| |
| |||||||
Log-Analyse und Auswertung: Malwarebytes findet Trojaner (PUP) - einfach nur löschen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.10.2013, 08:25
| #16 |
| /// the machine /// TB-Ausbilder    |  Malwarebytes findet Trojaner (PUP) - einfach nur löschen? Du hast auf die Werbung anstatt auf den Download geklickt. Nochmal AdwCleaner und JRT laufen lassen, poste dann ein frisches FRST log, ich schau schnell drüber.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.10.2013, 09:07
| #17 |
 | Malwarebytes findet Trojaner (PUP) - einfach nur löschen? Sorry, dumm von mir :-(
__________________Nachstehend nochmals die beiden logfiles: Code:
ATTFilter # AdwCleaner v3.007 - Bericht erstellt am 11/10/2013 um 09:59:06
# Updated 09/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kaddel - KADDEL-PC
# Gestartet von : C:\Users\Kaddel\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BonanzaDealsLive
Ordner Gelöscht : C:\Users\Kaddel\AppData\Local\BonanzaDealsLive
Ordner Gelöscht : C:\Users\Kaddel\AppData\Roaming\digitalsite
Datei Gelöscht : C:\Windows\Tasks\digitalsite.job
Datei Gelöscht : C:\Windows\System32\Tasks\digitalsite
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\5f55dcdbbc69eb15
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKLM\Software\DataMngr
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16514
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
-\\ Google Chrome v30.0.1599.69
[ Datei : C:\Users\Kaddel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [9935 octets] - [04/10/2013 20:32:02]
AdwCleaner[R1].txt - [2867 octets] - [11/10/2013 09:57:30]
AdwCleaner[S0].txt - [7033 octets] - [04/10/2013 20:36:41]
AdwCleaner[S1].txt - [2360 octets] - [11/10/2013 09:59:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2420 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Kaddel on 11.10.2013 at 10:08:48,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4285702986-986555575-2198151309-1001\Software\SweetIM
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.10.2013 at 10:16:08,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Geändert von AnWe (11.10.2013 um 09:17 Uhr) |
|
11.10.2013, 12:04
| #18 |
| /// the machine /// TB-Ausbilder | Malwarebytes findet Trojaner (PUP) - einfach nur löschen? Dann jetzt en frisches FRST log bitte.
__________________
__________________ |
|
11.10.2013, 18:53
| #19 |
| | Malwarebytes findet Trojaner (PUP) - einfach nur löschen? Hier ein frisches FRST log: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Kaddel (administrator) on KADDEL-PC on 11-10-2013 19:49:18
Running from C:\Users\Kaddel\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Spotify Ltd) C:\Users\Kaddel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Kaddel\Downloads\FRST64 (2).exe
==================== Registry (Whitelisted) ==================
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Kaddel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-08] (Spotify Ltd)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
AppInit_DLLs: [0 ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE29A524B2659CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Extension: (Chrome In-App Payments service) - C:\Users\Kaddel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-05-25] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-05-30] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-11 19:48 - 2013-10-11 19:48 - 01954124 _____ (Farbar) C:\Users\Kaddel\Downloads\FRST64 (2).exe
2013-10-11 15:45 - 2013-10-11 15:45 - 100474618 _____ C:\Windows\SysWOW64\ꁴ᭔
2013-10-11 11:56 - 2013-10-11 11:56 - 03272136 _____ (Secunia) C:\Users\Kaddel\Downloads\PSISetup711 (2).exe
2013-10-11 10:16 - 2013-10-11 10:16 - 00000920 _____ C:\Users\Kaddel\Desktop\JRT.txt
2013-10-11 10:08 - 2013-10-11 10:08 - 01032220 _____ (Thisisu) C:\Users\Kaddel\Downloads\JRT (2).exe
2013-10-11 09:58 - 2013-10-11 09:58 - 00002867 _____ C:\Users\Kaddel\Desktop\AdwCleaner[R1].txt
2013-10-11 09:56 - 2013-10-11 09:57 - 01048960 _____ C:\Users\Kaddel\Downloads\adwcleaner.exe
2013-10-10 18:11 - 2013-10-10 18:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300 (4).exe
2013-10-10 18:11 - 2013-10-10 18:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300 (3).exe
2013-10-10 18:10 - 2013-10-10 18:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300 (2).exe
2013-10-10 18:10 - 2013-10-10 18:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-10-10 17:13 - 2013-10-10 18:13 - 00000000 ____D C:\Users\Kaddel\Desktop\Sicherheit
