Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
"YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner

"YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner


Plagegeister aller Art und deren Bekämpfung: "YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 25.02.2014, 11:50   #11
Thomas_Jgb
 
"YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner - Standard

"YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-02-2014 01
Ran by Thomas (administrator) on THOMAS-PC on 25-02-2014 10:31:41
Running from C:\Users\Thomas\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corp.) C:\Windows\system32\Defrag.exe
(Farbar) C:\Users\Thomas\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9428535F057BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\yqdoe4ex.default
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\yqdoe4ex.default\searchplugins\youtube-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\coFFPlgn\ []

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Extension: (Norton Identity Protection) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-08-16]
CHR Extension: (Google Wallet) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx [2013-07-07]

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-03] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-14] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20140224.001\IDSvia64.sys [521944 2014-02-14] (Symantec Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20140224.023\ENG64.SYS [126040 2014-02-14] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\VirusDefs\20140224.023\EX64.SYS [2099288 2014-02-14] (Symantec Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R1 SRTSP; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-25 10:30 - 2014-02-25 10:31 - 02156032 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64(1).exe
2014-02-25 10:04 - 2014-02-25 10:04 - 00000754 _____ () C:\Users\Thomas\Desktop\JRT.txt
2014-02-25 09:45 - 2014-02-25 09:45 - 00000056 _____ () C:\Windows\setupact.log
2014-02-25 09:45 - 2014-02-25 09:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-25 09:43 - 2014-02-25 09:43 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner(2).exe
2014-02-23 21:09 - 2014-02-23 21:45 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-23 21:09 - 2014-02-23 21:09 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-23 21:04 - 2014-02-23 21:45 - 00000000 ____D () C:\Users\Thomas\Desktop\mbar
2014-02-23 21:04 - 2014-02-23 21:04 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-23 21:02 - 2014-02-23 21:03 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1009.exe
2014-02-22 10:54 - 2014-02-22 10:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-22 10:53 - 2014-02-22 10:53 - 02347384 _____ (ESET) C:\Users\Thomas\Desktop\esetsmartinstaller_enu.exe
2014-02-22 10:30 - 2014-02-22 10:31 - 01037734 _____ (Thisisu) C:\Users\Thomas\Desktop\JRT.exe
2014-02-22 10:25 - 2014-02-22 10:25 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner(1).exe
2014-02-20 19:52 - 2014-02-20 19:53 - 00014851 _____ () C:\Users\Thomas\Downloads\Addition.txt
2014-02-20 19:51 - 2014-02-25 10:31 - 00010100 _____ () C:\Users\Thomas\Downloads\FRST.txt
2014-02-20 19:51 - 2014-02-25 10:31 - 00000000 ____D () C:\FRST
2014-02-20 19:50 - 2014-02-20 19:50 - 02153984 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2014-02-19 22:32 - 2014-02-19 22:32 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-19 22:31 - 2014-02-19 22:31 - 00000000 ____D () C:\Program Files\iTunes
2014-02-19 22:31 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-02-19 22:26 - 2014-02-19 22:26 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-19 22:26 - 2014-02-19 22:26 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-18 21:38 - 2014-02-25 09:45 - 00000000 ____D () C:\AdwCleaner
2014-02-18 21:37 - 2014-02-18 21:37 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner (2).exe
2014-02-18 21:37 - 2014-02-18 21:37 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner (1).exe
2014-02-18 21:24 - 2014-02-18 21:25 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner.exe
2014-02-18 20:59 - 2014-02-20 19:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-18 20:41 - 2014-02-25 09:50 - 00329668 _____ () C:\Windows\WindowsUpdate.log
2014-02-16 23:12 - 2014-02-16 23:15 - 117086041 _____ () C:\Users\Thomas\Documents\Euro 2012 - Goalkeepers Saves_(720p).mp4
2014-02-16 23:08 - 2014-02-16 23:12 - 111731824 _____ () C:\Users\Thomas\Documents\Iker Casillas Ultimate Saves Compilation 2002 - 2014 HD_(720p).mp4
2014-02-16 23:05 - 2014-02-16 23:07 - 73406054 _____ () C:\Users\Thomas\Documents\Julio Cesar 12_13_(720p).mp4
2014-02-16 23:00 - 2014-02-16 23:03 - 79703758 _____ () C:\Users\Thomas\Documents\Marc-André ter Stegen _ Best Saves _ 2012_2013 [HD]_(720p).mp4
2014-02-16 22:56 - 2014-02-16 23:00 - 95539132 _____ () C:\Users\Thomas\Documents\THIBAUT COURTOIS _ Best Saves _ Atlético Madrid _ 2012_2013 (HD)_(720p).mp4
2014-02-16 22:48 - 2014-02-16 22:53 - 149685015 _____ () C:\Users\Thomas\Documents\Joe Hart - Stronghold 10-13_(720p).mp4
2014-02-16 22:39 - 2014-02-16 22:42 - 88022985 _____ () C:\Users\Thomas\Documents\Rene Adler - Ein starkes Comeback _ #15 Hamburger SV Saves_(1080p).mp4
2014-02-16 22:33 - 2014-02-16 22:35 - 62564803 _____ () C:\Users\Thomas\Documents\Goalkeeper Saves _ 2012 - 2013 [HD]_(720p).mp4
2014-02-16 22:26 - 2014-02-16 22:29 - 109367300 _____ () C:\Users\Thomas\Documents\Best Goalkeeper Saves HD 2013!_(720p).mp4
2014-02-16 22:25 - 2014-02-16 23:19 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Youtube Downloader HD
