Windows 8: Adware.Agent und PUP.Optional

Cayman · 10.10.2013, 10:22

Hallo,

heute morgen wollte ich mir auf filepony.com den vlc-player runterladen. Leider habe ich einen falschen Link angeklickt und mir einen Mist gezogen. Würde mich freuen, wenn ihr mir helfen könntet. Im Folgenden die gewünschten Logfiles:

Defogger Disable:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:23 on 10/10/2013 (Oliver)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Oliver (administrator) on VAIO on 10-10-2013 10:28:56
Running from C:\Users\Oliver\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCWebServer.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [BrowserChoice] - C:\Windows\BrowserChoice\browserchoice.exe [86696 2012-08-15] (Microsoft Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
Startup: C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKCU - DefaultScope {CE893E0F-C38D-4660-9AD9-891F92E8D8D4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2A62A41731E21F1A&affID=125035&tsp=5031
SearchScopes: HKCU - {CE893E0F-C38D-4660-9AD9-891F92E8D8D4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {F72A0513-B57E-4578-B575-638F391CCA20} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-20] (Just Develop It)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\FRST
2013-10-10 10:27 - 2013-10-10 10:28 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2013-10-10 10:23 - 2013-10-10 10:23 - 00000474 _____ C:\Users\Oliver\Desktop\defogger_disable.log
2013-10-10 10:23 - 2013-10-10 10:23 - 00000000 _____ C:\Users\Oliver\defogger_reenable
2013-10-10 10:22 - 2013-10-10 10:22 - 00050477 _____ C:\Users\Oliver\Downloads\Defogger.exe
2013-10-10 10:21 - 2013-10-10 10:21 - 00000239 _____ C:\Users\Oliver\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.url
2013-10-10 09:51 - 2013-10-10 09:51 - 00465208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 09:02 - 2013-10-10 10:13 - 00000000 ____D C:\Program Files\DivX
2013-10-10 09:00 - 2013-10-10 09:01 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-10 09:00 - 2013-10-10 09:00 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-10-10 08:58 - 2013-10-10 09:49 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-10 08:58 - 2013-10-10 09:02 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:59 - 00000000 ____D C:\Users\Oliver\AppData\Local\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\Documents\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\0D0S1L2Z1P1B
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Local\cache
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 _____ C:\Users\Oliver\daemonprocess.txt
2013-10-10 08:57 - 2013-10-10 09:02 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Systweak
2013-10-10 08:57 - 2013-10-10 08:58 - 00003384 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-10 08:56 - 2013-10-10 10:13 - 00000000 ____D C:\ProgramData\DivX
2013-10-10 08:56 - 2013-10-10 10:11 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-10 08:56 - 2013-10-10 08:57 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-10 08:56 - 2013-10-10 08:56 - 00715038 _____ C:\Windows\unins000.exe
2013-10-10 08:56 - 2013-10-10 08:56 - 00001987 _____ C:\Windows\unins000.dat
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\LavFilters
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\CDXReader
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\ProgramData\Babylon
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-10 08:56 - 2013-07-22 16:07 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-10-10 08:56 - 2012-02-26 16:47 - 00079360 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-10 08:56 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2013-10-10 08:56 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2013-10-10 08:56 - 2011-05-30 15:42 - 00255488 _____ C:\Windows\system32\xvidvfw.dll
2013-10-10 08:56 - 2011-05-30 15:42 - 00240640 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-10-10 08:56 - 2011-05-23 11:52 - 00153088 _____ C:\Windows\SysWOW64\xvid.ax
2013-10-10 08:56 - 2011-05-23 09:49 - 00173568 _____ C:\Windows\system32\xvid.ax
2013-10-10 08:56 - 2011-05-23 09:46 - 00645632 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-10-10 08:56 - 2011-05-23 09:45 - 00696832 _____ C:\Windows\system32\xvidcore.dll
2013-10-10 08:54 - 2013-10-10 09:54 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-10 08:54 - 2013-10-10 09:49 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\DigitalSite
2013-10-10 08:54 - 2013-10-10 08:54 - 00749216 _____ C:\Users\Oliver\Downloads\CodecPackage.exe
2013-10-10 08:54 - 2013-10-10 08:54 - 00002644 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-10 07:43 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 07:43 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 07:43 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 07:43 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 07:43 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 07:43 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 07:43 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 07:43 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 07:43 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-10 07:43 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-10 07:43 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 07:43 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 07:43 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 07:43 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 07:43 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 07:43 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-10 07:43 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 07:43 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 07:42 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 07:40 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 07:40 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 07:40 - 2013-07-02 00:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 07:40 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-10 07:40 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 07:40 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 07:40 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 07:40 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-10 07:39 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 07:39 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 07:39 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 07:39 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-10 07:39 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-10 07:39 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-10 07:39 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 07:39 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 07:39 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 07:39 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 07:39 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 07:39 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 07:39 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 07:39 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 07:39 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 07:39 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 11:03 - 2013-10-09 11:03 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-09 11:00 - 2013-10-09 11:02 - 30669224 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\jre-7u40-windows-x64.exe
2013-10-08 09:23 - 2013-10-09 11:04 - 00000000 ____D C:\ProgramData\Oracle
2013-10-08 09:22 - 2013-10-08 09:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 09:22 - 2013-10-08 09:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-08 09:16 - 2013-10-08 09:16 - 00913832 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\JavaSetup7u40.exe
2013-09-29 15:26 - 2013-09-29 15:29 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Apple Computer
2013-09-29 15:26 - 2013-09-29 15:26 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-29 15:26 - 2013-09-29 15:26 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iTunes
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iPod
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-29 15:25 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-29 15:22 - 2013-09-29 15:23 - 00000000 ____D C:\ProgramData\Apple
2013-09-29 15:22 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files\Bonjour
2013-09-29 15:22 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-29 15:12 - 2013-09-29 15:17 - 97176400 _____ (Apple Inc.) C:\Users\Oliver\Downloads\iTunes64Setup.exe
2013-09-16 21:59 - 2013-10-02 03:38 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-16 21:59 - 2013-10-02 03:38 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-12 11:50 - 2013-09-12 11:50 - 01766784 _____ C:\Users\Oliver\Downloads\wrar500.exe
2013-09-11 19:43 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 19:43 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 19:43 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 19:43 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 19:43 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 19:43 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 19:43 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 19:43 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 19:43 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 19:43 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 19:43 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 19:41 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 19:41 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 19:41 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 19:41 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 19:41 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 19:41 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 19:41 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 19:41 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 19:41 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 19:41 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 19:41 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 19:41 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 19:41 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 19:41 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 19:41 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 19:41 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 19:41 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 19:41 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 19:41 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 19:41 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 19:41 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 19:41 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 19:41 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 19:41 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 19:41 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 19:41 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 19:41 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 19:41 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 19:41 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 19:41 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 19:41 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 19:41 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 19:41 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 19:41 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 19:41 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 19:41 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 19:41 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 19:41 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 19:41 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 19:41 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 19:41 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 19:41 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-11 19:32 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll

==================== One Month Modified Files and Folders =======

2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\FRST
2013-10-10 10:28 - 2013-10-10 10:27 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2013-10-10 10:23 - 2013-10-10 10:23 - 00000474 _____ C:\Users\Oliver\Desktop\defogger_disable.log
2013-10-10 10:23 - 2013-10-10 10:23 - 00000000 _____ C:\Users\Oliver\defogger_reenable
2013-10-10 10:23 - 2013-06-20 09:01 - 00000000 ____D C:\Users\Oliver
2013-10-10 10:22 - 2013-10-10 10:22 - 00050477 _____ C:\Users\Oliver\Downloads\Defogger.exe
2013-10-10 10:22 - 2013-01-17 12:44 - 01770881 _____ C:\Windows\WindowsUpdate.log
2013-10-10 10:21 - 2013-10-10 10:21 - 00000239 _____ C:\Users\Oliver\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.url
2013-10-10 10:20 - 2013-06-20 09:11 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3691925902-789438496-117329320-1001
2013-10-10 10:14 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 10:13 - 2013-10-10 09:02 - 00000000 ____D C:\Program Files\DivX
2013-10-10 10:13 - 2013-10-10 08:56 - 00000000 ____D C:\ProgramData\DivX
2013-10-10 10:13 - 2012-08-03 04:22 - 00062872 _____ C:\Windows\PFRO.log
2013-10-10 10:13 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-10 10:11 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-10 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-10 09:54 - 2013-10-10 08:54 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-10 09:51 - 2013-10-10 09:51 - 00465208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 09:49 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-10 09:49 - 2013-10-10 08:54 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\DigitalSite
2013-10-10 09:29 - 2013-01-17 12:21 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-10-10 09:29 - 2013-01-17 12:21 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-10-10 09:29 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 09:10 - 2013-06-20 15:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-10 09:02 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-10-10 09:02 - 2013-10-10 08:57 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Systweak
2013-10-10 09:01 - 2013-10-10 09:00 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-10 09:01 - 2013-06-25 21:08 - 00000000 ____D C:\Users\Oliver\Documents\Outlook-Dateien
2013-10-10 09:00 - 2013-10-10 09:00 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-10-10 09:00 - 2013-06-20 09:03 - 00000000 ___RD C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-10 08:59 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Local\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\Documents\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\0D0S1L2Z1P1B
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Local\cache
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 _____ C:\Users\Oliver\daemonprocess.txt
2013-10-10 08:58 - 2013-10-10 08:57 - 00003384 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-10 08:57 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-10 08:56 - 2013-10-10 08:56 - 00715038 _____ C:\Windows\unins000.exe
2013-10-10 08:56 - 2013-10-10 08:56 - 00001987 _____ C:\Windows\unins000.dat
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\LavFilters
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\CDXReader
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\ProgramData\Babylon
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-10 08:54 - 2013-10-10 08:54 - 00749216 _____ C:\Users\Oliver\Downloads\CodecPackage.exe
2013-10-10 08:54 - 2013-10-10 08:54 - 00002644 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-10 08:01 - 2013-06-25 20:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 07:59 - 2013-08-14 11:02 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 07:57 - 2013-06-20 16:19 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 11:53 - 2013-06-20 12:16 - 00000000 ____D C:\Users\Oliver\Documents\Studium
2013-10-09 11:04 - 2013-10-08 09:23 - 00000000 ____D C:\ProgramData\Oracle
2013-10-09 11:03 - 2013-10-09 11:03 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-09 11:03 - 2013-01-17 12:45 - 01095080 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-10-09 11:03 - 2013-01-17 12:45 - 00973736 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-10-09 11:02 - 2013-10-09 11:00 - 30669224 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\jre-7u40-windows-x64.exe
2013-10-09 10:57 - 2013-06-20 12:06 - 00000000 ____D C:\Users\Oliver\Documents\Dokumente
2013-10-08 11:12 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-08 09:22 - 2013-10-08 09:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 09:22 - 2013-10-08 09:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-08 09:22 - 2013-01-17 12:46 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-08 09:22 - 2013-01-17 12:46 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-08 09:16 - 2013-10-08 09:16 - 00913832 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\JavaSetup7u40.exe
2013-10-06 11:02 - 2013-06-20 09:45 - 00000000 ____D C:\Update
2013-10-05 18:26 - 2013-06-20 12:05 - 00000000 ____D C:\Users\Oliver\Documents\Auswertungen
2013-10-04 14:10 - 2013-06-27 07:48 - 00000000 ____D C:\Users\Oliver\AppData\Local\CrashDumps
2013-10-04 10:34 - 2013-06-20 14:50 - 00842752 ___SH C:\Users\Oliver\Desktop\Thumbs.db
2013-10-04 10:20 - 2013-01-17 12:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-02 03:38 - 2013-09-16 21:59 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-09-16 21:59 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-29 15:29 - 2013-09-29 15:26 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Apple Computer
2013-09-29 15:29 - 2012-07-26 09:21 - 00026076 _____ C:\Windows\setupact.log
2013-09-29 15:26 - 2013-09-29 15:26 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-29 15:26 - 2013-09-29 15:26 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iTunes
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iPod
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-29 15:23 - 2013-09-29 15:22 - 00000000 ____D C:\ProgramData\Apple
2013-09-29 15:23 - 2013-09-29 15:22 - 00000000 ____D C:\Program Files\Bonjour
2013-09-29 15:23 - 2013-09-29 15:22 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-29 15:17 - 2013-09-29 15:12 - 97176400 _____ (Apple Inc.) C:\Users\Oliver\Downloads\iTunes64Setup.exe
2013-09-23 01:28 - 2013-10-10 07:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-10 07:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-10 07:42 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 00:55 - 2013-10-10 07:43 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-10 07:43 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-10 07:43 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-10 07:43 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-16 22:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-16 21:57 - 2013-06-21 11:27 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-09-16 13:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-16 13:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-16 13:27 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-12 11:51 - 2013-06-21 11:27 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-12 11:50 - 2013-09-12 11:50 - 01766784 _____ C:\Users\Oliver\Downloads\wrar500.exe
2013-09-11 17:50 - 2013-01-17 12:47 - 00000000 ____D C:\ProgramData\Sony Corporation

Some content of TEMP:
====================
C:\Users\Oliver\AppData\Local\Temp\BackupSetup.exe
C:\Users\Oliver\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Oliver\AppData\Local\Temp\ose00000.exe
C:\Users\Oliver\AppData\Local\Temp\uninst1.exe
C:\Users\Oliver\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 09:25

==================== End Of Log ============================

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Oliver at 2013-10-10 10:29:40
Running from C:\Users\Oliver\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader XI (11.0.05)  MUI (x32 Version: 11.0.05)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Bonjour (Version: 3.0.0.10)
Codec Package Packages (HKCU)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DivX-Setup (x32 Version: 2.6.1.8)
FDUx86 (x32 Version: 1.0.0)
ffdshow v1.1.4399 [2012-03-22] (x32 Version: 1.1.4399.0)
Haali Media Splitter (x32)
Intel AppUp(R) center (x32 Version: 3.8.0.41505.25)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2817)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.3.1004)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.1.0.126)
Java 7 Update 40 (64-bit) (Version: 7.0.400)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
KUx86 (x32 Version: 1.0.0)
Lagarith Lossless Codec (1.3.27) (x32)
LAME v3.99.3 (for Windows) (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SkyDrive (HKCU Version: 16.4.6012.0828)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MyPC Backup  (Version: )
OpenSource Flash Video Splitter 1.0.0.5 (x32 Version: 1.0.0.5)
PlayMemories Home (x32 Version: 6.3.02.07270)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.214)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)
Restore (x32 Version: 1.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
Synaptics Pointing Device Driver (Version: 16.2.16.2)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
VAIO - Xperia Link (x32 Version: 1.1.0.11020)
VAIO Care (Version: 8.2.0.15030)
VAIO Control Center (x32 Version: 6.1.0.10300)
VAIO Data Restore Tool (x32 Version: 1.10.0.07270)
VAIO Easy Connect (x32 Version: 8.2.0.14170)
VAIO Gate (x32 Version: 3.0.0.08140)
VAIO Gate Default (x32 Version: 3.1.0.10240)
VAIO Gesture Control (x32 Version: 2.1.0.10220)
VAIO Image Optimizer (x32 Version: 3.0.00.08170)
VAIO Improvement (x32 Version: 2.1.0.10220)
VAIO Media Server Settings (Version: 1.0.1.10170)
VAIO Movie Creator (x32 Version: 4.0.00.10170)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)
VAIO Update (x32 Version: 6.3.0.08010)
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)
VAIO-Handbuch (x32 Version: 3.0.0.08100)
VAIO-Hardwarediagnose-Plugin für VAIO Care (x32 Version: 4.7.0.11070)
VAIO-Support für Übertragungen (x32 Version: 1.9.0.11060)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VCCx64 (Version: 1.0.0)
VCCx86 (x32 Version: 1.0.0)
VGClientX64 (Version: 1.0.0)
VHD (x32 Version: 1.0.0)
VIx64 (Version: 1.0.0)
VIx86 (x32 Version: 1.0.0)
VMLx86 (x32 Version: 1.0.0)
VPMx64 (Version: 1.0.0)
VSSTx64 (Version: 1.0.0)
VSSTx86 (x32 Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (x32 Version: 1.0.0)
VUx64 (Version: 1.0.0)
VUx86 (x32 Version: 1.0.0)
VWSTx86 (x32 Version: 1.0.0)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
WinRAR 5.00 (32-bit) (x32 Version: 5.00.0)
XperiaLinkx86 (x32 Version: 1.0.0)
Xvid Video Codec (x32 Version: 1.3.2)