2013-10-10 16:51 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 16:51 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 16:51 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 16:51 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 16:51 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 16:51 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-10 16:51 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 16:48 - 2013-10-10 16:48 - 00000000 ____D C:\Users\Kaddel\AppData\Local\Secunia PSI
2013-10-10 16:47 - 2013-10-10 16:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 16:45 - 2013-10-10 16:45 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-10-10 16:44 - 2013-10-10 16:44 - 03272136 _____ (Secunia) C:\Users\Kaddel\Downloads\PSISetup711.exe
2013-10-10 16:44 - 2013-10-10 16:44 - 03272136 _____ (Secunia) C:\Users\Kaddel\Downloads\PSISetup711 (1).exe
2013-10-10 09:06 - 2013-10-10 09:06 - 00000000 ____D C:\ProgramData\Oracle
2013-10-10 09:05 - 2013-10-10 09:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-10 09:05 - 2013-10-10 09:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-10 09:05 - 2013-10-10 09:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-10 09:05 - 2013-10-10 09:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-10 09:05 - 2013-10-10 09:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-10 09:03 - 2013-10-10 09:03 - 00913832 _____ (Oracle Corporation) C:\Users\Kaddel\Downloads\chromeinstall-7u40.exe
2013-10-10 03:13 - 2013-09-22 17:43 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 03:13 - 2013-09-22 17:01 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 03:13 - 2013-09-22 16:42 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 03:13 - 2013-09-22 16:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 03:13 - 2013-09-22 16:33 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-10 03:13 - 2013-09-22 16:33 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 03:13 - 2013-09-22 16:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-10 03:13 - 2013-09-22 16:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 03:13 - 2013-09-22 16:23 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-10 03:13 - 2013-09-22 16:22 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 03:13 - 2013-09-22 16:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-10 03:13 - 2013-09-22 16:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 03:13 - 2013-09-22 16:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 03:13 - 2013-09-22 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-10 03:13 - 2013-09-22 16:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 03:13 - 2013-09-22 16:07 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 03:13 - 2013-09-22 12:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 03:13 - 2013-09-22 12:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 03:13 - 2013-09-22 12:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 03:13 - 2013-09-22 12:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-10-10 03:13 - 2013-09-22 12:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 03:13 - 2013-09-22 12:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 03:13 - 2013-09-22 12:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-10 03:13 - 2013-09-22 12:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 03:13 - 2013-09-22 12:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-10-10 03:13 - 2013-09-22 12:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 03:13 - 2013-09-22 12:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-10 03:13 - 2013-09-22 12:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 03:13 - 2013-09-22 12:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 03:13 - 2013-09-22 12:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 03:13 - 2013-09-22 12:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-10 03:13 - 2013-09-22 11:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 01:04 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 01:04 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 01:04 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 01:04 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 01:04 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 01:03 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 01:03 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 01:03 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 01:03 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 01:03 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 01:03 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 01:03 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 01:03 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 01:03 