Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Kein Browser öffnet Facebook

Kein Browser öffnet Facebook


Plagegeister aller Art und deren Bekämpfung: Kein Browser öffnet Facebook

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 14.07.2013, 08:42   #1
RatzoR
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


Guten Morgen,

also ich habe folgendes Problem:

Bei mir öffnen kein Browser die Seite https://www.facebook.com/ - mein Standartbrowser ist Mozilla, versuchsweise habe ich es mit Google Chrome und Opera versucht.

Da ich schon ein wenig im Netzt gesucht habe will ich vorweg gleich mal sagen das das Problem auf meinem eigenen Laptop besteht und das es nicht der Fall ist das meine Eltern mir den Zugang zu oben genannter Seite verwähren wollen

Über eure Hilfe würde ich mich sehr freuen

Alt 14.07.2013, 08:42   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 14.07.2013, 08:51   #3
RatzoR
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


Ich hoffe es ist ok wenn ich die beiden Dateien als Anhang hinzufüge
__________________
Alt 14.07.2013, 12:40   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


Bitte in den Thread posten

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.07.2013, 12:44   #5
RatzoR
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Georg (administrator) on 14-07-2013 09:45:45
Running from C:\Users\Georg\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\GFilterSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Users\Georg\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google) C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Ocs_SM] - C:\Users\Georg\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-03-02] (OCS)
HKLM\...\Run: [EKIJ5000StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [OscarEditor] - "C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe" Minimum [2603520 2010-05-06] ()
HKCU\...\Run: [AdobeBridge] -  [x]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL,C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=119828&babsrc=HP_ss_din2g&mntrId=42811E85DE72E5A7
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={5B9F977F-63EB-11E2-BE7A-08606E0555DE}
HKLM-x32 SearchScopes: DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={5B9F977F-63EB-11E2-BE7A-08606E0555DE}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={5B9F977F-63EB-11E2-BE7A-08606E0555DE}
HKCU SearchScopes: DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E7377656574696D2E636F6D2F7365617263682E6173703F7372633D3626713D7B7365617263685465726D737D266372673D332E313031303030302E31303030352662617269643D7B35423946393737462D363345422D313145322D424537412D3038363036453035353544457D&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0BF6405E-4879-4461-A7F4-423E5B7F4DC9} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119828&babsrc=SP_ss&mntrId=42811E85DE72E5A7
SearchScopes: HKCU - {10253F8E-3EFC-49F6-8DCC-6A87B7EE1D7C} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {1BC175F8-6E23-4368-B426-3CF3F6BCDC3E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {3DD704DF-29E2-43F7-991C-5B7CCD3CEDE3} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4ABFAF14-4CD9-4377-B242-3A99C2235569} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {EB3401B0-C5B3-414C-86ED-64EA07A2B293} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E7377656574696D2E636F6D2F7365617263682E6173703F7372633D3626713D7B7365617263685465726D737D266372673D332E313031303030302E31303030352662617269643D7B35423946393737462D363345422D313145322D424537412D3038363036453035353544457D&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&k=0
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default
FF user.js: detected! => C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\user.js
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\searchplugins\holasearch.xml
FF SearchPlugin: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\searchplugins\{75ACCB2D-4845-4A63-8F7B-B14A19F99CD6}.xml
FF SearchPlugin: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\searchplugins\{79993D33-35D0-4AFE-85DE-B85117D3DD4F}.xml
FF SearchPlugin: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\searchplugins\{B0B336A6-772A-4337-A099-303F3EA9624B}.xml
FF Extension: FireJump - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\Extensions\firejump@firejump.net
FF Extension: No Name - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\Extensions\firejump_1027.zip
FF Extension: gophoto - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\Extensions\gophoto@gophoto.it.xpi
FF Extension: No Name - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [ntfdsaftsfdfdxx@mozilla.org] C:\Users\Georg\AppData\Roaming\iPumper\extension_firefox.xpi
FF Extension: No Name - C:\Users\Georg\AppData\Roaming\iPumper\extension_firefox.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\extensions\firejump@firejump.net
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\extensions\sparpilot@sparpilot.com