==================== Restore Points  =========================

16-09-2013 11:24:54 Windows Update
25-09-2013 13:43:13 Windows Update
29-09-2013 13:23:54 Installed iTunes
04-10-2013 08:20:04 Installiert VAIO Control Center
08-10-2013 07:21:53 Installed Java 7 Update 40
09-10-2013 09:02:37 Installed Java 7 Update 40 (64-bit)

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0743CB7A-FEB5-49B4-9711-6F08C70E6D8B} - System32\Tasks\DigitalSite => C:\Users\Oliver\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: {0F8799CD-3316-4081-99B5-BFE2B1566C63} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {14CBC852-9DE5-40D3-B7B9-88B2BB72D98B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {23B433D7-A347-464A-BA10-31C4B3A02CFB} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {2B300CC1-D974-496D-8B91-28BE3DA3179F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {35B4B4A6-E280-4C5C-A9FD-10249E1EF762} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {3DA6F7C7-B8C2-47B5-B22A-37D940478087} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {443D566B-B316-4A6C-B395-67275E6363F6} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {4668C1E3-BE50-46EC-AAC9-B26F0D0D9794} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {494E381C-E72C-4D0C-8B8D-22E8E3745F63} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {4DB49256-D273-47E8-B52F-E9B00445886D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {51A5D08B-94D4-44D2-BFFF-BE3EF3F650E6} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-01] (Sony Corporation)
Task: {5FD4C572-2534-47BA-8334-D25AC6453030} - System32\Tasks\Sony Corporation\VAIO Care Rescue Tool => C:\Windows\Temp\VAIO Care Rescue Tool.vbs
Task: {63426204-48C9-49AD-B1EE-A160A46A2DA3} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {65E0AD0B-8809-47DA-8D20-872707FAABF8} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {794D9EEF-5B2D-4AA6-904A-6A2DA0D3E9BF} - System32\Tasks\EPUpdater => C:\Users\Oliver\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
Task: {7D182D66-8A03-48C5-A756-84D011E20C9F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {7EC4E931-034E-4AC1-8A88-ED410BE4504A} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {7EE90040-4295-4350-81DF-72418B5A4D8A} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {8C84538D-F861-451D-9288-76F62CF536E4} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {A1776C35-1B84-45F6-ABF0-E9F2F001A5E9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {A2F275DB-ED71-41EC-8902-406FD164A59E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {AFA171BE-1464-46EE-B95B-E8F433CE1623} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {B07836CE-BD74-45A4-8C0C-32DE6C548C60} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {BB91CD5E-9590-42D2-9E3A-1E9D40088908} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {D7708387-0B83-49C1-8ADF-F1AF1354C1C5} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {E16FDBF1-0378-4B5A-A91B-1F04D26D5CFB} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {FC152B79-4416-4BF6-8E44-B451B32E942F} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {FC75B844-873F-48B8-A325-55F848090FC6} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Oliver\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE

==================== Loaded Modules (whitelisted) =============

2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-07-26 09:55 - 2012-07-26 09:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-11-05 20:28 - 2012-11-05 20:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-11-05 20:23 - 2012-11-05 20:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-11-05 20:26 - 2012-11-05 20:26 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-10-09 19:52 - 2012-09-29 18:23 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-20 00:37 - 2013-09-20 00:37 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-09-20 00:32 - 2013-09-20 00:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2013-10-10 09:11 - 2013-10-09 23:37 - 02105344 _____ () C:\Program Files\AVAST Software\Avast\defs\13100901\algo.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-17 12:40 - 2012-09-29 18:21 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/09/2013 10:09:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15609

Error: (10/09/2013 10:09:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15609

Error: (10/09/2013 10:09:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/09/2013 03:38:04 PM) (Source: Application Hang) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7105.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 27ac

Startzeit: 01cec4f49a90e4b2

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

Berichts-ID: fd445e7d-30e7-11e3-be84-a41731e21f1a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/09/2013 09:03:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15625

Error: (10/09/2013 09:03:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15625

Error: (10/09/2013 09:03:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/08/2013 08:08:56 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (10/07/2013 11:21:11 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (10/06/2013 10:59:20 AM) (Source: SampleCollector) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.


System errors:
=============
Error: (10/10/2013 10:15:42 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/10/2013 10:15:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/10/2013 10:15:40 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (10/10/2013 10:13:49 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (10/10/2013 09:53:11 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/10/2013 09:53:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/10/2013 09:53:03 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (10/10/2013 09:51:42 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (10/10/2013 09:51:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (10/10/2013 09:50:20 AM) (Source: DCOM) (User: VAIO)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (10/09/2013 10:09:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15609

Error: (10/09/2013 10:09:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15609

Error: (10/09/2013 10:09:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/09/2013 03:38:04 PM) (Source: Application Hang)(User: )
Description: OUTLOOK.EXE14.0.7105.500027ac01cec4f49a90e4b216C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEfd445e7d-30e7-11e3-be84-a41731e21f1a

Error: (10/09/2013 09:03:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15625

Error: (10/09/2013 09:03:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15625

Error: (10/09/2013 09:03:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/08/2013 08:08:56 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (10/07/2013 11:21:11 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (10/06/2013 10:59:20 AM) (Source: SampleCollector)(User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.


==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 3975.27 MB
Available physical RAM: 2438.08 MB
Total Pagefile: 4679.27 MB
Available Pagefile: 3055.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:268.6 GB) (Free:196.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 7D39502D)

Partition: GPT Partition Type
==================== End Of Log ============================

MBAM:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.10.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Oliver :: VAIO [Administrator]