2014-02-15 14:08 - 2014-02-15 14:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 14:06 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-15 14:06 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-15 14:06 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-15 14:06 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-15 14:06 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-15 14:06 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-15 14:04 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-15 14:04 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-15 14:04 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-15 14:04 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-15 14:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-15 14:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-15 14:04 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-15 14:04 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-15 14:04 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-15 14:04 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-15 14:04 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-15 14:04 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-15 14:04 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-15 14:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-15 14:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-15 14:04 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-15 14:04 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-15 14:04 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-15 14:04 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-15 14:04 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-15 14:04 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-15 14:04 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-15 13:32 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 13:32 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-15 13:29 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-15 13:29 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-15 13:29 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-15 13:29 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-15 13:29 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-15 13:29 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-15 13:29 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-15 13:29 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-15 13:29 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-15 13:29 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-15 13:29 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-15 13:29 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-15 13:29 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-15 13:29 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-15 13:29 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-15 13:29 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-15 13:29 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-15 13:29 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-15 13:29 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-15 13:29 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-15 13:29 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-15 13:29 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 13:29 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-15 13:29 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-15 13:29 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-15 13:29 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-15 13:29 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-15 13:29 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-15 13:29 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-15 13:29 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-15 13:29 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-15 13:29 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-15 13:29 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-15 13:29 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-15 13:29 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-15 13:29 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-15 13:29 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-15 13:29 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-15 13:29 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-07 12:25 - 2013-11-13 14:44 - 00015754 _____ () C:\Users\Thomas\Desktop\Deckblatt_Bewerbung_Bender&Bender - Kopie.odt
2014-02-04 18:03 - 2014-02-04 19:51 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Apple Computer
2014-02-04 18:03 - 2014-02-04 18:03 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Apple Computer
2014-02-04 17:58 - 2014-02-19 22:31 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-04 17:58 - 2014-02-19 22:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 17:58 - 2014-02-19 22:31 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 17:58 - 2014-02-19 22:31 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 17:56 - 2014-02-04 17:56 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Apple
2014-02-04 17:55 - 2014-02-04 17:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-04 17:53 - 2014-02-04 17:55 - 00000000 ____D () C:\ProgramData\Apple
2014-02-04 17:46 - 2014-02-04 17:50 - 148904784 _____ (Apple Inc.) C:\Users\Thomas\Downloads\iTunes64Setup.exe
2014-01-31 15:54 - 2014-01-31 15:54 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\WindSolutions
2014-01-31 15:54 - 2014-01-31 15:54 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-01-31 15:53 - 2014-02-15 12:34 - 00000000 ____D () C:\Users\Thomas\Downloads\CopyTransManagerDEv0.995
2014-01-31 15:52 - 2014-01-31 15:52 - 08671996 _____ () C:\Users\Thomas\Downloads\CopyTransManagerDEv0.995.zip

