Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PUP.Optional.... 23 Infizierte Dateien

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.10.2013, 18:30   #1
Tobi91
 
PUP.Optional.... 23 Infizierte Dateien - Standard

PUP.Optional.... 23 Infizierte Dateien



Moin Zusammen!

Habe das Thema eben im Flaschen Bereich gestartet (Windows-Probleme) und wollte es eigentlich löschen, ging aber nicht. Ich bitte um Entschuldigung. Deswegen jetzt im neuen Bereich noch mal richtig!

Ich habe mir gestern irgendwie diesen Trojaner eingefangen und will ihn nun loswerden. Leider ist mein Computerverständnis dafür nicht ganz sooo ausgereift und suche nun Hilfe hier.

Ich habe mich ein wenig durch die Forenthemen hier geklickt und dabei versucht ihn selbst los zu werden. Habe mir mitlerweile folgende Dinge runtergeladen:
Malwarbytes Anti Malware
ADW Cleaner
FRST

Nun brauch ich noch Hilfe mit dem richtigen Umgang mit den Programmen.

Hier Der Bericht von Malwarebytes:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.27.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Tobias Bormann :: TOBIASBORMANN [Administrator]

28.10.2013 17:54:07
MBAM-log-2013-10-28 (18-12-14).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 267541
Laufzeit: 4 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 3
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00078E95-3A4A-4137-8DE7-2824908D1C17} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00078E95-3A4A-4137-8DE7-2824908D1C17} (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{00078E95-3A4A-4137-8DE7-2824908D1C17} (PUP.Optional.SearchGolTB.A) -> Daten: searchgol Toolbar -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{00078E95-3A4A-4137-8DE7-2824908D1C17} (PUP.Optional.SearchGolTB.A) -> Daten:  -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Tobias Bormann\AppData\Local\Temp\mt_ffx\searchgol (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\mt_ffx\searchgol\searchgol (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\mt_ffx\searchgol\searchgol\1.8.16.19 (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 15
C:\Users\Tobias Bormann\AppData\Local\Temp\odpyrukC.exe.part (PUP.Optional.InstallMonetizer) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\bus8C38\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\busA8AD\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\busACC2\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\DDF1A9C9-BAB0-7891-A0C0-53E8829D0871\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\DDF1A9C9-BAB0-7891-A0C0-53E8829D0871\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\DDF1A9C9-BAB0-7891-A0C0-53E8829D0871\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\DDF1A9C9-BAB0-7891-A0C0-53E8829D0871\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\DDF1A9C9-BAB0-7891-A0C0-53E8829D0871\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\DDF1A9C9-BAB0-7891-A0C0-53E8829D0871\Latest\MySgolTB.exe (PUP.Optional.SearchGolTB.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\DDF1A9C9-BAB0-7891-A0C0-53E8829D0871\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\AppData\Local\Temp\OCS\ocs_v7f.exe (PUP.Optional.DownloadSponsor.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\Downloads\Free31213YouTubeToMP3Converter.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe (PUP.Optional.DownloadSponsor.A) -> Keine Aktion durchgeführt.
C:\Users\Tobias Bormann\Downloads\ZipExtractorSetup.exe (PUP.Optional.JumpyApps) -> Keine Aktion durchgeführt.

(Ende)
         