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 01:03 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 01:03 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 01:02 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 01:02 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 01:02 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 01:02 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 01:02 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 01:02 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 01:02 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 01:02 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 01:02 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 01:02 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 01:02 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 01:02 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 01:02 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 01:02 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 01:02 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 01:02 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 01:02 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 01:02 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 01:02 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 01:02 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 01:02 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 01:02 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 01:02 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 01:02 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 01:02 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 01:02 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 01:02 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 01:02 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 01:01 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 01:01 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 00:55 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 00:39 - 2013-10-10 18:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-10 00:39 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-08 00:36 - 2013-10-08 00:37 - 38505984 _____ (Microsoft Corporation) C:\Users\Kaddel\Downloads\IE9-Setup-Full_win764.exe
2013-10-07 12:57 - 2013-10-07 12:57 - 00001419 _____ C:\Users\Kaddel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-07 11:53 - 2013-10-07 11:54 - 36965680 _____ (Microsoft Corporation) C:\Users\Kaddel\Downloads\IE9-Windows7-x64-deu.exe
2013-10-06 23:17 - 2013-10-06 23:17 - 00891167 _____ C:\Users\Kaddel\Downloads\SecurityCheck (1).exe
2013-10-06 23:14 - 2013-10-06 23:15 - 00891167 _____ C:\Users\Kaddel\Downloads\SecurityCheck.exe
2013-10-06 21:40 - 2013-10-06 21:40 - 02347384 _____ (ESET) C:\Users\Kaddel\Downloads\esetsmartinstaller_enu (1).exe
2013-10-06 09:14 - 2013-10-06 09:14 - 02347384 _____ (ESET) C:\Users\Kaddel\Downloads\esetsmartinstaller_enu.exe
2013-10-04 21:24 - 2013-10-04 21:24 - 01954124 _____ (Farbar) C:\Users\Kaddel\Downloads\FRST64 (1).exe
2013-10-04 20:43 - 2013-10-04 20:44 - 01030305 _____ (Thisisu) C:\Users\Kaddel\Downloads\JRT (1).exe
2013-10-04 20:43 - 2013-10-04 20:43 - 01030305 _____ (Thisisu) C:\Users\Kaddel\Downloads\JRT.exe
2013-10-04 20:31 - 2013-10-11 09:59 - 00000000 ____D C:\AdwCleaner
2013-10-04 20:31 - 2013-10-04 20:31 - 01045226 _____ C:\Users\Kaddel\Downloads\adwcleaner (1).exe
2013-10-04 20:15 - 2013-10-04 20:16 - 01338744 _____ (Uniblue Systems Ltd ) C:\Users\Kaddel\Downloads\speedupmypc.exe
2013-10-04 20:11 - 2013-10-04 20:11 - 00000000 ____D C:\Users\Kaddel\AppData\Local\avgchrome
2013-10-04 20:04 - 2013-10-04 20:04 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-04 20:04 - 2013-10-04 20:04 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-04 20:03 - 2013-10-04 20:03 - 00000000 ____D C:\Program Files (x86)\Image Converter
2013-10-03 11:03 - 2013-10-03 11:03 - 01954124 _____ (Farbar) C:\Users\Kaddel\Downloads\FRST64.exe
2013-10-03 11:03 - 2013-10-03 11:03 - 00000000 ____D C:\FRST
2013-10-02 21:01 - 2013-10-02 21:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-28 18:06 - 2013-09-28 18:06 - 00001534 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-09-28 18:05 - 2013-09-28 18:06 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-09-28 18:05 - 2013-09-28 18:06 - 00000000 ____D C:\Users\Kaddel\AppData\Roaming\DVDVideoSoft
2013-09-28 18:05 - 2013-09-28 18:06 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-09-27 09:59 - 2013-09-27 15:59 - 98267320 _____ C:\Windows\SysWOW64\绑經᭔„
2013-09-23 15:45 - 2013-09-23 15:45 - 98498750 _____ C:\Windows\SysWOW64\鍱㪄᭔Œ