==================== One Month Modified Files and Folders =======

2014-02-25 10:34 - 2014-02-20 19:51 - 00010100 _____ () C:\Users\Thomas\Downloads\FRST.txt
2014-02-25 10:31 - 2014-02-25 10:30 - 02156032 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64(1).exe
2014-02-25 10:31 - 2014-02-20 19:51 - 00000000 ____D () C:\FRST
2014-02-25 10:26 - 2014-02-18 20:41 - 00329668 _____ () C:\Windows\WindowsUpdate.log
2014-02-25 10:06 - 2013-08-16 20:33 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-25 10:04 - 2014-02-25 10:04 - 00000754 _____ () C:\Users\Thomas\Desktop\JRT.txt
2014-02-25 09:57 - 2013-07-28 20:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-25 09:53 - 2009-07-14 05:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-25 09:53 - 2009-07-14 05:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-25 09:46 - 2013-08-16 20:33 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-25 09:45 - 2014-02-25 09:45 - 00000056 _____ () C:\Windows\setupact.log
2014-02-25 09:45 - 2014-02-25 09:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-25 09:45 - 2014-02-18 21:38 - 00000000 ____D () C:\AdwCleaner
2014-02-25 09:45 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-25 09:43 - 2014-02-25 09:43 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner(2).exe
2014-02-23 21:45 - 2014-02-23 21:09 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-23 21:45 - 2014-02-23 21:04 - 00000000 ____D () C:\Users\Thomas\Desktop\mbar
2014-02-23 21:09 - 2014-02-23 21:09 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-23 21:04 - 2014-02-23 21:04 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-23 21:03 - 2014-02-23 21:02 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Thomas\Downloads\mbar-1.07.0.1009.exe
2014-02-22 10:54 - 2014-02-22 10:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-22 10:53 - 2014-02-22 10:53 - 02347384 _____ (ESET) C:\Users\Thomas\Desktop\esetsmartinstaller_enu.exe
2014-02-22 10:51 - 2013-12-27 21:13 - 00000000 ____D () C:\Users\Thomas\Documents\Anut-Malware
2014-02-22 10:31 - 2014-02-22 10:30 - 01037734 _____ (Thisisu) C:\Users\Thomas\Desktop\JRT.exe
2014-02-22 10:25 - 2014-02-22 10:25 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner(1).exe
2014-02-22 09:01 - 2013-08-16 20:33 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-22 09:01 - 2013-08-16 20:33 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-21 22:00 - 2013-08-16 20:34 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-21 21:35 - 2013-07-07 15:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 19:53 - 2014-02-20 19:52 - 00014851 _____ () C:\Users\Thomas\Downloads\Addition.txt
2014-02-20 19:50 - 2014-02-20 19:50 - 02153984 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2014-02-20 19:36 - 2014-02-18 20:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-19 22:32 - 2014-02-19 22:32 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-19 22:31 - 2014-02-19 22:31 - 00000000 ____D () C:\Program Files\iTunes
2014-02-19 22:31 - 2014-02-04 17:58 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-19 22:31 - 2014-02-04 17:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-19 22:31 - 2014-02-04 17:58 - 00000000 ____D () C:\Program Files\iPod
2014-02-19 22:31 - 2014-02-04 17:58 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-19 22:26 - 2014-02-19 22:26 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-19 22:26 - 2014-02-19 22:26 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-18 23:17 - 2013-08-02 14:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 23:11 - 2013-07-07 13:03 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-18 21:37 - 2014-02-18 21:37 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner (2).exe
2014-02-18 21:37 - 2014-02-18 21:37 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner (1).exe
2014-02-18 21:25 - 2014-02-18 21:24 - 01241834 _____ () C:\Users\Thomas\Downloads\adwcleaner.exe
2014-02-16 23:19 - 2014-02-16 22:25 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Youtube Downloader HD
2014-02-16 23:15 - 2014-02-16 23:12 - 117086041 _____ () C:\Users\Thomas\Documents\Euro 2012 - Goalkeepers Saves_(720p).mp4
2014-02-16 23:12 - 2014-02-16 23:08 - 111731824 _____ () C:\Users\Thomas\Documents\Iker Casillas Ultimate Saves Compilation 2002 - 2014 HD_(720p).mp4
2014-02-16 23:07 - 2014-02-16 23:05 - 73406054 _____ () C:\Users\Thomas\Documents\Julio Cesar 12_13_(720p).mp4
2014-02-16 23:03 - 2014-02-16 23:00 - 79703758 _____ () C:\Users\Thomas\Documents\Marc-André ter Stegen _ Best Saves _ 2012_2013 [HD]_(720p).mp4
2014-02-16 23:00 - 2014-02-16 22:56 - 95539132 _____ () C:\Users\Thomas\Documents\THIBAUT COURTOIS _ Best Saves _ Atlético Madrid _ 2012_2013 (HD)_(720p).mp4
2014-02-16 22:53 - 2014-02-16 22:48 - 149685015 _____ () C:\Users\Thomas\Documents\Joe Hart - Stronghold 10-13_(720p).mp4