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (FTdownloader V3.0) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn\3.0_0
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Delta Toolbar) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (SharaGet download helper) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\kekfoodhbhpjhjcdecjngamojfhknooc\1.0_0
CHR Extension: (GoPhoto.it) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0
CHR Extension: (Gmail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 GFilterSvc; C:\Windows\System32\GFilterSvc.exe [119808 2013-03-02] ()
S2 iexprets; C:\Windows\system32\KBDIT152.exe [118272 2013-03-02] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 SearchAnonymizer; C:\Users\Georg\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-03-02] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-02-03] (DT Soft Ltd)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [54200 2012-09-26] (Thesycon GmbH, Germany)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-14 09:45 - 2013-07-14 09:45 - 01777839 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2013-07-14 09:45 - 2013-07-14 09:45 - 00000000 ____D C:\FRST
2013-07-13 13:04 - 2013-07-13 13:04 - 00002153 _____ C:\Users\Public\Desktop\Age of Empires Expansion.lnk
2013-07-13 13:04 - 2013-07-13 13:04 - 00002146 _____ C:\Users\Public\Desktop\Age of Empires.lnk
2013-07-13 13:04 - 1999-01-21 13:00 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2013-07-13 13:04 - 1999-01-21 13:00 - 00056832 ____N C:\Windows\SysWOW64\iyvu9_32.dll
2013-07-13 11:01 - 2013-07-13 11:01 - 00002149 _____ C:\Users\Public\Desktop\Age of Mythology Gold.lnk
2013-07-13 10:57 - 2013-07-13 10:57 - 00000000 ____D C:\Windows\Watson
2013-07-12 23:29 - 2013-07-12 23:29 - 00003584 _____ C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-12 22:20 - 2013-07-12 22:20 - 00067584 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe
2013-07-12 22:20 - 2013-07-12 22:20 - 00011295 _____ C:\Windows\scunin.dat
2013-07-12 22:20 - 2013-07-12 22:20 - 00000967 _____ C:\Windows\ScUnin.pif
2013-07-12 22:08 - 2013-07-12 22:08 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldier of Fortune II - Double Helix GOLD - Help
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\UpdatusUser\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\Georg\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\UpdatusUser\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\Georg\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raven Software
2013-07-12 18:36 - 2013-07-01 10:25 - 00000000 ____D C:\Users\Georg\Downloads\World War Z
2013-07-10 17:03 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 17:03 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 17:03 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 17:03 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 17:03 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 17:02 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 17:02 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 17:02 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 17:02 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 17:02 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 17:02 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 17:02 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 17:02 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-08 17:01 - 2013-07-08 17:01 - 00000000 ____D C:\ProgramData\2DBoy
2013-07-08 17:00 - 2013-07-08 17:01 - 00000000 ____D C:\Program Files (x86)\WorldOfGoo
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\Documents\Empire Earth II
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Sierra
2013-07-08 16:49 - 2013-07-08 16:49 - 00000000 ____D C:\Program Files (x86)\Sierra
2013-07-07 17:03 - 2013-07-07 17:04 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2013-07-07 17:03 - 2013-07-07 17:04 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2013-07-07 17:03 - 2013-07-07 17:04 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
2013-07-07 17:03 - 2013-07-07 17:03 - 00000224 _____ C:\Windows\SIERRA.INI
2013-07-07 17:03 - 2013-07-07 17:03 - 00000000 ____D C:\Sierra
2013-07-07 16:58 - 2013-07-07 17:02 - 00000000 ____D C:\Program Files (x86)\Dead Island Riptide
2013-07-07 15:26 - 2013-07-07 15:26 - 00002214 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-07 15:25 - 2013-07-13 04:13 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-07 01:09 - 2013-07-07 01:09 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 01:09 - 2013-07-07 01:09 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 00:26 - 2013-07-07 00:26 - 00000632 _____ C:\Windows\Wlf.INI
2013-07-07 00:12 - 2013-07-07 00:12 - 00001356 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuestViewer.lnk
2013-07-07 00:07 - 2013-07-07 00:07 - 00001750 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie v2.lnk
2013-07-07 00:04 - 2013-07-07 00:09 - 00001105 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2.lnk
2013-07-07 00:04 - 2013-07-07 00:09 - 00001073 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2 Uninstall.lnk
2013-07-07 00:04 - 2013-07-07 00:04 - 00000000 ____D C:\Program Files\Virtual Hottie 2