Hier der FRST-Report:
Code:
ATTFilter
==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\MsOsd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Windows.old\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Tobias Bormann\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [fspuip] - C:\Program Files\FSP\FspUip.exe [4055552 2010-11-08] (Sentelic Corporation)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Spotify] - C:\Users\Tobias Bormann\AppData\Roaming\Spotify\spotify.exe [4752384 2013-10-21] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Tobias Bormann\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-21] (Spotify Ltd)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MountPoints2: {bed104ba-1c9c-11e3-99ba-806e6f6e6963} - E:\InstallAll.exe
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-23] (APN)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [226920 2010-12-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [192616 2010-12-24] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7368155B5BB1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {00078E95-3A4A-4137-8DE7-2824908D1C17} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Tobias Bormann\AppData\Roaming\Mozilla\Firefox\Profiles\c9my3rcw.default
FF user.js: detected! => C:\Users\Tobias Bormann\AppData\Roaming\Mozilla\Firefox\Profiles\c9my3rcw.default\user.js
FF SearchEngineOrder.3: Bing 
FF Homepage: www.t-online.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-14] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2010-12-10] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-12-10] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-14] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-03] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-09-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-09-17] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130921.001\IDSvia64.sys [520280 2013-09-18] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130921.005\ENG64.SYS [126040 2013-09-17] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130921.005\EX64.SYS [2099288 2013-09-17] (Symantec Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2010-12-10] (PEGATRON)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2013-09-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-28 18:11 - 2013-10-28 18:11 - 00000000 ____D C:\FRST
2013-10-28 18:10 - 2013-10-28 18:10 - 01956538 _____ (Farbar) C:\Users\Tobias Bormann\Downloads\FRST64.exe
2013-10-27 21:58 - 2013-10-27 21:58 - 00001119 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Malwarebytes
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-27 21:58 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-27 21:51 - 2013-10-27 21:51 - 00614816 _____ C:\Users\Tobias Bormann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-10-27 21:47 - 2013-10-27 21:50 - 00610004 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias Bormann\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-27 21:44 - 2013-10-27 21:46 - 00240624 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias Bormann\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-27 18:34 - 2013-10-27 21:12 - 00000000 ____D C:\AdwCleaner
2013-10-27 18:34 - 2013-10-27 18:34 - 01060070 _____ C:\Users\Tobias Bormann\Downloads\adwcleaner.exe
2013-10-27 18:26 - 2013-10-27 18:26 - 00752096 _____ C:\Users\Tobias Bormann\Downloads\ZipExtractorSetup.exe
2013-10-27 16:44 - 2013-10-27 16:44 - 00159144 _____ (Microsoft Corporation) C:\Users\Tobias Bormann\Downloads\WindowsActivationUpdate.exe
2013-10-27 16:43 - 2013-10-27 16:43 - 00189617 _____ C:\Users\Tobias Bormann\Downloads\wmp11-windowsxp-x86-DE-DE(1).exe.part
2013-10-27 16:37 - 2013-10-27 16:37 - 00003230 _____ C:\Windows\System32\Tasks\{ABE14372-8353-40D1-BAB5-8A3B843217F5}
2013-10-27 16:36 - 2013-10-27 16:52 - 00003434 _____ C:\Windows\wmsetup.log
2013-10-27 16:36 - 2013-10-27 16:36 - 25842736 _____ (Microsoft Corporation) C:\Users\Tobias Bormann\Downloads\wmp11-windowsxp-x86-DE-DE.exe
2013-10-27 15:03 - 2013-10-27 15:07 - 208740130 _____ C:\Users\Tobias Bormann\Downloads\eclipse-standard-kepler-SR1-win32-x86_64.zip
2013-10-26 20:04 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-26 20:04 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-26 20:04 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-26 20:04 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-26 20:03 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-26 20:03 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-26 20:03 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-14 16:39 - 2013-10-14 16:39 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-13 17:26 - 2013-10-13 17:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\Documents\samsung
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Samsung
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Samsung
2013-10-13 17:11 - 2013-10-13 17:11 - 00002012 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-10-13 17:11 - 2013-10-13 17:11 - 00002002 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-10-13 17:09 - 2013-10-13 17:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-10-13 16:24 - 2013-07-18 13:33 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2013-10-13 16:23 - 2013-07-18 13:32 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgderapi.dll
2013-10-13 16:22 - 2013-10-13 16:30 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-10-13 16:22 - 2013-10-13 16:29 - 00000000 ____D C:\ProgramData\Samsung
2013-10-13 16:20 - 2009-07-14 02:41 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2013-10-13 16:20 - 2009-07-14 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL
2013-10-13 16:20 - 2009-07-14 02:39 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2013-10-13 16:20 - 2009-07-14 02:16 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2013-10-13 16:20 - 2009-07-14 02:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2013-10-13 16:19 - 2009-07-14 02:41 - 03027456 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 02544128 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00781312 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00430592 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00397312 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\wmidx.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWiaCompat.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\wmdmps.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\wmcodecdspps.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wmdmlog.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2013-10-13 16:19 - 2009-07-14 02:39 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2013-10-13 16:19 - 2009-07-14 02:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\asferror.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 02504192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 01619968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 01003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00902656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00812032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00547328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidx.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWiaCompat.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00110080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmcodecdspps.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmps.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmlog.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00986624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00743424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-10-13 16:19 - 2009-07-14 02:15 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswmdm.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2013-10-13 16:19 - 2009-07-14 02:15 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2013-10-13 16:19 - 2009-07-14 02:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LAPRXY.DLL
2013-10-13 16:19 - 2009-07-14 02:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2013-10-13 16:19 - 2009-07-14 02:14 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2013-10-13 16:19 - 2009-07-14 02:03 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asferror.dll
2013-10-13 16:19 - 2009-06-10 21:52 - 00316640 _____ C:\Windows\WMSysPr9.prx
2013-10-13 16:18 - 2013-10-13 16:18 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Downloaded Installations
2013-10-13 16:16 - 2013-10-13 16:17 - 70111336 _____ (Samsung Electronics Co., Ltd.                                ) C:\Users\Tobias Bormann\Downloads\KiesSetup.exe
2013-10-13 06:38 - 2013-10-13 06:38 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-10-13 06:38 - 2013-10-13 06:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-10-12 16:16 - 2013-10-13 15:19 - 00008976 _____ C:\Users\Tobias Bormann\Documents\Mappe1.xlsx
2013-10-12 10:18 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-12 10:18 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-12 10:18 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-12 10:18 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-12 10:18 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-12 10:18 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-12 10:18 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 10:18 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-12 10:18 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 10:18 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-11 13:50 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-11 13:50 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-11 13:50 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-11 13:50 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-11 13:50 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-11 13:50 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-11 13:50 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-11 13:50 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-11 13:50 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-11 13:50 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-11 13:50 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-11 13:50 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-11 13:50 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-11 13:50 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-11 13:50 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-11 13:50 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-11 13:50 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-11 13:50 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-11 13:50 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-11 13:50 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 13:50 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 13:50 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 13:50 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 13:50 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-11 13:50 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-11 13:50 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-11 13:50 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 13:50 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-11 13:50 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-11 13:50 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-11 13:50 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-11 13:50 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-11 13:50 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-11 13:50 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 13:50 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 13:50 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-11 13:50 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-11 13:50 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-11 13:50 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 13:50 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-11 13:50 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-11 13:50 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-11 13:50 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 13:50 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-11 13:50 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-11 13:49 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-08 14:42 - 2013-10-08 14:42 - 00002598 _____ C:\Users\Tobias Bormann\Documents\Schlüssel.pfx