10.10.2013 09:16:09
mbam-log-2013-06-27 (10-15-44).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 201655
Laufzeit: 6 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 56
HKCR\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} (Adware.Agent) -> Keine Aktion durchgeführt.
HKCR\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} (Adware.Agent) -> Keine Aktion durchgeführt.
HKCR\PricePeep.PricePeepBho.1 (Adware.Agent) -> Keine Aktion durchgeführt.
HKCR\PricePeep.PricePeepBho (Adware.Agent) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Keine Aktion durchgeführt.
HKCR\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892} (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{00078E95-3A4A-4137-8DE7-2824908D1C17} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\searchgol.searchgoldskBnd.1 (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\searchgol.searchgoldskBnd (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00078E95-3A4A-4137-8DE7-2824908D1C17} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00078E95-3A4A-4137-8DE7-2824908D1C17} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{840A13FF-B464-4782-9C96-AAF3092E55DD} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{88AF4F6A-C6B7-4229-9275-824E98BF97F9} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\esrv.searchgolESrvc.1 (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\esrv.searchgolESrvc (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\searchgol.searchgolHlpr.1 (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\searchgol.searchgolHlpr (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F547BDD-FCD4-48F8-A06F-573D6F404A3C} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{D8E43B96-EB46-4820-92B7-232AEB735685} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\escort.escortIEPane.1 (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\escort.escortIEPane (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCR\PricePeep.PricePeepBho.1 (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCR\PricePeep.PricePeepBho (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCR\Typelib\{105F25A9-C42F-48A6-998D-0494E8AE336A} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{3860D897-7DCD-473C-9744-B21DB133AB20} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite (PUP.Optional.DigitalSite.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCR\searchgol.searchgolappCore (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\searchgol.searchgolappCore.1 (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\AppID\PricePeep.DLL (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\searchgol (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt.
HKCU\Software\AppDataLow\Software\PricePeep (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\searchgol (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchgol (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{539F74BF-7E5C-46BD-9D45-35B1A91C9CBD} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{9448AC19-EB62-46D5-B7DA-B059A7DB466A} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCR\s (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{00078E95-3A4A-4137-8DE7-2824908D1C17} (PUP.Optional.SearchGolTB.A) -> Daten: searchgol Toolbar -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{00078E95-3A4A-4137-8DE7-2824908D1C17} (PUP.Optional.SearchGolTB.A) -> Daten:  -> Keine Aktion durchgeführt.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0H1L1J1L1S1R1N -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage.A) -> Bösartig: (hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=2A62A41731E21F1A&affID=125035&tsp=5031) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 11
C:\Users\Oliver\AppData\Roaming\DigitalSite\UpdateProc (PUP.Optional.DigitalSite.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\PricePeep (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19 (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\mt_ffx\searchgol (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\mt_ffx\searchgol\searchgol (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\mt_ffx\searchgol\searchgol\1.8.16.19 (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 34
C:\Program Files (x86)\PricePeep\pricepeep.dll (Adware.Agent) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolsrv.exe (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\PricePeep\pricepeep.dll (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\F494E24C-BAB0-7891-83EE-37597DEDAE55\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\F494E24C-BAB0-7891-83EE-37597DEDAE55\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\F494E24C-BAB0-7891-83EE-37597DEDAE55\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\F494E24C-BAB0-7891-83EE-37597DEDAE55\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\F494E24C-BAB0-7891-83EE-37597DEDAE55\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\F494E24C-BAB0-7891-83EE-37597DEDAE55\Latest\MySgolTB.exe (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\F494E24C-BAB0-7891-83EE-37597DEDAE55\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\is1590112554\338031059_stp.EXE (Adware.Agent) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\is1590112554\338030773_stp\wajam_validate.exe (PUP.Optional.Wajam) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\is1590112554\338030855_stp\SearchGol.exe (PUP.Optional.PCFixSpeed.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\is1590112554\338030937_stp\rcpsetup_adppi_adppi.exe (PUP.Optional.RegCleanerPro) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Local\Temp\is1590112554\338031022_stp\wajam_download.exe (PUP.Optional.Wajam) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\DigitalSite\UpdateProc\config.dat (PUP.Optional.DigitalSite.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\DigitalSite\UpdateProc\prod.dat (PUP.Optional.DigitalSite.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe (PUP.Optional.DigitalSite.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\PricePeep\installer.ico (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\PricePeep\uninstall.exe (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\PricePeep\unutil.exe (PUP.Optional.PricePeep.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\BabSolution\Shared\searchgol.ico (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Users\Oliver\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\escortShld.dll (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\GUninstaller.exe (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolApp.dll (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolEng.dll (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\uninstall.exe (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.

(Ende)

MBAM:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.10.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Oliver :: VAIO [Administrator]

10.10.2013 10:44:59
mbam-log-2013-10-10 (10-44-59).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 201717
Laufzeit: 3 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Gmer:

Ich bekomme den file nicht gezippt. 7-ZiP habe ich runtergeladen aber beim Rechtsklick auf die Datei erscheint mir nicht die 7-Zip-Option.

Viele Grüße
Cayman

schrauber · 10.10.2013, 10:33

hi,

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Cayman · 10.10.2013, 11:12

AdwCleaner:

Code:

ATTFilter

# AdwCleaner v3.007 - Bericht erstellt am 10/10/2013 um 11:45:49
# Updated 09/10/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Oliver - VAIO
# Gestartet von : C:\Users\Oliver\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : BackupStack

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup 
Ordner Gelöscht : C:\Program Files (x86)\searchgol
Ordner Gelöscht : C:\Users\Oliver\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Oliver\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Windows\Tasks\digitalsite.job
Datei Gelöscht : C:\Windows\System32\Tasks\digitalsite
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\5957d8dbe03aba43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Package Packages
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


*************************

AdwCleaner[R0].txt - [4150 octets] - [10/10/2013 11:42:24]
AdwCleaner[S0].txt - [3680 octets] - [10/10/2013 11:45:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3740 octets] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Windows 8 x64
Ran by Oliver on 10.10.2013 at 11:52:10,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3691925902-789438496-117329320-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.10.2013 at 11:58:43,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Oliver (administrator) on VAIO on 10-10-2013 12:04:54
Running from C:\Users\Oliver\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCWebServer.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\Oliver\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [BrowserChoice] - C:\Windows\BrowserChoice\browserchoice.exe [86696 2012-08-15] (Microsoft Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKCU - DefaultScope {CE893E0F-C38D-4660-9AD9-891F92E8D8D4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {CE893E0F-C38D-4660-9AD9-891F92E8D8D4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {F72A0513-B57E-4578-B575-638F391CCA20} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-10 12:04 - 2013-10-10 12:04 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64 (1).exe
2013-10-10 11:58 - 2013-10-10 11:58 - 00000922 _____ C:\Users\Oliver\Desktop\JRT.txt
2013-10-10 11:52 - 2013-10-10 11:52 - 00000000 ____D C:\Windows\ERUNT
2013-10-10 11:51 - 2013-10-10 11:51 - 01032220 _____ (Thisisu) C:\Users\Oliver\Desktop\JRT.exe
2013-10-10 11:48 - 2013-10-10 11:48 - 00003844 _____ C:\Users\Oliver\Desktop\AdwCleaner[S0].txt
2013-10-10 11:41 - 2013-10-10 11:45 - 00000000 ____D C:\AdwCleaner
2013-10-10 11:41 - 2013-10-10 11:41 - 01048960 _____ C:\Users\Oliver\Desktop\adwcleaner.exe
2013-10-10 11:40 - 2013-10-10 11:40 - 01048960 _____ C:\Users\Oliver\Downloads\adwcleaner (1).exe
2013-10-10 11:39 - 2013-10-10 11:39 - 01048960 _____ C:\Users\Oliver\Downloads\adwcleaner.exe
2013-10-10 11:32 - 2013-10-10 11:32 - 00000229 _____ C:\Users\Oliver\Desktop\Trojaner Board.url
2013-10-10 11:14 - 2013-10-10 11:14 - 01110476 _____ C:\Users\Oliver\Downloads\7z920 (1).exe
2013-10-10 11:08 - 2013-10-10 11:08 - 01110476 _____ C:\Users\Oliver\Downloads\7z920.exe