2013-07-06 15:45 - 2012-11-22 08:16 - 00000000 ____D C:\Users\Georg\Downloads\American Dad
2013-07-03 22:55 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-03 02:48 - 2013-07-03 02:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 21:44 - 2013-07-03 01:36 - 00000000 ____D C:\Users\Georg\Downloads\MythBusters
2013-06-30 20:57 - 2013-06-30 20:57 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Red Alert 3
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 __RHD C:\Users\Georg\AppData\Roaming\SecuROM
2013-06-30 20:48 - 2013-06-30 20:48 - 00001052 _____ C:\Windows\DirectX.log
2013-06-30 20:48 - 2013-06-30 20:48 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-06-30 14:30 - 2013-06-30 14:30 - 00000000 ____D C:\Users\Georg\Downloads\Mesonia_Client_Release
2013-06-30 04:14 - 2013-06-30 04:39 - 00000000 ____D C:\Program Files (x86)\Metin2
2013-06-30 03:28 - 2013-06-30 14:40 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-30 03:28 - 2013-06-30 03:28 - 00000000 ____D C:\Users\Georg\AppData\Local\Gameforge4d
2013-06-30 03:11 - 2013-06-30 03:12 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll
2013-06-30 03:02 - 2013-06-30 03:07 - 00000000 ____D C:\Program Files (x86)\ANNO 1503 Königs- Edition
2013-06-30 01:21 - 2013-07-13 11:03 - 00012428 _____ C:\Windows\PFRO.log
2013-06-30 01:14 - 2013-06-30 01:15 - 00000000 ____D C:\Program Files (x86)\Thandor
2013-06-30 00:58 - 2013-06-30 00:58 - 00000000 ____D C:\Users\Georg\Documents\ZombieDriverHD
2013-06-30 00:55 - 2013-06-30 00:55 - 00000000 ____D C:\Program Files (x86)\Exor Studios
2013-06-29 15:13 - 2013-06-29 16:42 - 272473314 _____ C:\Users\Georg\Downloads\OPT596HD.rar
2013-06-29 14:21 - 2013-06-29 14:21 - 00000632 _____ C:\Users\Georg\Desktop\Cyber.txt
2013-06-29 12:55 - 2013-07-08 18:11 - 00000000 ____D C:\Users\Georg\Desktop\Spiele
2013-06-29 12:55 - 2013-07-08 16:44 - 00000000 ____D C:\Users\Georg\Desktop\Bilder und sonstiges
2013-06-29 12:50 - 2013-06-29 12:52 - 00000000 ____D C:\Users\Georg\Desktop\Converter
2013-06-29 12:49 - 2013-07-09 23:26 - 00000000 ____D C:\Users\Georg\Desktop\Standart Anwendungen
2013-06-29 02:24 - 2013-06-29 02:26 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-29 02:11 - 2013-06-30 00:30 - 00000000 ____D C:\Users\Georg\Downloads\Metin
2013-06-23 22:12 - 2013-07-14 08:39 - 01488419 _____ C:\Windows\WindowsUpdate.log
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Malwarebytes
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-23 04:50 - 2013-06-29 03:40 - 00000000 ____D C:\Users\Georg\Downloads\Dexter
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Users\Georg\AppData\Local\Opera
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Program Files (x86)\Opera
2013-06-21 19:52 - 2013-07-14 09:12 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-21 19:52 - 2013-07-14 04:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-21 19:52 - 2013-07-13 04:07 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-06-21 19:52 - 2013-07-13 04:07 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-06-21 19:52 - 2013-07-07 15:26 - 00000000 ____D C:\Users\Georg\AppData\Local\Google
2013-06-21 19:52 - 2013-07-07 15:26 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-15 08:18 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-15 08:18 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-15 07:42 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-06-15 07:42 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-15 06:43 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-06-15 06:43 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-06-15 06:43 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-15 06:43 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 05:37 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-06-15 05:37 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-06-15 05:37 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-06-15 05:37 - 2013-05-04 09:34 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-06-15 05:37 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-06-15 05:37 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-06-15 05:37 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-06-15 05:37 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-06-15 05:37 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-06-15 05:37 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-06-15 05:37 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 05:37 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 05:37 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 05:37 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 05:37 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 05:37 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 05:37 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 05:37 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-06-15 05:37 - 2013-05-04 06:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-06-15 05:37 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-06-15 05:37 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-06-15 05:37 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 05:37 - 2013-05-03 00:04 - 00386646 _____ C:\Windows\system32\ApnDatabase.xml