2013-10-06 19:05 - 2013-10-06 19:05 - 00000000 ____D C:\Users\Tobias Bormann\Downloads\best
2013-10-06 02:26 - 2013-10-06 02:26 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-06 02:26 - 2013-10-06 02:26 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\DVDVideoSoft
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-05 19:50 - 2013-10-05 19:52 - 28795304 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Tobias Bormann\Downloads\Free31213YouTubeToMP3Converter.exe
2013-10-05 10:07 - 2013-10-14 14:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-05 10:07 - 2013-10-05 10:07 - 00000000 ____D C:\Windows\PCHEALTH
2013-10-05 10:04 - 2013-10-16 22:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-05 10:04 - 2013-10-14 22:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-05 10:04 - 2013-10-05 10:04 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Microsoft Help
2013-10-05 10:04 - 2013-10-05 10:04 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-02 18:08 - 2013-10-02 18:08 - 04029552 _____ C:\Users\Tobias Bormann\Downloads\rest 2.zip
2013-10-02 18:07 - 2013-10-02 18:08 - 05052335 _____ C:\Users\Tobias Bormann\Downloads\best.zip
2013-10-02 18:07 - 2013-10-02 18:08 - 03698519 _____ C:\Users\Tobias Bormann\Downloads\rest 1.zip
2013-10-02 18:06 - 2013-10-02 18:06 - 04754072 _____ C:\Users\Tobias Bormann\Downloads\fail.zip
2013-10-01 14:17 - 2013-10-05 19:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-10-28 18:11 - 2013-10-28 18:11 - 00000000 ____D C:\FRST
2013-10-28 18:10 - 2013-10-28 18:10 - 01956538 _____ (Farbar) C:\Users\Tobias Bormann\Downloads\FRST64.exe
2013-10-28 18:09 - 2013-09-13 20:00 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4805FE7A-7BDC-4C66-82E6-4CA9ADFF3B82}
2013-10-28 18:07 - 2013-09-14 16:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-28 17:17 - 2013-09-13 18:52 - 01572169 _____ C:\Windows\WindowsUpdate.log
2013-10-28 14:25 - 2009-07-14 05:50 - 00020144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-28 14:25 - 2009-07-14 05:50 - 00020144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-28 14:23 - 2011-04-12 09:14 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-10-28 14:23 - 2011-04-12 09:14 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-10-28 14:23 - 2009-07-14 06:12 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-28 14:21 - 2013-09-18 16:51 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Skype
2013-10-28 14:21 - 2013-09-14 20:55 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Spotify
2013-10-28 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-10-28 14:17 - 2013-09-17 15:23 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-10-28 14:17 - 2011-03-30 04:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-28 14:17 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-28 14:17 - 2009-07-14 05:56 - 00033474 _____ C:\Windows\setupact.log
2013-10-28 14:14 - 2010-11-21 04:47 - 00009350 _____ C:\Windows\PFRO.log
2013-10-27 21:58 - 2013-10-27 21:58 - 00001119 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Malwarebytes
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-27 21:51 - 2013-10-27 21:51 - 00614816 _____ C:\Users\Tobias Bormann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-10-27 21:50 - 2013-10-27 21:47 - 00610004 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias Bormann\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-27 21:46 - 2013-10-27 21:44 - 00240624 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias Bormann\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-27 21:41 - 2013-09-18 20:24 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\vlc
2013-10-27 21:12 - 2013-10-27 18:34 - 00000000 ____D C:\AdwCleaner
2013-10-27 18:35 - 2013-09-13 19:23 - 00000000 ___RD C:\Users\Tobias Bormann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-27 18:34 - 2013-10-27 18:34 - 01060070 _____ C:\Users\Tobias Bormann\Downloads\adwcleaner.exe
2013-10-27 18:26 - 2013-10-27 18:26 - 00752096 _____ C:\Users\Tobias Bormann\Downloads\ZipExtractorSetup.exe
2013-10-27 18:15 - 2013-09-17 14:56 - 00000000 ____D C:\Users\UpdatusUser.TobiasBormann
2013-10-27 16:52 - 2013-10-27 16:36 - 00003434 _____ C:\Windows\wmsetup.log
2013-10-27 16:44 - 2013-10-27 16:44 - 00159144 _____ (Microsoft Corporation) C:\Users\Tobias Bormann\Downloads\WindowsActivationUpdate.exe
2013-10-27 16:43 - 2013-10-27 16:43 - 00189617 _____ C:\Users\Tobias Bormann\Downloads\wmp11-windowsxp-x86-DE-DE(1).exe.part
2013-10-27 16:37 - 2013-10-27 16:37 - 00003230 _____ C:\Windows\System32\Tasks\{ABE14372-8353-40D1-BAB5-8A3B843217F5}
2013-10-27 16:36 - 2013-10-27 16:36 - 25842736 _____ (Microsoft Corporation) C:\Users\Tobias Bormann\Downloads\wmp11-windowsxp-x86-DE-DE.exe
2013-10-27 15:07 - 2013-10-27 15:03 - 208740130 _____ C:\Users\Tobias Bormann\Downloads\eclipse-standard-kepler-SR1-win32-x86_64.zip
2013-10-25 13:10 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-20 19:33 - 2013-09-14 20:56 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Spotify
2013-10-16 22:53 - 2013-10-05 10:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-16 18:45 - 2013-09-17 15:17 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Virtual Desktop Manager
2013-10-14 22:50 - 2013-10-05 10:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 20:39 - 2013-09-17 15:00 - 00068328 _____ C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-14 20:39 - 2013-09-17 15:00 - 00068328 _____ C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-14 20:35 - 2013-09-21 13:12 - 00000000 ____D C:\Program Files (x86)\Epson Software
2013-10-14 20:30 - 2013-09-13 20:26 - 00068328 _____ C:\Users\Tobias Bormann\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-14 20:30 - 2009-07-14 05:50 - 00299024 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 16:39 - 2013-10-14 16:39 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-14 16:39 - 2013-09-14 16:37 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-14 14:27 - 2013-10-05 10:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-13 17:26 - 2013-10-13 17:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\Documents\samsung
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Samsung
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Samsung
2013-10-13 17:13 - 2013-09-18 15:10 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\CrashDumps
2013-10-13 17:11 - 2013-10-13 17:11 - 00002012 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-10-13 17:11 - 2013-10-13 17:11 - 00002002 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-10-13 17:09 - 2013-10-13 17:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-10-13 17:07 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-10-13 17:07 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2013-10-13 17:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-13 16:30 - 2013-10-13 16:22 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-10-13 16:29 - 2013-10-13 16:22 - 00000000 ____D C:\ProgramData\Samsung
2013-10-13 16:23 - 2011-03-30 04:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-13 16:18 - 2013-10-13 16:18 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Downloaded Installations
2013-10-13 16:17 - 2013-10-13 16:16 - 70111336 _____ (Samsung Electronics Co., Ltd.                                ) C:\Users\Tobias Bormann\Downloads\KiesSetup.exe
2013-10-13 15:19 - 2013-10-12 16:16 - 00008976 _____ C:\Users\Tobias Bormann\Documents\Mappe1.xlsx
2013-10-13 06:38 - 2013-10-13 06:38 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-10-13 06:38 - 2013-10-13 06:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-10-12 16:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-10-12 12:00 - 2013-09-18 16:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-12 12:00 - 2013-09-18 16:50 - 00000000 ____D C:\ProgramData\Skype
2013-10-12 10:15 - 2013-09-18 15:23 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 10:13 - 2013-09-18 15:22 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 15:19 - 2013-09-14 16:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 15:18 - 2013-09-14 16:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 15:18 - 2013-09-14 16:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-10 14:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-08 14:42 - 2013-10-08 14:42 - 00002598 _____ C:\Users\Tobias Bormann\Documents\Schlüssel.pfx
2013-10-06 19:05 - 2013-10-06 19:05 - 00000000 ____D C:\Users\Tobias Bormann\Downloads\best
2013-10-06 02:26 - 2013-10-06 02:26 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-06 02:26 - 2013-10-06 02:26 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-05 19:54 - 2013-10-01 14:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\DVDVideoSoft
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-05 19:52 - 2013-10-05 19:50 - 28795304 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Tobias Bormann\Downloads\Free31213YouTubeToMP3Converter.exe
2013-10-05 19:43 - 2013-09-14 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 10:07 - 2013-10-05 10:07 - 00000000 ____D C:\Windows\PCHEALTH
2013-10-05 10:06 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-05 10:04 - 2013-10-05 10:04 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Microsoft Help
2013-10-05 10:04 - 2013-10-05 10:04 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-05 10:04 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew
2013-10-02 18:08 - 2013-10-02 18:08 - 04029552 _____ C:\Users\Tobias Bormann\Downloads\rest 2.zip
2013-10-02 18:08 - 2013-10-02 18:07 - 05052335 _____ C:\Users\Tobias Bormann\Downloads\best.zip
2013-10-02 18:08 - 2013-10-02 18:07 - 03698519 _____ C:\Users\Tobias Bormann\Downloads\rest 1.zip
2013-10-02 18:06 - 2013-10-02 18:06 - 04754072 _____ C:\Users\Tobias Bormann\Downloads\fail.zip
2013-10-02 17:23 - 2013-09-14 16:28 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Mozilla