2013-09-18 20:30 - 2013-09-18 20:30 - 00000000 ____D C:\Users\Kaddel\AppData\Local\roomeon
2013-09-18 20:26 - 2013-09-18 20:26 - 00614816 _____ C:\Users\Kaddel\Downloads\roomeon - CHIP-Downloader.exe
2013-09-18 20:24 - 2013-09-18 20:24 - 408384406 _____ (SBS) C:\Users\Kaddel\Downloads\SBS-3D-Wohnraumplaner-Freeware-Setup.exe
2013-09-18 20:18 - 2013-09-18 20:18 - 00258048 _____ (SBS Schuster Bausoftware) C:\Users\Kaddel\Downloads\web3d28.exe
2013-09-15 09:26 - 2013-09-15 09:27 - 51415040 _____ (Microsoft Corporation) C:\Users\Kaddel\Downloads\IE10-Windows6.1-x64-de-de (1).exe
2013-09-15 09:23 - 2013-09-15 09:24 - 51415040 _____ (Microsoft Corporation) C:\Users\Kaddel\Downloads\IE10-Windows6.1-x64-de-de.exe
2013-09-11 19:43 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 19:43 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 19:43 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 19:43 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 19:43 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 19:43 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 19:43 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 19:43 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 19:43 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 19:43 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 19:43 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 19:43 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
==================== One Month Modified Files and Folders =======
2013-10-11 19:48 - 2013-10-11 19:48 - 01954124 _____ (Farbar) C:\Users\Kaddel\Downloads\FRST64 (2).exe
2013-10-11 19:43 - 2013-05-25 13:49 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-11 19:25 - 2013-05-25 21:40 - 01190653 _____ C:\Windows\WindowsUpdate.log
2013-10-11 19:14 - 2013-05-25 13:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-11 15:45 - 2013-10-11 15:45 - 100474618 _____ C:\Windows\SysWOW64\ꁴ᭔
2013-10-11 11:56 - 2013-10-11 11:56 - 03272136 _____ (Secunia) C:\Users\Kaddel\Downloads\PSISetup711 (2).exe
2013-10-11 10:16 - 2013-10-11 10:16 - 00000920 _____ C:\Users\Kaddel\Desktop\JRT.txt
2013-10-11 10:08 - 2013-10-11 10:08 - 01032220 _____ (Thisisu) C:\Users\Kaddel\Downloads\JRT (2).exe
2013-10-11 10:07 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-11 10:07 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-11 10:03 - 2013-05-25 13:49 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-11 10:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-11 10:00 - 2009-07-14 06:51 - 01126852 _____ C:\Windows\setupact.log
2013-10-11 09:59 - 2013-10-04 20:31 - 00000000 ____D C:\AdwCleaner
2013-10-11 09:58 - 2013-10-11 09:58 - 00002867 _____ C:\Users\Kaddel\Desktop\AdwCleaner[R1].txt
2013-10-11 09:57 - 2013-10-11 09:56 - 01048960 _____ C:\Users\Kaddel\Downloads\adwcleaner.exe
2013-10-10 18:13 - 2013-10-10 17:13 - 00000000 ____D C:\Users\Kaddel\Desktop\Sicherheit
2013-10-10 18:12 - 2013-10-10 00:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-10 18:11 - 2013-10-10 18:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300 (4).exe
2013-10-10 18:11 - 2013-10-10 18:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300 (3).exe
2013-10-10 18:10 - 2013-10-10 18:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300 (2).exe
2013-10-10 18:10 - 2013-10-10 18:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-10-10 17:30 - 2013-05-25 19:14 - 00047362 _____ C:\Windows\PFRO.log
2013-10-10 16:48 - 2013-10-10 16:48 - 00000000 ____D C:\Users\Kaddel\AppData\Local\Secunia PSI
2013-10-10 16:47 - 2013-10-10 16:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 16:45 - 2013-10-10 16:45 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-10-10 16:44 - 2013-10-10 16:44 - 03272136 _____ (Secunia) C:\Users\Kaddel\Downloads\PSISetup711.exe
2013-10-10 16:44 - 2013-10-10 16:44 - 03272136 _____ (Secunia) C:\Users\Kaddel\Downloads\PSISetup711 (1).exe
2013-10-10 09:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-10 09:06 - 2013-10-10 09:06 - 00000000 ____D C:\ProgramData\Oracle
2013-10-10 09:05 - 2013-10-10 09:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-10 09:05 - 2013-10-10 09:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-10 09:05 - 2013-10-10 09:05 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-10 09:05 - 2013-10-10 09:05 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-10 09:05 - 2013-10-10 09:05 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-10 09:05 - 2013-06-24 16:02 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-10 09:05 - 2013-06-24 16:02 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-10 09:03 - 2013-10-10 09:03 - 00913832 _____ (Oracle Corporation) C:\Users\Kaddel\Downloads\chromeinstall-7u40.exe