2013-10-10 11:08 - 2013-10-10 11:08 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-10-10 10:42 - 2013-10-10 10:42 - 00682829 _____ C:\Users\Oliver\Desktop\Gmer.log
2013-10-10 10:40 - 2013-10-10 10:40 - 00377856 _____ C:\Users\Oliver\Downloads\gmer_2.1.19163 (1).exe
2013-10-10 10:33 - 2013-10-10 10:33 - 00377856 _____ C:\Users\Oliver\Downloads\gmer_2.1.19163.exe
2013-10-10 10:30 - 2013-10-10 10:30 - 00049614 _____ C:\Users\Oliver\Desktop\FRST.txt
2013-10-10 10:30 - 2013-10-10 10:30 - 00021819 _____ C:\Users\Oliver\Desktop\Addition.txt
2013-10-10 10:29 - 2013-10-10 10:30 - 00021819 _____ C:\Users\Oliver\Downloads\Addition.txt
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\FRST
2013-10-10 10:27 - 2013-10-10 10:28 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2013-10-10 10:23 - 2013-10-10 10:23 - 00000474 _____ C:\Users\Oliver\Desktop\defogger_disable.log
2013-10-10 10:23 - 2013-10-10 10:23 - 00000000 _____ C:\Users\Oliver\defogger_reenable
2013-10-10 10:22 - 2013-10-10 10:22 - 00050477 _____ C:\Users\Oliver\Downloads\Defogger.exe
2013-10-10 09:51 - 2013-10-10 09:51 - 00465208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 09:02 - 2013-10-10 10:13 - 00000000 ____D C:\Program Files\DivX
2013-10-10 08:58 - 2013-10-10 09:02 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:59 - 00000000 ____D C:\Users\Oliver\AppData\Local\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\Documents\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\0D0S1L2Z1P1B
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Local\cache
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 _____ C:\Users\Oliver\daemonprocess.txt
2013-10-10 08:56 - 2013-10-10 10:13 - 00000000 ____D C:\ProgramData\DivX
2013-10-10 08:56 - 2013-10-10 10:11 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-10 08:56 - 2013-10-10 08:57 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-10 08:56 - 2013-10-10 08:56 - 00715038 _____ C:\Windows\unins000.exe
2013-10-10 08:56 - 2013-10-10 08:56 - 00001987 _____ C:\Windows\unins000.dat
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\LavFilters
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\CDXReader
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-10 08:56 - 2012-02-26 16:47 - 00079360 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-10 08:56 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2013-10-10 08:56 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2013-10-10 08:56 - 2011-05-30 15:42 - 00255488 _____ C:\Windows\system32\xvidvfw.dll
2013-10-10 08:56 - 2011-05-30 15:42 - 00240640 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-10-10 08:56 - 2011-05-23 11:52 - 00153088 _____ C:\Windows\SysWOW64\xvid.ax
2013-10-10 08:56 - 2011-05-23 09:49 - 00173568 _____ C:\Windows\system32\xvid.ax
2013-10-10 08:56 - 2011-05-23 09:46 - 00645632 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-10-10 08:56 - 2011-05-23 09:45 - 00696832 _____ C:\Windows\system32\xvidcore.dll
2013-10-10 08:54 - 2013-10-10 08:54 - 00749216 _____ C:\Users\Oliver\Downloads\CodecPackage.exe
2013-10-10 07:43 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 07:43 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 07:43 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 07:43 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 07:43 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 07:43 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 07:43 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 07:43 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 07:43 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-10 07:43 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-10 07:43 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 07:43 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 07:43 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 07:43 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 07:43 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 07:43 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-10 07:43 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 07:43 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 07:42 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 07:40 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 07:40 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 07:40 - 2013-07-02 00:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 07:40 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-10 07:40 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 07:40 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 07:40 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 07:40 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-10 07:39 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 07:39 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 07:39 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 07:39 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-10 07:39 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-10 07:39 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-10 07:39 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 07:39 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 07:39 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 07:39 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 07:39 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 07:39 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 07:39 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 07:39 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 07:39 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 07:39 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 11:03 - 2013-10-09 11:03 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-09 11:00 - 2013-10-09 11:02 - 30669224 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\jre-7u40-windows-x64.exe
2013-10-08 09:23 - 2013-10-09 11:04 - 00000000 ____D C:\ProgramData\Oracle
2013-10-08 09:22 - 2013-10-08 09:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 09:22 - 2013-10-08 09:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-08 09:16 - 2013-10-08 09:16 - 00913832 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\JavaSetup7u40.exe
2013-09-29 15:26 - 2013-09-29 15:29 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Apple Computer
2013-09-29 15:26 - 2013-09-29 15:26 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-29 15:26 - 2013-09-29 15:26 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iTunes
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iPod
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-29 15:25 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-29 15:22 - 2013-09-29 15:23 - 00000000 ____D C:\ProgramData\Apple
2013-09-29 15:22 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files\Bonjour
2013-09-29 15:22 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-29 15:12 - 2013-09-29 15:17 - 97176400 _____ (Apple Inc.) C:\Users\Oliver\Downloads\iTunes64Setup.exe
2013-09-16 21:59 - 2013-10-02 03:38 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-16 21:59 - 2013-10-02 03:38 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-12 11:50 - 2013-09-12 11:50 - 01766784 _____ C:\Users\Oliver\Downloads\wrar500.exe
2013-09-11 19:43 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 19:43 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 19:43 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 19:43 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 19:43 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 19:43 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 19:43 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 19:43 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 19:43 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 19:43 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 19:43 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 19:41 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 19:41 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 19:41 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 19:41 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 19:41 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 19:41 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 19:41 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 19:41 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 19:41 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 19:41 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 19:41 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 19:41 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 19:41 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 19:41 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 19:41 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 19:41 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 19:41 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 19:41 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 19:41 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 19:41 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 19:41 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 19:41 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 19:41 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 19:41 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 19:41 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 19:41 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 19:41 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 19:41 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 19:41 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 19:41 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 19:41 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 19:41 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 19:41 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 19:41 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 19:41 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 19:41 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 19:41 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 19:41 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 19:41 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 19:41 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 19:41 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 19:41 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-11 19:32 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll

==================== One Month Modified Files and Folders =======

2013-10-10 12:04 - 2013-10-10 12:04 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64 (1).exe
2013-10-10 12:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-10 12:00 - 2013-06-20 09:11 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3691925902-789438496-117329320-1001
2013-10-10 11:58 - 2013-10-10 11:58 - 00000922 _____ C:\Users\Oliver\Desktop\JRT.txt
2013-10-10 11:52 - 2013-10-10 11:52 - 00000000 ____D C:\Windows\ERUNT
2013-10-10 11:52 - 2013-01-17 12:44 - 01837904 _____ C:\Windows\WindowsUpdate.log
2013-10-10 11:51 - 2013-10-10 11:51 - 01032220 _____ (Thisisu) C:\Users\Oliver\Desktop\JRT.exe
2013-10-10 11:48 - 2013-10-10 11:48 - 00003844 _____ C:\Users\Oliver\Desktop\AdwCleaner[S0].txt
2013-10-10 11:47 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 11:46 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-10 11:45 - 2013-10-10 11:41 - 00000000 ____D C:\AdwCleaner
2013-10-10 11:45 - 2013-06-20 09:03 - 00000000 ___RD C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-10 11:41 - 2013-10-10 11:41 - 01048960 _____ C:\Users\Oliver\Desktop\adwcleaner.exe
2013-10-10 11:41 - 2013-06-25 21:08 - 00000000 ____D C:\Users\Oliver\Documents\Outlook-Dateien
2013-10-10 11:40 - 2013-10-10 11:40 - 01048960 _____ C:\Users\Oliver\Downloads\adwcleaner (1).exe
2013-10-10 11:39 - 2013-10-10 11:39 - 01048960 _____ C:\Users\Oliver\Downloads\adwcleaner.exe
2013-10-10 11:32 - 2013-10-10 11:32 - 00000229 _____ C:\Users\Oliver\Desktop\Trojaner Board.url
2013-10-10 11:14 - 2013-10-10 11:14 - 01110476 _____ C:\Users\Oliver\Downloads\7z920 (1).exe
2013-10-10 11:08 - 2013-10-10 11:08 - 01110476 _____ C:\Users\Oliver\Downloads\7z920.exe
2013-10-10 11:08 - 2013-10-10 11:08 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-10-10 10:42 - 2013-10-10 10:42 - 00682829 _____ C:\Users\Oliver\Desktop\Gmer.log
2013-10-10 10:42 - 2013-06-20 14:50 - 00847360 ___SH C:\Users\Oliver\Desktop\Thumbs.db
2013-10-10 10:40 - 2013-10-10 10:40 - 00377856 _____ C:\Users\Oliver\Downloads\gmer_2.1.19163 (1).exe
2013-10-10 10:33 - 2013-10-10 10:33 - 00377856 _____ C:\Users\Oliver\Downloads\gmer_2.1.19163.exe
2013-10-10 10:30 - 2013-10-10 10:30 - 00049614 _____ C:\Users\Oliver\Desktop\FRST.txt
2013-10-10 10:30 - 2013-10-10 10:30 - 00021819 _____ C:\Users\Oliver\Desktop\Addition.txt
2013-10-10 10:30 - 2013-10-10 10:29 - 00021819 _____ C:\Users\Oliver\Downloads\Addition.txt
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\FRST
2013-10-10 10:28 - 2013-10-10 10:27 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2013-10-10 10:23 - 2013-10-10 10:23 - 00000474 _____ C:\Users\Oliver\Desktop\defogger_disable.log
2013-10-10 10:23 - 2013-10-10 10:23 - 00000000 _____ C:\Users\Oliver\defogger_reenable
2013-10-10 10:23 - 2013-06-20 09:01 - 00000000 ____D C:\Users\Oliver
2013-10-10 10:22 - 2013-10-10 10:22 - 00050477 _____ C:\Users\Oliver\Downloads\Defogger.exe
2013-10-10 10:13 - 2013-10-10 09:02 - 00000000 ____D C:\Program Files\DivX
2013-10-10 10:13 - 2013-10-10 08:56 - 00000000 ____D C:\ProgramData\DivX
2013-10-10 10:13 - 2012-08-03 04:22 - 00062872 _____ C:\Windows\PFRO.log
2013-10-10 10:11 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-10 09:51 - 2013-10-10 09:51 - 00465208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 09:29 - 2013-01-17 12:21 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-10-10 09:29 - 2013-01-17 12:21 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-10-10 09:29 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 09:10 - 2013-06-20 15:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-10 09:02 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-10-10 08:59 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Local\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\Documents\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\0D0S1L2Z1P1B
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Local\cache
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 _____ C:\Users\Oliver\daemonprocess.txt
2013-10-10 08:57 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-10 08:56 - 2013-10-10 08:56 - 00715038 _____ C:\Windows\unins000.exe
2013-10-10 08:56 - 2013-10-10 08:56 - 00001987 _____ C:\Windows\unins000.dat
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\LavFilters
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\CDXReader
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-10 08:54 - 2013-10-10 08:54 - 00749216 _____ C:\Users\Oliver\Downloads\CodecPackage.exe
2013-10-10 08:01 - 2013-06-25 20:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 07:59 - 2013-08-14 11:02 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 07:57 - 2013-06-20 16:19 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 11:53 - 2013-06-20 12:16 - 00000000 ____D C:\Users\Oliver\Documents\Studium
2013-10-09 11:04 - 2013-10-08 09:23 - 00000000 ____D C:\ProgramData\Oracle
2013-10-09 11:03 - 2013-10-09 11:03 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-09 11:03 - 2013-01-17 12:45 - 01095080 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-10-09 11:03 - 2013-01-17 12:45 - 00973736 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-10-09 11:02 - 2013-10-09 11:00 - 30669224 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\jre-7u40-windows-x64.exe
2013-10-09 10:57 - 2013-06-20 12:06 - 00000000 ____D C:\Users\Oliver\Documents\Dokumente
2013-10-08 11:12 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-08 09:22 - 2013-10-08 09:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 09:22 - 2013-10-08 09:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-08 09:22 - 2013-01-17 12:46 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-08 09:22 - 2013-01-17 12:46 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-08 09:16 - 2013-10-08 09:16 - 00913832 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\JavaSetup7u40.exe
2013-10-06 11:02 - 2013-06-20 09:45 - 00000000 ____D C:\Update
2013-10-05 18:26 - 2013-06-20 12:05 - 00000000 ____D C:\Users\Oliver\Documents\Auswertungen
2013-10-04 14:10 - 2013-06-27 07:48 - 00000000 ____D C:\Users\Oliver\AppData\Local\CrashDumps
2013-10-04 10:20 - 2013-01-17 12:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-02 03:38 - 2013-09-16 21:59 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-09-16 21:59 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-29 15:29 - 2013-09-29 15:26 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Apple Computer
2013-09-29 15:29 - 2012-07-26 09:21 - 00026076 _____ C:\Windows\setupact.log
2013-09-29 15:26 - 2013-09-29 15:26 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-29 15:26 - 2013-09-29 15:26 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iTunes
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iPod
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-29 15:23 - 2013-09-29 15:22 - 00000000 ____D C:\ProgramData\Apple
2013-09-29 15:23 - 2013-09-29 15:22 - 00000000 ____D C:\Program Files\Bonjour
2013-09-29 15:23 - 2013-09-29 15:22 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-29 15:17 - 2013-09-29 15:12 - 97176400 _____ (Apple Inc.) C:\Users\Oliver\Downloads\iTunes64Setup.exe
2013-09-23 01:28 - 2013-10-10 07:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-10 07:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-10 07:42 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 00:55 - 2013-10-10 07:43 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-10 07:43 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-10 07:43 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-10 07:43 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-16 22:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-16 21:57 - 2013-06-21 11:27 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-09-16 13:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-16 13:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-16 13:27 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-12 11:51 - 2013-06-21 11:27 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-12 11:50 - 2013-09-12 11:50 - 01766784 _____ C:\Users\Oliver\Downloads\wrar500.exe
2013-09-11 17:50 - 2013-01-17 12:47 - 00000000 ____D C:\ProgramData\Sony Corporation