Some content of TEMP:
====================
C:\Users\Tobias Bormann\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\ose00000.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\_is3F12.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\_is77CD.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\_isAF8.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-22 19:49

==================== End Of Log ============================
         

Alt 28.10.2013, 18:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

PUP.Optional.... 23 Infizierte Dateien - Standard

PUP.Optional.... 23 Infizierte Dateien



hi,

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________

Alt 28.10.2013, 21:32   #3
Tobi91
 
PUP.Optional.... 23 Infizierte Dateien - Standard

PUP.Optional.... 23 Infizierte Dateien



adw cleaner:

Code:
ATTFilter
# AdwCleaner v3.010 - Bericht erstellt am 28/10/2013 um 18:47:58
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Professional N Service Pack 1 (64 bits)
# Benutzername : Tobias Bormann - TOBIASBORMANN
# Gestartet von : C:\Users\Tobias Bormann\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : BackupStack

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\TOBIAS~1\AppData\Local\Temp\OCS
Datei Gelöscht : C:\Users\Tobias Bormann\AppData\Roaming\Mozilla\Firefox\Profiles\c9my3rcw.default\user.js
Datei Gelöscht : C:\Users\Tobias Bormann\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\Tobias Bormann\AppData\Roaming\Mozilla\Firefox\Profiles\c9my3rcw.default\prefs.js ]


[ Datei : C:\Users\Tobias Bormann\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js ]


*************************

AdwCleaner[R0].txt - [15536 octets] - [27/10/2013 18:34:43]
AdwCleaner[R1].txt - [1858 octets] - [27/10/2013 19:03:35]
AdwCleaner[R2].txt - [1918 octets] - [27/10/2013 21:12:28]
AdwCleaner[R3].txt - [1738 octets] - [28/10/2013 18:46:17]
AdwCleaner[S0].txt - [14735 octets] - [27/10/2013 18:35:29]
AdwCleaner[S1].txt - [1561 octets] - [28/10/2013 18:47:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1621 octets] ##########
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Professional N x64
Ran by Tobias Bormann on 28.10.2013 at 18:55:04,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-863007269-3327651176-2838562499-1000\Software\SweetIM