2014-02-16 22:42 - 2014-02-16 22:39 - 88022985 _____ () C:\Users\Thomas\Documents\Rene Adler - Ein starkes Comeback _ #15 Hamburger SV Saves_(1080p).mp4
2014-02-16 22:35 - 2014-02-16 22:33 - 62564803 _____ () C:\Users\Thomas\Documents\Goalkeeper Saves _ 2012 - 2013 [HD]_(720p).mp4
2014-02-16 22:29 - 2014-02-16 22:26 - 109367300 _____ () C:\Users\Thomas\Documents\Best Goalkeeper Saves HD 2013!_(720p).mp4
2014-02-15 14:08 - 2014-02-15 14:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 13:53 - 2013-08-02 14:04 - 00000000 ____D () C:\Windows\Minidump
2014-02-15 13:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-15 13:22 - 2013-07-07 11:11 - 00000000 ____D () C:\Users\Thomas
2014-02-15 12:34 - 2014-01-31 15:53 - 00000000 ____D () C:\Users\Thomas\Downloads\CopyTransManagerDEv0.995
2014-02-15 12:34 - 2013-10-15 17:01 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Mp3tag
2014-02-15 12:34 - 2013-07-07 15:58 - 00000000 ____D () C:\ProgramData\Norton
2014-02-15 12:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-07 13:00 - 2013-09-13 16:09 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Paint.NET
2014-02-06 13:16 - 2014-02-15 13:29 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-15 13:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-15 13:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-15 13:29 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-15 13:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-15 13:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-15 13:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-15 13:29 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-15 13:29 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-15 13:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-15 13:29 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-15 13:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-15 13:29 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-15 13:29 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-15 13:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-15 13:29 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-15 13:29 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-15 13:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-15 13:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-15 13:29 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-15 13:29 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-15 13:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-15 13:29 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-15 13:29 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-15 13:29 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-15 13:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-15 13:29 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-15 13:29 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-15 13:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-15 13:29 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-15 13:29 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-15 13:29 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-15 13:29 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-15 13:29 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-15 13:29 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-15 13:29 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-15 13:29 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-15 13:29 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-15 13:29 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 19:51 - 2014-02-04 18:03 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Apple Computer
2014-02-04 18:03 - 2014-02-04 18:03 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Apple Computer
2014-02-04 17:56 - 2014-02-04 17:56 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Apple
2014-02-04 17:55 - 2014-02-04 17:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-04 17:55 - 2014-02-04 17:53 - 00000000 ____D () C:\ProgramData\Apple
2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-04 17:50 - 2014-02-04 17:46 - 148904784 _____ (Apple Inc.) C:\Users\Thomas\Downloads\iTunes64Setup.exe
2014-02-03 17:40 - 2011-04-12 08:43 - 02004896 _____ () C:\Windows\system32\perfh007.dat
2014-02-03 17:40 - 2011-04-12 08:43 - 00563338 _____ () C:\Windows\system32\perfc007.dat
2014-02-03 17:40 - 2009-07-14 06:13 - 00005194 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-31 15:54 - 2014-01-31 15:54 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\WindSolutions
2014-01-31 15:54 - 2014-01-31 15:54 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-01-31 15:52 - 2014-01-31 15:52 - 08671996 _____ () C:\Users\Thomas\Downloads\CopyTransManagerDEv0.995.zip