Some content of TEMP:
====================
C:\Users\Oliver\AppData\Local\Temp\BackupSetup.exe
C:\Users\Oliver\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Oliver\AppData\Local\Temp\ose00000.exe
C:\Users\Oliver\AppData\Local\Temp\Quarantine.exe
C:\Users\Oliver\AppData\Local\Temp\uninst1.exe
C:\Users\Oliver\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 09:25

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

schrauber · 11.10.2013, 07:38

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Cayman · 11.10.2013, 11:29

Hi Schrauber,

ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=822fc3142780e84f9c615d2f6c30b924
# engine=15443
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-11 09:49:56
# local_time=2013-10-11 11:49:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=774 16777213 85 88 7925524 158194868 0 0
# compatibility_mode=5893 16776574 100 94 4971713 40991107 0 0
# scanned=230063
# found=1
# cleaned=0
# scan_time=4666
sh=C67066184AEFD67BDE9D85679DA3BBEAB0CD5CFC ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Oliver\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\72f1532e-2641d3d8"

Checkup:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.74  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
Windows Defender   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 40  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Oliver (administrator) on VAIO on 11-10-2013 12:25:24
Running from C:\Users\Oliver\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCWebServer.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Farbar) C:\Users\Oliver\Downloads\FRST64 (2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [BrowserChoice] - C:\Windows\BrowserChoice\browserchoice.exe [86696 2012-08-15] (Microsoft Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKCU - DefaultScope {CE893E0F-C38D-4660-9AD9-891F92E8D8D4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {CE893E0F-C38D-4660-9AD9-891F92E8D8D4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {F72A0513-B57E-4578-B575-638F391CCA20} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-29] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros)
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-11 12:25 - 2013-10-11 12:25 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64 (2).exe
2013-10-11 12:23 - 2013-10-11 12:23 - 00000897 _____ C:\Users\Oliver\Desktop\checkup.txt
2013-10-11 12:21 - 2013-10-11 12:21 - 00891167 _____ C:\Users\Oliver\Desktop\SecurityCheck.exe
2013-10-11 12:18 - 2013-10-11 11:49 - 00000888 _____ C:\Users\Oliver\Desktop\ESET.txt
2013-10-11 10:25 - 2013-10-11 10:25 - 02347384 _____ (ESET) C:\Users\Oliver\Desktop\esetsmartinstaller_enu.exe
2013-10-10 12:13 - 2013-10-10 12:13 - 01774862 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 12:04 - 2013-10-10 12:04 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64 (1).exe
2013-10-10 11:58 - 2013-10-10 11:58 - 00000922 _____ C:\Users\Oliver\Desktop\JRT.txt
2013-10-10 11:52 - 2013-10-10 11:52 - 00000000 ____D C:\Windows\ERUNT
2013-10-10 11:51 - 2013-10-10 11:51 - 01032220 _____ (Thisisu) C:\Users\Oliver\Desktop\JRT.exe
2013-10-10 11:48 - 2013-10-10 11:48 - 00003844 _____ C:\Users\Oliver\Desktop\AdwCleaner[S0].txt
2013-10-10 11:41 - 2013-10-10 11:45 - 00000000 ____D C:\AdwCleaner
2013-10-10 11:41 - 2013-10-10 11:41 - 01048960 _____ C:\Users\Oliver\Desktop\adwcleaner.exe
2013-10-10 11:40 - 2013-10-10 11:40 - 01048960 _____ C:\Users\Oliver\Downloads\adwcleaner (1).exe
2013-10-10 11:39 - 2013-10-10 11:39 - 01048960 _____ C:\Users\Oliver\Downloads\adwcleaner.exe
2013-10-10 11:32 - 2013-10-10 11:32 - 00000229 _____ C:\Users\Oliver\Desktop\Trojaner Board.url
2013-10-10 11:14 - 2013-10-10 11:14 - 01110476 _____ C:\Users\Oliver\Downloads\7z920 (1).exe
2013-10-10 11:08 - 2013-10-10 11:08 - 01110476 _____ C:\Users\Oliver\Downloads\7z920.exe
2013-10-10 11:08 - 2013-10-10 11:08 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-10-10 10:42 - 2013-10-10 10:42 - 00682829 _____ C:\Users\Oliver\Desktop\Gmer.log
2013-10-10 10:40 - 2013-10-10 10:40 - 00377856 _____ C:\Users\Oliver\Downloads\gmer_2.1.19163 (1).exe
2013-10-10 10:33 - 2013-10-10 10:33 - 00377856 _____ C:\Users\Oliver\Downloads\gmer_2.1.19163.exe
2013-10-10 10:30 - 2013-10-10 10:30 - 00021819 _____ C:\Users\Oliver\Desktop\Addition.txt
2013-10-10 10:29 - 2013-10-10 10:30 - 00021819 _____ C:\Users\Oliver\Downloads\Addition.txt
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\FRST
2013-10-10 10:27 - 2013-10-10 10:28 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2013-10-10 10:23 - 2013-10-10 10:23 - 00000474 _____ C:\Users\Oliver\Desktop\defogger_disable.log
2013-10-10 10:23 - 2013-10-10 10:23 - 00000000 _____ C:\Users\Oliver\defogger_reenable
2013-10-10 10:22 - 2013-10-10 10:22 - 00050477 _____ C:\Users\Oliver\Downloads\Defogger.exe
2013-10-10 09:51 - 2013-10-10 09:51 - 00465208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 09:02 - 2013-10-10 10:13 - 00000000 ____D C:\Program Files\DivX
2013-10-10 08:58 - 2013-10-10 09:02 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:59 - 00000000 ____D C:\Users\Oliver\AppData\Local\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\Documents\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\0D0S1L2Z1P1B
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Local\cache
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 _____ C:\Users\Oliver\daemonprocess.txt
2013-10-10 08:56 - 2013-10-10 10:13 - 00000000 ____D C:\ProgramData\DivX
2013-10-10 08:56 - 2013-10-10 10:11 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-10 08:56 - 2013-10-10 08:57 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-10 08:56 - 2013-10-10 08:56 - 00715038 _____ C:\Windows\unins000.exe
2013-10-10 08:56 - 2013-10-10 08:56 - 00001987 _____ C:\Windows\unins000.dat
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\LavFilters
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\CDXReader
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-10 08:56 - 2012-02-26 16:47 - 00079360 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-10 08:56 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2013-10-10 08:56 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2013-10-10 08:56 - 2011-05-30 15:42 - 00255488 _____ C:\Windows\system32\xvidvfw.dll
2013-10-10 08:56 - 2011-05-30 15:42 - 00240640 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-10-10 08:56 - 2011-05-23 11:52 - 00153088 _____ C:\Windows\SysWOW64\xvid.ax
2013-10-10 08:56 - 2011-05-23 09:49 - 00173568 _____ C:\Windows\system32\xvid.ax
2013-10-10 08:56 - 2011-05-23 09:46 - 00645632 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-10-10 08:56 - 2011-05-23 09:45 - 00696832 _____ C:\Windows\system32\xvidcore.dll
2013-10-10 08:54 - 2013-10-10 08:54 - 00749216 _____ C:\Users\Oliver\Downloads\CodecPackage.exe
2013-10-10 07:43 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 07:43 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 07:43 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 07:43 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 07:43 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 07:43 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 07:43 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 07:43 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 07:43 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 07:43 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 07:43 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-10 07:43 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-10 07:43 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 07:43 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 07:43 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 07:43 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 07:43 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 07:43 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 07:43 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-10 07:43 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 07:43 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 07:42 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 07:40 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 07:40 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 07:40 - 2013-07-02 00:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 07:40 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-10 07:40 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 07:40 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 07:40 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 07:40 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-10 07:39 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 07:39 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 07:39 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 07:39 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-10 07:39 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-10 07:39 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-10 07:39 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 07:39 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 07:39 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 07:39 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 07:39 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 07:39 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 07:39 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 07:39 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 07:39 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 07:39 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 11:03 - 2013-10-09 11:03 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-09 11:00 - 2013-10-09 11:02 - 30669224 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\jre-7u40-windows-x64.exe
2013-10-08 09:23 - 2013-10-09 11:04 - 00000000 ____D C:\ProgramData\Oracle
2013-10-08 09:22 - 2013-10-08 09:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 09:22 - 2013-10-08 09:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-08 09:16 - 2013-10-08 09:16 - 00913832 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\JavaSetup7u40.exe
2013-09-29 15:26 - 2013-09-29 15:29 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Apple Computer
2013-09-29 15:26 - 2013-09-29 15:26 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-29 15:26 - 2013-09-29 15:26 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iTunes
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iPod
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-29 15:25 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-29 15:22 - 2013-09-29 15:23 - 00000000 ____D C:\ProgramData\Apple
2013-09-29 15:22 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files\Bonjour
2013-09-29 15:22 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-29 15:12 - 2013-09-29 15:17 - 97176400 _____ (Apple Inc.) C:\Users\Oliver\Downloads\iTunes64Setup.exe
2013-09-16 21:59 - 2013-10-02 03:38 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-16 21:59 - 2013-10-02 03:38 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-12 11:50 - 2013-09-12 11:50 - 01766784 _____ C:\Users\Oliver\Downloads\wrar500.exe
2013-09-11 19:43 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 19:43 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 19:43 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 19:43 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 19:43 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 19:43 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 19:43 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 19:43 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 19:43 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 19:43 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 19:43 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 19:43 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 19:43 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 19:41 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 19:41 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 19:41 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 19:41 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 19:41 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 19:41 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 19:41 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 19:41 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 19:41 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 19:41 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 19:41 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 19:41 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 19:41 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 19:41 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 19:41 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 19:41 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 19:41 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 19:41 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 19:41 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 19:41 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 19:41 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 19:41 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 19:41 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 19:41 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 19:41 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 19:41 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 19:41 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 19:41 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 19:41 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 19:41 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 19:41 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 19:41 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 19:41 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 19:41 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 19:41 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 19:41 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 19:41 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 19:41 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 19:41 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 19:41 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 19:41 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 19:41 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-11 19:32 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll