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"



~~~ FireFox

Emptied folder: C:\Users\Tobias Bormann\AppData\Roaming\mozilla\firefox\profiles\c9my3rcw.default\minidumps [14 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.10.2013 at 19:00:25,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013
Ran by Tobias Bormann (administrator) on TOBIASBORMANN on 28-10-2013 19:03:55
Running from C:\Users\Tobias Bormann\Downloads
Windows 7 Professional N Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
(Microsoft Corporation) C:\Windows.old\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Tobias Bormann\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\MsOsd.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [fspuip] - C:\Program Files\FSP\FspUip.exe [4055552 2010-11-08] (Sentelic Corporation)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Spotify] - C:\Users\Tobias Bormann\AppData\Roaming\Spotify\spotify.exe [4752384 2013-10-21] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Tobias Bormann\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-21] (Spotify Ltd)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MountPoints2: {bed104ba-1c9c-11e3-99ba-806e6f6e6963} - E:\InstallAll.exe
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [226920 2010-12-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [192616 2010-12-24] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7368155B5BB1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {00078E95-3A4A-4137-8DE7-2824908D1C17} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Tobias Bormann\AppData\Roaming\Mozilla\Firefox\Profiles\c9my3rcw.default
FF SearchEngineOrder.3: Bing 
FF Homepage: www.t-online.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-14] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2010-12-10] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-12-10] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-14] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-03] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-09-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-09-17] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130921.001\IDSvia64.sys [520280 2013-09-18] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130921.005\ENG64.SYS [126040 2013-09-17] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130921.005\EX64.SYS [2099288 2013-09-17] (Symantec Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2010-12-10] (PEGATRON)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2013-09-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-28 19:00 - 2013-10-28 19:00 - 00001239 _____ C:\Users\Tobias Bormann\Desktop\JRT.txt
2013-10-28 18:55 - 2013-10-28 18:55 - 00000000 ____D C:\Windows\ERUNT
2013-10-28 18:54 - 2013-10-28 18:54 - 01033335 _____ (Thisisu) C:\Users\Tobias Bormann\Downloads\JRT.exe
2013-10-28 18:12 - 2013-10-28 18:13 - 00017564 _____ C:\Users\Tobias Bormann\Downloads\Addition.txt
2013-10-28 18:11 - 2013-10-28 18:11 - 00000000 ____D C:\FRST
2013-10-28 18:10 - 2013-10-28 18:10 - 01956538 _____ (Farbar) C:\Users\Tobias Bormann\Downloads\FRST64.exe
2013-10-27 21:58 - 2013-10-27 21:58 - 00001119 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Malwarebytes
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-27 21:58 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-27 21:51 - 2013-10-27 21:51 - 00614816 _____ C:\Users\Tobias Bormann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-10-27 21:47 - 2013-10-27 21:50 - 00610004 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias Bormann\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-27 21:44 - 2013-10-27 21:46 - 00240624 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias Bormann\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-27 18:34 - 2013-10-28 18:48 - 00000000 ____D C:\AdwCleaner
2013-10-27 18:34 - 2013-10-27 18:34 - 01060070 _____ C:\Users\Tobias Bormann\Downloads\adwcleaner.exe
2013-10-27 18:26 - 2013-10-27 18:26 - 00752096 _____ C:\Users\Tobias Bormann\Downloads\ZipExtractorSetup.exe
2013-10-27 16:44 - 2013-10-27 16:44 - 00159144 _____ (Microsoft Corporation) C:\Users\Tobias Bormann\Downloads\WindowsActivationUpdate.exe
2013-10-27 16:43 - 2013-10-27 16:43 - 00189617 _____ C:\Users\Tobias Bormann\Downloads\wmp11-windowsxp-x86-DE-DE(1).exe.part
2013-10-27 16:37 - 2013-10-27 16:37 - 00003230 _____ C:\Windows\System32\Tasks\{ABE14372-8353-40D1-BAB5-8A3B843217F5}
2013-10-27 16:36 - 2013-10-27 16:52 - 00003434 _____ C:\Windows\wmsetup.log
2013-10-27 16:36 - 2013-10-27 16:36 - 25842736 _____ (Microsoft Corporation) C:\Users\Tobias Bormann\Downloads\wmp11-windowsxp-x86-DE-DE.exe
2013-10-27 15:03 - 2013-10-27 15:07 - 208740130 _____ C:\Users\Tobias Bormann\Downloads\eclipse-standard-kepler-SR1-win32-x86_64.zip
2013-10-26 20:04 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-26 20:04 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-26 20:04 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-26 20:04 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-26 20:03 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-26 20:03 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-26 20:03 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-14 16:39 - 2013-10-14 16:39 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-13 17:26 - 2013-10-13 17:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\Documents\samsung
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Samsung
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Samsung
2013-10-13 17:11 - 2013-10-13 17:11 - 00002012 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-10-13 17:11 - 2013-10-13 17:11 - 00002002 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-10-13 17:09 - 2013-10-13 17:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-10-13 16:24 - 2013-07-18 13:33 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2013-10-13 16:23 - 2013-07-18 13:32 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgderapi.dll
2013-10-13 16:22 - 2013-10-13 16:30 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-10-13 16:22 - 2013-10-13 16:29 - 00000000 ____D C:\ProgramData\Samsung
2013-10-13 16:20 - 2009-07-14 02:41 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2013-10-13 16:20 - 2009-07-14 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL
2013-10-13 16:20 - 2009-07-14 02:39 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2013-10-13 16:20 - 2009-07-14 02:16 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2013-10-13 16:20 - 2009-07-14 02:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2013-10-13 16:19 - 2009-07-14 02:41 - 03027456 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 02544128 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00781312 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00430592 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00397312 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2013-10-13 16:19 - 2009-07-14 02:41 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\wmidx.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWiaCompat.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\wmdmps.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\wmcodecdspps.dll