Some content of TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 01:12

==================== End Of Log ============================
--- --- ---
 

Themen zu "YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner
.com, benötige, board, chip.de, chrome, downloader, englisch, erneut, erneute, firefox, helfer, heute, infizierte, langsamer, loader, malwarebytes, rechner, runtergeladen, scans, suchmaschine, tagen, tolle, troja, trojaner, trojaner board, viren entfernen, youtube, youtube downloader


« firefox öffnet leere Tabs | Registerkarten öffnen sich automatisch »


Ähnliche Themen: "YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner


  1. IMG_260715.scr "ausversehen" runtergeladen. Virus?
    Log-Analyse und Auswertung - 25.07.2015 (1)
  2. Chrome: Textdatei "f" wird automatisch runtergeladen, weiterer Fund...
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (15)
  3. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  4. Windows 7: Trojaner durch "flash player Pro" runtergeladen?
    Plagegeister aller Art und deren Bekämpfung - 22.11.2013 (9)
  5. Spyhunter 4 wegen "System care Antivirus" runtergeladen wie werde ich es wieder los
    Plagegeister aller Art und deren Bekämpfung - 10.05.2013 (10)
  6. Avira meldet "TR/Downloader.Gen8" und "TR/Matsnu.EB.130" nach öffnen von Malware
    Plagegeister aller Art und deren Bekämpfung - 20.03.2013 (32)
  7. Avira Antivir hat "Versteckte Objekte gefunden" Was tun? Vorgehensweise?
    Log-Analyse und Auswertung - 11.01.2013 (4)
  8. Wie stelle ich gelöschte Objekte in Outlook 2003 wieder her? (Ordner: "gelöschte Objekte" wurde vom Kollegen gelöscht.)
    Alles rund um Windows - 10.01.2013 (4)
  9. EXP/Js.Expack.CQ -- danach rechner langsam, avira findet 88 verstecke objekte und "mögliche archivbombe"
    Plagegeister aller Art und deren Bekämpfung - 17.12.2012 (1)
  10. "infizierte Objekte" unbekannter Art entfernen
    Plagegeister aller Art und deren Bekämpfung - 15.11.2012 (26)
  11. "Delayed write failed"- Virus/ Versteckte Objekte
    Log-Analyse und Auswertung - 06.01.2012 (20)
  12. Malwarereinigung: "TR/Kazy.25747.40", "Trojan.Downloader..." und "Backdoor: Win32Cycbot.B"
    Log-Analyse und Auswertung - 09.06.2011 (1)
  13. Hilfe! "Trojan.Agent" und "Rogue.Residue" auf dem Rechner.
    Plagegeister aller Art und deren Bekämpfung - 02.05.2009 (13)
  14. Kriege "TR/Rootkit.Gen" und "TR/PSW.PdPi.CT.1.D" nicht von Rechner runter!
    Plagegeister aller Art und deren Bekämpfung - 05.02.2009 (30)
  15. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  16. Mir unbekannter "Downloader" auf dem Rechner
    Plagegeister aller Art und deren Bekämpfung - 28.02.2007 (7)
  17. ewido findet infizierte Objekte:downloader Agent.uj-löscht sie aber nie
    Log-Analyse und Auswertung - 28.04.2006 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema "YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner - FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-02-2014 01 Ran by Thomas (administrator) on THOMAS-PC on 25-02-2014 10:31:41 Running from - "YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner...
Archiv
Du betrachtest: "YouTube Downloader" runtergeladen und nun infizierte Objekte auf dem Rechner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131