2013-10-10 03:29 - 2013-05-26 07:18 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-10-10 03:29 - 2013-05-26 07:18 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-10-10 03:29 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 03:21 - 2009-07-14 06:45 - 00312496 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 03:16 - 2013-05-30 23:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 03:07 - 2013-08-16 08:50 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 03:06 - 2013-05-26 15:37 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 22:35 - 2013-05-25 11:46 - 00000000 ____D C:\Users\Kaddel\AppData\Roaming\Spotify
2013-10-09 12:34 - 2013-05-25 13:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 12:34 - 2013-05-25 13:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 12:34 - 2013-05-25 13:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 11:50 - 2013-05-25 11:47 - 00000000 ____D C:\Users\Kaddel\AppData\Local\Spotify
2013-10-08 00:40 - 2013-05-26 15:52 - 00012357 _____ C:\Windows\IE9_main.log
2013-10-08 00:39 - 2013-06-09 09:58 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-10-08 00:37 - 2013-10-08 00:36 - 38505984 _____ (Microsoft Corporation) C:\Users\Kaddel\Downloads\IE9-Setup-Full_win764.exe
2013-10-07 12:57 - 2013-10-07 12:57 - 00001419 _____ C:\Users\Kaddel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-07 12:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-07 11:54 - 2013-10-07 11:53 - 36965680 _____ (Microsoft Corporation) C:\Users\Kaddel\Downloads\IE9-Windows7-x64-deu.exe
2013-10-06 23:17 - 2013-10-06 23:17 - 00891167 _____ C:\Users\Kaddel\Downloads\SecurityCheck (1).exe
2013-10-06 23:15 - 2013-10-06 23:14 - 00891167 _____ C:\Users\Kaddel\Downloads\SecurityCheck.exe
2013-10-06 21:40 - 2013-10-06 21:40 - 02347384 _____ (ESET) C:\Users\Kaddel\Downloads\esetsmartinstaller_enu (1).exe
2013-10-06 09:14 - 2013-10-06 09:14 - 02347384 _____ (ESET) C:\Users\Kaddel\Downloads\esetsmartinstaller_enu.exe
2013-10-04 21:24 - 2013-10-04 21:24 - 01954124 _____ (Farbar) C:\Users\Kaddel\Downloads\FRST64 (1).exe
2013-10-04 20:45 - 2013-06-02 23:06 - 00000000 ____D C:\Windows\ERUNT
2013-10-04 20:44 - 2013-10-04 20:43 - 01030305 _____ (Thisisu) C:\Users\Kaddel\Downloads\JRT (1).exe
2013-10-04 20:43 - 2013-10-04 20:43 - 01030305 _____ (Thisisu) C:\Users\Kaddel\Downloads\JRT.exe
2013-10-04 20:36 - 2013-05-25 13:49 - 00001288 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-04 20:31 - 2013-10-04 20:31 - 01045226 _____ C:\Users\Kaddel\Downloads\adwcleaner (1).exe
2013-10-04 20:16 - 2013-10-04 20:15 - 01338744 _____ (Uniblue Systems Ltd ) C:\Users\Kaddel\Downloads\speedupmypc.exe
2013-10-04 20:11 - 2013-10-04 20:11 - 00000000 ____D C:\Users\Kaddel\AppData\Local\avgchrome
2013-10-04 20:04 - 2013-10-04 20:04 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-04 20:04 - 2013-10-04 20:04 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-04 20:03 - 2013-10-04 20:03 - 00000000 ____D C:\Program Files (x86)\Image Converter
2013-10-03 11:06 - 2013-06-01 21:36 - 00015412 _____ C:\Users\Kaddel\Downloads\Addition.txt
2013-10-03 11:03 - 2013-10-03 11:03 - 01954124 _____ (Farbar) C:\Users\Kaddel\Downloads\FRST64.exe
2013-10-03 11:03 - 2013-10-03 11:03 - 00000000 ____D C:\FRST
2013-10-03 11:03 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-10-02 21:01 - 2013-10-02 21:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Kaddel\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-28 18:06 - 2013-09-28 18:06 - 00001534 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-09-28 18:06 - 2013-09-28 18:05 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-09-28 18:06 - 2013-09-28 18:05 - 00000000 ____D C:\Users\Kaddel\AppData\Roaming\DVDVideoSoft
2013-09-28 18:06 - 2013-09-28 18:05 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-09-27 15:59 - 2013-09-27 09:59 - 98267320 _____ C:\Windows\SysWOW64\绑經᭔„
2013-09-23 15:45 - 2013-09-23 15:45 - 98498750 _____ C:\Windows\SysWOW64\鍱㪄᭔Œ