==================== One Month Modified Files and Folders =======

2013-07-14 09:45 - 2013-07-14 09:45 - 01777839 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2013-07-14 09:45 - 2013-07-14 09:45 - 00000000 ____D C:\FRST
2013-07-14 09:27 - 2013-01-12 17:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-14 09:26 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-14 09:13 - 2013-03-10 15:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\vlc
2013-07-14 09:12 - 2013-06-21 19:52 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-14 09:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-14 08:39 - 2013-06-23 22:12 - 01488419 _____ C:\Windows\WindowsUpdate.log
2013-07-14 08:05 - 2013-01-28 16:51 - 00693760 ___SH C:\Users\Georg\Desktop\Thumbs.db
2013-07-14 08:05 - 2013-01-14 00:23 - 00605184 ___SH C:\Users\Georg\Downloads\Thumbs.db
2013-07-14 04:12 - 2013-06-21 19:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-14 02:35 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-13 13:04 - 2013-07-13 13:04 - 00002153 _____ C:\Users\Public\Desktop\Age of Empires Expansion.lnk
2013-07-13 13:04 - 2013-07-13 13:04 - 00002146 _____ C:\Users\Public\Desktop\Age of Empires.lnk
2013-07-13 13:04 - 2013-02-23 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-07-13 11:22 - 2013-02-23 20:58 - 00000000 ____D C:\Users\Georg\Documents\My Games
2013-07-13 11:04 - 2013-01-12 15:24 - 00000408 _____ C:\Users\Georg\AppData\Roaming\sp_data.sys
2013-07-13 11:03 - 2013-06-30 01:21 - 00012428 _____ C:\Windows\PFRO.log
2013-07-13 11:03 - 2012-11-01 23:31 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-13 11:03 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-13 11:02 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-13 11:01 - 2013-07-13 11:01 - 00002149 _____ C:\Users\Public\Desktop\Age of Mythology Gold.lnk
2013-07-13 11:01 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 10:57 - 2013-07-13 10:57 - 00000000 ____D C:\Windows\Watson
2013-07-13 04:13 - 2013-07-07 15:25 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 04:07 - 2013-06-21 19:52 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 04:07 - 2013-06-21 19:52 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 23:29 - 2013-07-12 23:29 - 00003584 _____ C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-12 22:20 - 2013-07-12 22:20 - 00067584 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe
2013-07-12 22:20 - 2013-07-12 22:20 - 00011295 _____ C:\Windows\scunin.dat
2013-07-12 22:20 - 2013-07-12 22:20 - 00000967 _____ C:\Windows\ScUnin.pif
2013-07-12 22:08 - 2013-07-12 22:08 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldier of Fortune II - Double Helix GOLD - Help
2013-07-12 22:08 - 2013-03-10 00:55 - 00000000 ____D C:\Program Files (x86)\Soldier of Fortune II - Double Helix
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\UpdatusUser\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\Georg\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\UpdatusUser\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\Georg\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raven Software
2013-07-12 22:06 - 2013-02-03 17:55 - 00000770 _____ C:\Windows\Sof2.INI
2013-07-12 17:42 - 2012-08-03 01:02 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-07-12 17:42 - 2012-08-03 01:02 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-07-12 17:42 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-10 23:52 - 2013-01-13 18:06 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-09 23:26 - 2013-06-29 12:49 - 00000000 ____D C:\Users\Georg\Desktop\Standart Anwendungen