==================== One Month Modified Files and Folders =======

2013-10-11 12:25 - 2013-10-11 12:25 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64 (2).exe
2013-10-11 12:23 - 2013-10-11 12:23 - 00000897 _____ C:\Users\Oliver\Desktop\checkup.txt
2013-10-11 12:21 - 2013-10-11 12:21 - 00891167 _____ C:\Users\Oliver\Desktop\SecurityCheck.exe
2013-10-11 12:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-11 12:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-11 11:54 - 2013-01-17 12:44 - 02038347 _____ C:\Windows\WindowsUpdate.log
2013-10-11 11:49 - 2013-10-11 12:18 - 00000888 _____ C:\Users\Oliver\Desktop\ESET.txt
2013-10-11 10:28 - 2013-06-25 21:08 - 00000000 ____D C:\Users\Oliver\Documents\Outlook-Dateien
2013-10-11 10:28 - 2013-01-17 12:21 - 00756644 _____ C:\Windows\system32\perfh007.dat
2013-10-11 10:28 - 2013-01-17 12:21 - 00156836 _____ C:\Windows\system32\perfc007.dat
2013-10-11 10:28 - 2012-07-26 09:28 - 01754016 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-11 10:25 - 2013-10-11 10:25 - 02347384 _____ (ESET) C:\Users\Oliver\Desktop\esetsmartinstaller_enu.exe
2013-10-10 14:45 - 2013-06-20 15:43 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-10 12:18 - 2013-06-20 09:11 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3691925902-789438496-117329320-1001
2013-10-10 12:13 - 2013-10-10 12:13 - 01774862 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 12:04 - 2013-10-10 12:04 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64 (1).exe
2013-10-10 11:58 - 2013-10-10 11:58 - 00000922 _____ C:\Users\Oliver\Desktop\JRT.txt
2013-10-10 11:52 - 2013-10-10 11:52 - 00000000 ____D C:\Windows\ERUNT
2013-10-10 11:51 - 2013-10-10 11:51 - 01032220 _____ (Thisisu) C:\Users\Oliver\Desktop\JRT.exe
2013-10-10 11:48 - 2013-10-10 11:48 - 00003844 _____ C:\Users\Oliver\Desktop\AdwCleaner[S0].txt
2013-10-10 11:47 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 11:46 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-10 11:45 - 2013-10-10 11:41 - 00000000 ____D C:\AdwCleaner
2013-10-10 11:45 - 2013-06-20 09:03 - 00000000 ___RD C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-10 11:41 - 2013-10-10 11:41 - 01048960 _____ C:\Users\Oliver\Desktop\adwcleaner.exe
2013-10-10 11:40 - 2013-10-10 11:40 - 01048960 _____ C:\Users\Oliver\Downloads\adwcleaner (1).exe
2013-10-10 11:39 - 2013-10-10 11:39 - 01048960 _____ C:\Users\Oliver\Downloads\adwcleaner.exe
2013-10-10 11:32 - 2013-10-10 11:32 - 00000229 _____ C:\Users\Oliver\Desktop\Trojaner Board.url
2013-10-10 11:14 - 2013-10-10 11:14 - 01110476 _____ C:\Users\Oliver\Downloads\7z920 (1).exe
2013-10-10 11:08 - 2013-10-10 11:08 - 01110476 _____ C:\Users\Oliver\Downloads\7z920.exe
2013-10-10 11:08 - 2013-10-10 11:08 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-10-10 10:42 - 2013-10-10 10:42 - 00682829 _____ C:\Users\Oliver\Desktop\Gmer.log
2013-10-10 10:42 - 2013-06-20 14:50 - 00847360 ___SH C:\Users\Oliver\Desktop\Thumbs.db
2013-10-10 10:40 - 2013-10-10 10:40 - 00377856 _____ C:\Users\Oliver\Downloads\gmer_2.1.19163 (1).exe
2013-10-10 10:33 - 2013-10-10 10:33 - 00377856 _____ C:\Users\Oliver\Downloads\gmer_2.1.19163.exe
2013-10-10 10:30 - 2013-10-10 10:30 - 00021819 _____ C:\Users\Oliver\Desktop\Addition.txt
2013-10-10 10:30 - 2013-10-10 10:29 - 00021819 _____ C:\Users\Oliver\Downloads\Addition.txt
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\FRST
2013-10-10 10:28 - 2013-10-10 10:27 - 01954124 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2013-10-10 10:23 - 2013-10-10 10:23 - 00000474 _____ C:\Users\Oliver\Desktop\defogger_disable.log
2013-10-10 10:23 - 2013-10-10 10:23 - 00000000 _____ C:\Users\Oliver\defogger_reenable
2013-10-10 10:23 - 2013-06-20 09:01 - 00000000 ____D C:\Users\Oliver
2013-10-10 10:22 - 2013-10-10 10:22 - 00050477 _____ C:\Users\Oliver\Downloads\Defogger.exe
2013-10-10 10:13 - 2013-10-10 09:02 - 00000000 ____D C:\Program Files\DivX
2013-10-10 10:13 - 2013-10-10 08:56 - 00000000 ____D C:\ProgramData\DivX
2013-10-10 10:13 - 2012-08-03 04:22 - 00062872 _____ C:\Windows\PFRO.log
2013-10-10 10:11 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-10-10 09:51 - 2013-10-10 09:51 - 00465208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 09:10 - 2013-06-20 15:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-10 09:02 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-10-10 08:59 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Local\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\Documents\Mobogenie
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\0D0S1L2Z1P1B
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Users\Oliver\AppData\Local\cache
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 08:58 - 2013-10-10 08:58 - 00000000 _____ C:\Users\Oliver\daemonprocess.txt
2013-10-10 08:57 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Xvid
2013-10-10 08:56 - 2013-10-10 08:56 - 00715038 _____ C:\Windows\unins000.exe
2013-10-10 08:56 - 2013-10-10 08:56 - 00001987 _____ C:\Windows\unins000.dat
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\LavFilters
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\CDXReader
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\Program Files (x86)\ffdshow
2013-10-10 08:54 - 2013-10-10 08:54 - 00749216 _____ C:\Users\Oliver\Downloads\CodecPackage.exe
2013-10-10 08:01 - 2013-06-25 20:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 07:59 - 2013-08-14 11:02 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 07:57 - 2013-06-20 16:19 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 11:53 - 2013-06-20 12:16 - 00000000 ____D C:\Users\Oliver\Documents\Studium
2013-10-09 11:04 - 2013-10-08 09:23 - 00000000 ____D C:\ProgramData\Oracle
2013-10-09 11:03 - 2013-10-09 11:03 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-09 11:03 - 2013-10-09 11:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-09 11:03 - 2013-01-17 12:45 - 01095080 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-10-09 11:03 - 2013-01-17 12:45 - 00973736 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-10-09 11:02 - 2013-10-09 11:00 - 30669224 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\jre-7u40-windows-x64.exe
2013-10-09 10:57 - 2013-06-20 12:06 - 00000000 ____D C:\Users\Oliver\Documents\Dokumente
2013-10-08 09:22 - 2013-10-08 09:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 09:22 - 2013-10-08 09:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 09:22 - 2013-10-08 09:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-08 09:22 - 2013-01-17 12:46 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-08 09:22 - 2013-01-17 12:46 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-08 09:16 - 2013-10-08 09:16 - 00913832 _____ (Oracle Corporation) C:\Users\Oliver\Downloads\JavaSetup7u40.exe
2013-10-06 11:02 - 2013-06-20 09:45 - 00000000 ____D C:\Update
2013-10-05 18:26 - 2013-06-20 12:05 - 00000000 ____D C:\Users\Oliver\Documents\Auswertungen
2013-10-04 14:10 - 2013-06-27 07:48 - 00000000 ____D C:\Users\Oliver\AppData\Local\CrashDumps
2013-10-04 10:20 - 2013-01-17 12:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-02 03:38 - 2013-09-16 21:59 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-09-16 21:59 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-29 15:29 - 2013-09-29 15:26 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Apple Computer
2013-09-29 15:29 - 2012-07-26 09:21 - 00026076 _____ C:\Windows\setupact.log
2013-09-29 15:26 - 2013-09-29 15:26 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-29 15:26 - 2013-09-29 15:26 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iTunes
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files\iPod
2013-09-29 15:25 - 2013-09-29 15:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Users\Oliver\AppData\Local\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-29 15:23 - 2013-09-29 15:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-29 15:23 - 2013-09-29 15:22 - 00000000 ____D C:\ProgramData\Apple
2013-09-29 15:23 - 2013-09-29 15:22 - 00000000 ____D C:\Program Files\Bonjour
2013-09-29 15:23 - 2013-09-29 15:22 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-29 15:17 - 2013-09-29 15:12 - 97176400 _____ (Apple Inc.) C:\Users\Oliver\Downloads\iTunes64Setup.exe
2013-09-23 01:28 - 2013-10-10 07:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-10 07:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-10 07:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-10 07:42 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 00:55 - 2013-10-10 07:43 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-10 07:43 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-10 07:43 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-10 07:43 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-10 07:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-16 22:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-16 21:57 - 2013-06-21 11:27 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-09-16 13:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-16 13:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-16 13:27 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-12 11:51 - 2013-06-21 11:27 - 00000000 ____D C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-12 11:50 - 2013-09-12 11:50 - 01766784 _____ C:\Users\Oliver\Downloads\wrar500.exe
2013-09-11 17:50 - 2013-01-17 12:47 - 00000000 ____D C:\ProgramData\Sony Corporation

Some content of TEMP:
====================
C:\Users\Oliver\AppData\Local\Temp\BackupSetup.exe
C:\Users\Oliver\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Oliver\AppData\Local\Temp\ose00000.exe
C:\Users\Oliver\AppData\Local\Temp\Quarantine.exe
C:\Users\Oliver\AppData\Local\Temp\uninst1.exe
C:\Users\Oliver\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 09:25

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 12.10.2013, 14:27

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Cayman · 13.10.2013, 14:58

Hi Schrauber,

alles erledigt. Ich danke Dir!

schrauber · 14.10.2013, 08:13

Gern Geschehen

14.10.2013, 08:13	#8
schrauber /// the machine /// TB-Ausbilder	Windows 8: Adware.Agent und PUP.Optional Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 8: Adware.Agent und PUP.Optional

Log-Analyse und Auswertung: Windows 8: Adware.Agent und PUP.Optional