2013-10-13 16:19 - 2009-07-14 02:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wmdmlog.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2013-10-13 16:19 - 2009-07-14 02:40 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2013-10-13 16:19 - 2009-07-14 02:39 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2013-10-13 16:19 - 2009-07-14 02:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\asferror.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 02504192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 01619968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 01003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00902656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00812032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00547328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2013-10-13 16:19 - 2009-07-14 02:16 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidx.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWiaCompat.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00110080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmcodecdspps.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmps.dll
2013-10-13 16:19 - 2009-07-14 02:16 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmlog.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00986624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00743424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-10-13 16:19 - 2009-07-14 02:15 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswmdm.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2013-10-13 16:19 - 2009-07-14 02:15 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2013-10-13 16:19 - 2009-07-14 02:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2013-10-13 16:19 - 2009-07-14 02:15 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LAPRXY.DLL
2013-10-13 16:19 - 2009-07-14 02:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2013-10-13 16:19 - 2009-07-14 02:14 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2013-10-13 16:19 - 2009-07-14 02:03 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asferror.dll
2013-10-13 16:19 - 2009-06-10 21:52 - 00316640 _____ C:\Windows\WMSysPr9.prx
2013-10-13 16:18 - 2013-10-13 16:18 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Downloaded Installations
2013-10-13 16:16 - 2013-10-13 16:17 - 70111336 _____ (Samsung Electronics Co., Ltd.                                ) C:\Users\Tobias Bormann\Downloads\KiesSetup.exe
2013-10-13 06:38 - 2013-10-13 06:38 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-10-13 06:38 - 2013-10-13 06:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-10-12 16:16 - 2013-10-13 15:19 - 00008976 _____ C:\Users\Tobias Bormann\Documents\Mappe1.xlsx
2013-10-12 10:18 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-12 10:18 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-12 10:18 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-12 10:18 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-12 10:18 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-12 10:18 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-12 10:18 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-12 10:18 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-12 10:18 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 10:18 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-12 10:18 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-12 10:18 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-11 13:50 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-11 13:50 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-11 13:50 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-11 13:50 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-11 13:50 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-11 13:50 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-11 13:50 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-11 13:50 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-11 13:50 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-11 13:50 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-11 13:50 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-11 13:50 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-11 13:50 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-11 13:50 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-11 13:50 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-11 13:50 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-11 13:50 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-11 13:50 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-11 13:50 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-11 13:50 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 13:50 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 13:50 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 13:50 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 13:50 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-11 13:50 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-11 13:50 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-11 13:50 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 13:50 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-11 13:50 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-11 13:50 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-11 13:50 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-11 13:50 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-11 13:50 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-11 13:50 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 13:50 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 13:50 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-11 13:50 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-11 13:50 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-11 13:50 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 13:50 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-11 13:50 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-11 13:50 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-11 13:50 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 13:50 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-11 13:50 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-11 13:49 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-08 14:42 - 2013-10-08 14:42 - 00002598 _____ C:\Users\Tobias Bormann\Documents\Schlüssel.pfx
2013-10-06 19:05 - 2013-10-06 19:05 - 00000000 ____D C:\Users\Tobias Bormann\Downloads\best
2013-10-06 02:26 - 2013-10-06 02:26 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-06 02:26 - 2013-10-06 02:26 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\DVDVideoSoft