2013-07-08 18:11 - 2013-06-29 12:55 - 00000000 ____D C:\Users\Georg\Desktop\Spiele
2013-07-08 17:01 - 2013-07-08 17:01 - 00000000 ____D C:\ProgramData\2DBoy
2013-07-08 17:01 - 2013-07-08 17:00 - 00000000 ____D C:\Program Files (x86)\WorldOfGoo
2013-07-08 16:58 - 2013-01-12 15:19 - 00000000 ____D C:\Users\Georg\AppData\Local\VirtualStore
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\Documents\Empire Earth II
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Sierra
2013-07-08 16:49 - 2013-07-08 16:49 - 00000000 ____D C:\Program Files (x86)\Sierra
2013-07-08 16:49 - 2012-11-01 23:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-08 16:44 - 2013-06-29 12:55 - 00000000 ____D C:\Users\Georg\Desktop\Bilder und sonstiges
2013-07-08 16:40 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-07 17:14 - 2013-01-12 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-07 17:14 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-07 17:04 - 2013-07-07 17:03 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2013-07-07 17:04 - 2013-07-07 17:03 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2013-07-07 17:04 - 2013-07-07 17:03 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
2013-07-07 17:03 - 2013-07-07 17:03 - 00000224 _____ C:\Windows\SIERRA.INI
2013-07-07 17:03 - 2013-07-07 17:03 - 00000000 ____D C:\Sierra
2013-07-07 17:02 - 2013-07-07 16:58 - 00000000 ____D C:\Program Files (x86)\Dead Island Riptide
2013-07-07 15:26 - 2013-07-07 15:26 - 00002214 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-07 15:26 - 2013-06-21 19:52 - 00000000 ____D C:\Users\Georg\AppData\Local\Google
2013-07-07 15:26 - 2013-06-21 19:52 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-07 03:58 - 2013-01-12 15:29 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2133237442-3676028956-401365519-1002
2013-07-07 01:09 - 2013-07-07 01:09 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 01:09 - 2013-07-07 01:09 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 01:09 - 2013-01-12 16:20 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-07 01:09 - 2013-01-12 16:20 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-07 00:26 - 2013-07-07 00:26 - 00000632 _____ C:\Windows\Wlf.INI
2013-07-07 00:12 - 2013-07-07 00:12 - 00001356 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuestViewer.lnk
2013-07-07 00:09 - 2013-07-07 00:04 - 00001105 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2.lnk
2013-07-07 00:09 - 2013-07-07 00:04 - 00001073 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2 Uninstall.lnk
2013-07-07 00:07 - 2013-07-07 00:07 - 00001750 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie v2.lnk
2013-07-07 00:04 - 2013-07-07 00:04 - 00000000 ____D C:\Program Files\Virtual Hottie 2
2013-07-05 04:11 - 2013-01-12 15:19 - 00000000 ____D C:\Users\Georg\AppData\Local\Packages
2013-07-03 02:48 - 2013-07-03 02:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-03 01:36 - 2013-07-01 21:44 - 00000000 ____D C:\Users\Georg\Downloads\MythBusters
2013-07-01 10:25 - 2013-07-12 18:36 - 00000000 ____D C:\Users\Georg\Downloads\World War Z
2013-06-30 20:57 - 2013-06-30 20:57 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Red Alert 3
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 __RHD C:\Users\Georg\AppData\Roaming\SecuROM