2013-09-22 17:43 - 2013-10-10 03:13 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-22 17:01 - 2013-10-10 03:13 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-22 16:42 - 2013-10-10 03:13 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-22 16:36 - 2013-10-10 03:13 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-22 16:33 - 2013-10-10 03:13 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-22 16:33 - 2013-10-10 03:13 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-22 16:30 - 2013-10-10 03:13 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-22 16:27 - 2013-10-10 03:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-22 16:23 - 2013-10-10 03:13 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-22 16:22 - 2013-10-10 03:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-22 16:21 - 2013-10-10 03:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-22 16:19 - 2013-10-10 03:13 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-22 16:19 - 2013-10-10 03:13 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-22 16:16 - 2013-10-10 03:13 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-22 16:15 - 2013-10-10 03:13 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-22 16:07 - 2013-10-10 03:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-22 12:29 - 2013-10-10 03:13 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-22 12:22 - 2013-10-10 03:13 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-22 12:22 - 2013-10-10 03:13 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-22 12:14 - 2013-10-10 03:13 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-22 12:13 - 2013-10-10 03:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-22 12:13 - 2013-10-10 03:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-22 12:12 - 2013-10-10 03:13 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-22 12:09 - 2013-10-10 03:13 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-22 12:08 - 2013-10-10 03:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-22 12:07 - 2013-10-10 03:13 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-22 12:06 - 2013-10-10 03:13 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-22 12:05 - 2013-10-10 03:13 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-22 12:03 - 2013-10-10 03:13 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-22 12:03 - 2013-10-10 03:13 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-22 12:03 - 2013-10-10 03:13 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-22 11:59 - 2013-10-10 03:13 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-18 20:30 - 2013-09-18 20:30 - 00000000 ____D C:\Users\Kaddel\AppData\Local\roomeon
2013-09-18 20:26 - 2013-09-18 20:26 - 00614816 _____ C:\Users\Kaddel\Downloads\roomeon - CHIP-Downloader.exe
2013-09-18 20:24 - 2013-09-18 20:24 - 408384406 _____ (SBS) C:\Users\Kaddel\Downloads\SBS-3D-Wohnraumplaner-Freeware-Setup.exe
2013-09-18 20:18 - 2013-09-18 20:18 - 00258048 _____ (SBS Schuster Bausoftware) C:\Users\Kaddel\Downloads\web3d28.exe
2013-09-15 09:27 - 2013-09-15 09:26 - 51415040 _____ (Microsoft Corporation) C:\Users\Kaddel\Downloads\IE10-Windows6.1-x64-de-de (1).exe
2013-09-15 09:25 - 2013-06-09 09:47 - 00018142 _____ C:\Windows\IE10_main.log
2013-09-15 09:24 - 2013-09-15 09:23 - 51415040 _____ (Microsoft Corporation) C:\Users\Kaddel\Downloads\IE10-Windows6.1-x64-de-de.exe
2013-09-14 03:10 - 2013-10-10 01:02 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-09-12 16:00 - 2013-05-25 10:53 - 00000000 ___RD C:\Users\Kaddel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 16:00 - 2013-05-25 10:53 - 00000000 ___RD C:\Users\Kaddel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
Some content of TEMP:
====================
C:\Users\Kaddel\AppData\Local\Temp\Quarantine.exe
C:\Users\Kaddel\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-11 16:01
==================== End Of Log ============================
|
|
12.10.2013, 14:59
| #20 |
| /// the machine /// TB-Ausbilder | Malwarebytes findet Trojaner (PUP) - einfach nur löschen? schaut gut aus. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.10.2013, 17:13
| #21 |
| | Malwarebytes findet Trojaner (PUP) - einfach nur löschen? Nein, keine Probleme mehr. Jetzt nur noch löschen? Gruß AnWe |
|
13.10.2013, 13:51
| #22 |
| /// the machine /// TB-Ausbilder | Malwarebytes findet Trojaner (PUP) - einfach nur löschen? genau 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.10.2013, 13:59
| #23 |
| | Malwarebytes findet Trojaner (PUP) - einfach nur löschen? Hallo schrauber, DANKE für deine Hilfe  Du bist der Beste  Liebe Grüße AnWe |
|
14.10.2013, 07:55
| #24 |
| /// the machine /// TB-Ausbilder | Malwarebytes findet Trojaner (PUP) - einfach nur löschen? Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Malwarebytes findet Trojaner (PUP) - einfach nur löschen? |
| administrator, dateien, entfernen, explorer.exe, infizierte, lsass.exe, löschen, microsoft, namen, pup.optional.bandoo, pup.optional.datamngr.a, pup.optional.opencandy, pup.optional.regcleanerpro, registry, services.exe, svchost.exe, taskhost.exe, temp, tr/matsnu.a., tr/matsnu.a.66, trojaner, versteckter treiber, viren, warnung, winlogon.exe, zahlung |
Linear-Darstellung