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-05 19:50 - 2013-10-05 19:52 - 28795304 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Tobias Bormann\Downloads\Free31213YouTubeToMP3Converter.exe
2013-10-05 10:07 - 2013-10-14 14:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-05 10:07 - 2013-10-05 10:07 - 00000000 ____D C:\Windows\PCHEALTH
2013-10-05 10:04 - 2013-10-16 22:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-05 10:04 - 2013-10-14 22:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-05 10:04 - 2013-10-05 10:04 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Microsoft Help
2013-10-05 10:04 - 2013-10-05 10:04 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-02 18:08 - 2013-10-02 18:08 - 04029552 _____ C:\Users\Tobias Bormann\Downloads\rest 2.zip
2013-10-02 18:07 - 2013-10-02 18:08 - 05052335 _____ C:\Users\Tobias Bormann\Downloads\best.zip
2013-10-02 18:07 - 2013-10-02 18:08 - 03698519 _____ C:\Users\Tobias Bormann\Downloads\rest 1.zip
2013-10-02 18:06 - 2013-10-02 18:06 - 04754072 _____ C:\Users\Tobias Bormann\Downloads\fail.zip
2013-10-01 14:17 - 2013-10-05 19:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-10-28 19:00 - 2013-10-28 19:00 - 00001239 _____ C:\Users\Tobias Bormann\Desktop\JRT.txt
2013-10-28 18:58 - 2009-07-14 05:50 - 00020144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-28 18:58 - 2009-07-14 05:50 - 00020144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-28 18:55 - 2013-10-28 18:55 - 00000000 ____D C:\Windows\ERUNT
2013-10-28 18:55 - 2013-09-13 20:00 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4805FE7A-7BDC-4C66-82E6-4CA9ADFF3B82}
2013-10-28 18:54 - 2013-10-28 18:54 - 01033335 _____ (Thisisu) C:\Users\Tobias Bormann\Downloads\JRT.exe
2013-10-28 18:54 - 2011-04-12 09:14 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-10-28 18:54 - 2011-04-12 09:14 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-10-28 18:54 - 2009-07-14 06:12 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-28 18:51 - 2013-09-18 16:51 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Skype
2013-10-28 18:50 - 2013-09-14 20:55 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Spotify
2013-10-28 18:49 - 2013-09-17 15:23 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-10-28 18:49 - 2011-03-30 04:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-28 18:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-28 18:49 - 2009-07-14 05:56 - 00033530 _____ C:\Windows\setupact.log
2013-10-28 18:48 - 2013-10-27 18:34 - 00000000 ____D C:\AdwCleaner
2013-10-28 18:48 - 2013-09-13 18:52 - 01578142 _____ C:\Windows\WindowsUpdate.log
2013-10-28 18:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-10-28 18:13 - 2013-10-28 18:12 - 00017564 _____ C:\Users\Tobias Bormann\Downloads\Addition.txt
2013-10-28 18:11 - 2013-10-28 18:11 - 00000000 ____D C:\FRST
2013-10-28 18:10 - 2013-10-28 18:10 - 01956538 _____ (Farbar) C:\Users\Tobias Bormann\Downloads\FRST64.exe
2013-10-28 18:07 - 2013-09-14 16:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-28 14:14 - 2010-11-21 04:47 - 00009350 _____ C:\Windows\PFRO.log
2013-10-27 21:58 - 2013-10-27 21:58 - 00001119 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Malwarebytes
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-27 21:58 - 2013-10-27 21:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-27 21:51 - 2013-10-27 21:51 - 00614816 _____ C:\Users\Tobias Bormann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-10-27 21:50 - 2013-10-27 21:47 - 00610004 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias Bormann\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-27 21:46 - 2013-10-27 21:44 - 00240624 _____ (Malwarebytes Corporation                                    ) C:\Users\Tobias Bormann\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-27 21:41 - 2013-09-18 20:24 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\vlc
2013-10-27 18:35 - 2013-09-13 19:23 - 00000000 ___RD C:\Users\Tobias Bormann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-27 18:34 - 2013-10-27 18:34 - 01060070 _____ C:\Users\Tobias Bormann\Downloads\adwcleaner.exe
2013-10-27 18:26 - 2013-10-27 18:26 - 00752096 _____ C:\Users\Tobias Bormann\Downloads\ZipExtractorSetup.exe
2013-10-27 18:15 - 2013-09-17 14:56 - 00000000 ____D C:\Users\UpdatusUser.TobiasBormann
2013-10-27 16:52 - 2013-10-27 16:36 - 00003434 _____ C:\Windows\wmsetup.log
2013-10-27 16:44 - 2013-10-27 16:44 - 00159144 _____ (Microsoft Corporation) C:\Users\Tobias Bormann\Downloads\WindowsActivationUpdate.exe
2013-10-27 16:43 - 2013-10-27 16:43 - 00189617 _____ C:\Users\Tobias Bormann\Downloads\wmp11-windowsxp-x86-DE-DE(1).exe.part
2013-10-27 16:37 - 2013-10-27 16:37 - 00003230 _____ C:\Windows\System32\Tasks\{ABE14372-8353-40D1-BAB5-8A3B843217F5}
2013-10-27 16:36 - 2013-10-27 16:36 - 25842736 _____ (Microsoft Corporation) C:\Users\Tobias Bormann\Downloads\wmp11-windowsxp-x86-DE-DE.exe
2013-10-27 15:07 - 2013-10-27 15:03 - 208740130 _____ C:\Users\Tobias Bormann\Downloads\eclipse-standard-kepler-SR1-win32-x86_64.zip
2013-10-25 13:10 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-20 19:33 - 2013-09-14 20:56 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Spotify
2013-10-16 22:53 - 2013-10-05 10:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-16 18:45 - 2013-09-17 15:17 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Virtual Desktop Manager
2013-10-14 22:50 - 2013-10-05 10:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-14 20:39 - 2013-09-17 15:00 - 00068328 _____ C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-14 20:39 - 2013-09-17 15:00 - 00068328 _____ C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-14 20:35 - 2013-09-21 13:12 - 00000000 ____D C:\Program Files (x86)\Epson Software
2013-10-14 20:30 - 2013-09-13 20:26 - 00068328 _____ C:\Users\Tobias Bormann\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-14 20:30 - 2009-07-14 05:50 - 00299024 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 16:39 - 2013-10-14 16:39 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-14 16:39 - 2013-09-14 16:37 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-14 14:27 - 2013-10-05 10:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-13 17:26 - 2013-10-13 17:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\Documents\samsung
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\Samsung
2013-10-13 17:13 - 2013-10-13 17:13 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Samsung
2013-10-13 17:13 - 2013-09-18 15:10 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\CrashDumps
2013-10-13 17:11 - 2013-10-13 17:11 - 00002012 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2013-10-13 17:11 - 2013-10-13 17:11 - 00002002 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-10-13 17:09 - 2013-10-13 17:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-10-13 17:07 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-10-13 17:07 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2013-10-13 17:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-13 16:30 - 2013-10-13 16:22 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-10-13 16:29 - 2013-10-13 16:22 - 00000000 ____D C:\ProgramData\Samsung
