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2cb652c9e0d3ece998b8622920a463d3\Kies.Common.DeviceServiceLib.Interface.ni.dll
2013-08-14 03:07 - 2013-08-14 03:07 - 00355840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\7b953dc8d282eea7970e0cfc8e7e0558\DevicePhoto.ni.dll
2013-08-14 03:07 - 2013-08-14 03:07 - 00300544 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\286b46faa1855275bca4f842ea34a1d0\DeviceVideo.ni.dll
2013-08-14 03:07 - 2013-08-14 03:07 - 00614912 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\26c5d15b87f00c5bab0aca691476c0f4\DevicePodcast.ni.dll
2013-08-14 03:07 - 2013-08-14 03:07 - 00307200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\aab2f72c4ff4d4516918d856a101b7c6\DummyStorePlugin.ni.dll
2013-08-14 03:07 - 2013-08-14 03:07 - 17554944 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\3adf7b0ea0d7f23db2f5024776a42166\Kies.Theme.ni.dll
2013-08-14 03:06 - 2013-08-14 03:06 - 00580096 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c7a9c09c67520882efc2ca7e785b114e\Kies.Common.DeviceServiceLib.FileService.ni.dll
2013-07-11 03:11 - 2013-07-11 03:11 - 00045568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\b2b18bdc2d90d3aab43a09b1a188150a\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
2013-08-14 03:06 - 2013-08-14 03:06 - 00995328 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\de62307780e85e1b8ddfa7086bd4387c\DeviceCommonLib.ni.dll
2013-08-14 03:07 - 2013-08-14 03:07 - 00232960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\c5efe841e2998c266e0f5e29bed04b55\ASF_cSharpAPI.ni.dll
2013-04-23 18:30 - 2013-08-22 00:18 - 00687104 _____ () E:\Program Files\Steam\SDL2.dll
2013-05-03 15:35 - 2013-09-21 20:35 - 01121192 _____ () E:\Program Files\Steam\bin\chromehtml.DLL
2013-03-26 16:16 - 2013-09-11 00:20 - 20625832 _____ () E:\Program Files\Steam\bin\libcef.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 01100800 _____ () E:\Program Files\Steam\bin\avcodec-53.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00124416 _____ () E:\Program Files\Steam\bin\avutil-51.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00192000 _____ () E:\Program Files\Steam\bin\avformat-53.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Markus\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-28 22:29 - 2013-03-28 22:29 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-09-07 14:13 - 2013-10-04 19:44 - 00062976 _____ () C:\Program Files\Origin\tufao.dll
2013-10-01 09:01 - 2013-10-01 09:01 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-09-10 20:55 - 2013-09-10 20:55 - 16177544 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
2013-08-07 20:13 - 2013-08-07 20:13 - 02244504 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2013-08-07 20:13 - 2013-08-07 20:13 - 00158104 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2013-08-07 20:13 - 2013-08-07 20:13 - 00022424 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/05/2013 09:54:21 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/05/2013 09:10:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 02:36:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 4.0.0.203, Zeitstempel: 0x4cab8cfa
Name des fehlerhaften Moduls: Cdo32.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4c91e5aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x256c51d3
ID des fehlerhaften Prozesses: 0x1450
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_unknown0
Pfad der fehlerhaften Anwendung: setup.exe_unknown1
Pfad des fehlerhaften Moduls: setup.exe_unknown2
Berichtskennung: setup.exe_unknown3
Error: (10/03/2013 02:32:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 4.0.0.203, Zeitstempel: 0x4cab8cfa
Name des fehlerhaften Moduls: Cdo32.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4c91e5aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x256c51d3
ID des fehlerhaften Prozesses: 0xfd8
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_unknown0
Pfad der fehlerhaften Anwendung: setup.exe_unknown1
Pfad des fehlerhaften Moduls: setup.exe_unknown2
Berichtskennung: setup.exe_unknown3
System errors:
=============
Error: (10/05/2013 09:54:16 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst StarMoney Business 5.0 OnlineUpdate erreicht.
Error: (10/05/2013 09:10:17 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst StarMoney Business 5.0 OnlineUpdate erreicht.
Error: (10/04/2013 06:11:15 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk3\DR3.
Error: (10/04/2013 06:11:12 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk3\DR3.
Error: (10/04/2013 04:04:40 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (10/05/2013 09:54:21 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/05/2013 09:10:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/03/2013 02:36:27 PM) (Source: Application Error)(User: )
Description: setup.exe_unknown4.0.0.2034cab8cfaCdo32.dll_unloaded0.0.0.04c91e5aac0000005256c51d3145001cec035223c457eC:\Users\Markus\AppData\Local\Temp\SMFBF4D230C3.TMP\setup.exeCdo32.dll6ba340b3-2c28-11e3-b98c-534e57000000
Error: (10/03/2013 02:32:46 PM) (Source: Application Error)(User: )
Description: setup.exe_unknown4.0.0.2034cab8cfaCdo32.dll_unloaded0.0.0.04c91e5aac0000005256c51d3fd801cec0349cec2459C:\Users\Markus\AppData\Local\Temp\SMFBF4D22F69.TMP\setup.exeCdo32.dlle7cd2a6b-2c27-11e3-b98c-534e57000000
==================== Memory info ===========================
Percentage of memory in use: 75%
Total physical RAM: 2047.3 MB
Available physical RAM: 502.58 MB
Total Pagefile: 4094.61 MB
Available Pagefile: 1367.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1889.75 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:29.42 GB) NTFS
Drive e: (WinXP) (Fixed) (Total:465.76 GB) (Free:64.93 GB) NTFS
Drive f: (1TB) (Fixed) (Total:931.51 GB) (Free:0.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (2 TB (USB)) (Fixed) (Total:1863.01 GB) (Free:408.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: CC7DCC7D)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 730EE826)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: B51B48E2)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0003990F)
Partition 1: (Not Active) - (Size=-198627557376) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