2013-10-13 16:23 - 2011-03-30 04:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-13 16:18 - 2013-10-13 16:18 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Downloaded Installations
2013-10-13 16:17 - 2013-10-13 16:16 - 70111336 _____ (Samsung Electronics Co., Ltd.                                ) C:\Users\Tobias Bormann\Downloads\KiesSetup.exe
2013-10-13 15:19 - 2013-10-12 16:16 - 00008976 _____ C:\Users\Tobias Bormann\Documents\Mappe1.xlsx
2013-10-13 06:38 - 2013-10-13 06:38 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-10-13 06:38 - 2013-10-13 06:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-10-12 16:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-10-12 12:00 - 2013-09-18 16:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-12 12:00 - 2013-09-18 16:50 - 00000000 ____D C:\ProgramData\Skype
2013-10-12 10:15 - 2013-09-18 15:23 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 10:13 - 2013-09-18 15:22 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 15:19 - 2013-09-14 16:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 15:18 - 2013-09-14 16:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 15:18 - 2013-09-14 16:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-10 14:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-08 14:42 - 2013-10-08 14:42 - 00002598 _____ C:\Users\Tobias Bormann\Documents\Schlüssel.pfx
2013-10-06 19:05 - 2013-10-06 19:05 - 00000000 ____D C:\Users\Tobias Bormann\Downloads\best
2013-10-06 02:26 - 2013-10-06 02:26 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-06 02:26 - 2013-10-06 02:26 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-05 19:54 - 2013-10-01 14:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Roaming\DVDVideoSoft
2013-10-05 19:53 - 2013-10-05 19:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-05 19:52 - 2013-10-05 19:50 - 28795304 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\Tobias Bormann\Downloads\Free31213YouTubeToMP3Converter.exe
2013-10-05 19:43 - 2013-09-14 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 10:07 - 2013-10-05 10:07 - 00000000 ____D C:\Windows\PCHEALTH
2013-10-05 10:06 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-05 10:04 - 2013-10-05 10:04 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Microsoft Help
2013-10-05 10:04 - 2013-10-05 10:04 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-05 10:04 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew
2013-10-02 18:08 - 2013-10-02 18:08 - 04029552 _____ C:\Users\Tobias Bormann\Downloads\rest 2.zip
2013-10-02 18:08 - 2013-10-02 18:07 - 05052335 _____ C:\Users\Tobias Bormann\Downloads\best.zip
2013-10-02 18:08 - 2013-10-02 18:07 - 03698519 _____ C:\Users\Tobias Bormann\Downloads\rest 1.zip
2013-10-02 18:06 - 2013-10-02 18:06 - 04754072 _____ C:\Users\Tobias Bormann\Downloads\fail.zip
2013-10-02 17:23 - 2013-09-14 16:28 - 00000000 ____D C:\Users\Tobias Bormann\AppData\Local\Mozilla

Some content of TEMP:
====================
C:\Users\Tobias Bormann\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\ose00000.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\_is3F12.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\_is77CD.exe
C:\Users\Tobias Bormann\AppData\Local\Temp\_isAF8.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-22 19:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---


und nun?

Malwarebytes sagt jetzt sinds nur noch 22 Dateien
__________________

Alt 29.10.2013, 13:42   #4
schrauber
/// the machine
/// TB-Ausbilder
 

PUP.Optional.... 23 Infizierte Dateien - Standard

PUP.Optional.... 23 Infizierte Dateien



lösch die mit MBAM.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu PUP.Optional.... 23 Infizierte Dateien
antivir, avira searchfree toolbar, chip-downloader.exe, desktop, dvdvideosoft ltd., farbar, firefox, flash player, infizierte, mozilla, opera, programme, pup.optional.babylon.a, pup.optional.browsefox.a, pup.optional.conduit.a, pup.optional.crx.a, pup.optional.downloadsponsor.a, pup.optional.installmonetizer, pup.optional.jumpyapps, pup.optional.opencandy, pup.optional.searchgoltb.a, samsung kies, security, services.exe, spotify web helper, svchost.exe, symantec, trojaner, usb, vcredist, windows.old, winlogon.exe




Ähnliche Themen: PUP.Optional.... 23 Infizierte Dateien


  1. WIN7: Fund PUP.Optional.DigitalSites.A, PUP.Optional.OpenCandy, PUP.Optional.Softonic.A, PUP.Optional.Updater.A. Weitere Vorgehensweise
    Log-Analyse und Auswertung - 08.10.2014 (11)
  2. mwb Auswertung, infizierte Datei mit PUP.Optional.Softonic A
    Log-Analyse und Auswertung - 28.07.2014 (1)
  3. Trojaner: PUP.Optional.CrossRider.A, PUP.Optional.MySearchDial.A, PUP.Optional.Babylon.A, PUP.Optional.BuenoSearch
    Plagegeister aller Art und deren Bekämpfung - 17.07.2014 (3)
  4. Malwarebytes 8 infizierte Objekte PUP.Optional.VShare/Babylon / Antivir deaktiviert / Echtzeitscanner aus /
    Log-Analyse und Auswertung - 11.01.2014 (9)
  5. 10 infizierte Dateien: PUP.Optional.Conduit.A
    Plagegeister aller Art und deren Bekämpfung - 16.12.2013 (3)
  6. Malwarebytes findet desöfteren infizierte Objekte: PUP.Optional...
    Log-Analyse und Auswertung - 01.12.2013 (9)
  7. PUP.Optional.... 23 Infizierte Dateien
    Alles rund um Windows - 29.10.2013 (1)
  8. PUP.Optional. ........ ca. 800 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 28.10.2013 (17)
  9. 21 Infizierte Dateien bei Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (3)
  10. Infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (11)
  11. mwb Auswertung, infizierte Datei mit PUP.Optional.Softonic
    Log-Analyse und Auswertung - 10.09.2013 (7)
  12. 2x | 105 Infizierte Objekte, Hauptsächlich PUP.Optional.delta.a/b etc.
    Mülltonne - 31.08.2013 (1)
  13. Windows 7, Malwarebytes findet 1 infizierte Datei: Trojan.PUP.Optional.FileScout.A, bei einen anderen Benutzer Pub.Optional.Open.Candy
    Log-Analyse und Auswertung - 30.08.2013 (32)
  14. 2 infizierte Dateien bei MBam
    Log-Analyse und Auswertung - 26.02.2013 (3)
  15. Infizierte Dateien
    Log-Analyse und Auswertung - 19.12.2012 (2)
  16. 10 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 26.10.2011 (3)
  17. Infizierte Dateien löschen
    Log-Analyse und Auswertung - 27.10.2004 (2)

Zum Thema PUP.Optional.... 23 Infizierte Dateien - Moin Zusammen! Habe das Thema eben im Flaschen Bereich gestartet (Windows-Probleme) und wollte es eigentlich löschen, ging aber nicht. Ich bitte um Entschuldigung. Deswegen jetzt im neuen Bereich noch mal - PUP.Optional.... 23 Infizierte Dateien...
Archiv
Du betrachtest: PUP.Optional.... 23 Infizierte Dateien auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.