2013-06-30 20:48 - 2013-06-30 20:48 - 00001052 _____ C:\Windows\DirectX.log
2013-06-30 20:48 - 2013-06-30 20:48 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-06-30 14:40 - 2013-06-30 03:28 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-30 14:30 - 2013-06-30 14:30 - 00000000 ____D C:\Users\Georg\Downloads\Mesonia_Client_Release
2013-06-30 04:39 - 2013-06-30 04:14 - 00000000 ____D C:\Program Files (x86)\Metin2
2013-06-30 03:28 - 2013-06-30 03:28 - 00000000 ____D C:\Users\Georg\AppData\Local\Gameforge4d
2013-06-30 03:12 - 2013-06-30 03:11 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll
2013-06-30 03:07 - 2013-06-30 03:02 - 00000000 ____D C:\Program Files (x86)\ANNO 1503 Königs- Edition
2013-06-30 01:21 - 2013-05-25 15:35 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-06-30 01:15 - 2013-06-30 01:14 - 00000000 ____D C:\Program Files (x86)\Thandor
2013-06-30 00:58 - 2013-06-30 00:58 - 00000000 ____D C:\Users\Georg\Documents\ZombieDriverHD
2013-06-30 00:55 - 2013-06-30 00:55 - 00000000 ____D C:\Program Files (x86)\Exor Studios
2013-06-30 00:54 - 2013-02-03 01:10 - 00000000 ____D C:\Users\Georg\AppData\Roaming\DAEMON Tools Lite
2013-06-30 00:30 - 2013-06-29 02:11 - 00000000 ____D C:\Users\Georg\Downloads\Metin
2013-06-29 16:42 - 2013-06-29 15:13 - 272473314 _____ C:\Users\Georg\Downloads\OPT596HD.rar
2013-06-29 14:21 - 2013-06-29 14:21 - 00000632 _____ C:\Users\Georg\Desktop\Cyber.txt
2013-06-29 12:54 - 2013-05-07 11:33 - 00000000 ____D C:\Users\Georg\Desktop\iphone fotos
2013-06-29 12:52 - 2013-06-29 12:50 - 00000000 ____D C:\Users\Georg\Desktop\Converter
2013-06-29 03:40 - 2013-06-23 04:50 - 00000000 ____D C:\Users\Georg\Downloads\Dexter
2013-06-29 03:03 - 2013-06-02 09:52 - 00000000 ____D C:\Users\Georg\AppData\Roaming\elsterformular
2013-06-29 03:03 - 2013-06-02 09:52 - 00000000 ____D C:\ProgramData\elsterformular
2013-06-29 03:03 - 2013-05-25 15:35 - 00001793 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-29 03:01 - 2013-02-16 17:32 - 00000000 ____D C:\Program Files (x86)\iWin.com Games
2013-06-29 03:00 - 2013-06-13 22:27 - 00000000 ____D C:\Program Files (x86)\Bilder zu G-Code 1
2013-06-29 03:00 - 2013-05-09 14:13 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2013-06-29 03:00 - 2013-04-03 12:01 - 00000000 ____D C:\Program Files (x86)\Bridge Project
2013-06-29 02:57 - 2013-05-02 11:35 - 00000000 ____D C:\Program Files (x86)\Datel
2013-06-29 02:26 - 2013-06-29 02:24 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-28 00:04 - 2013-01-15 13:16 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-15 13:16 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Malwarebytes
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-23 21:45 - 2013-02-19 16:01 - 00000000 ____D C:\Windows\Minidump
2013-06-23 21:45 - 2012-08-03 00:24 - 00000000 ____D C:\Windows\Panther
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Users\Georg\AppData\Local\Opera
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Program Files (x86)\Opera
2013-06-21 08:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-21 07:06 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-21 07:06 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-06-20 05:02 - 2013-06-13 22:27 - 00003376 _____ C:\Windows\System32\Tasks\EPUpdater
2013-06-15 12:49 - 2013-06-11 22:12 - 01850316 _____ C:\Users\Georg\Desktop\111.dst

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-12 03:00

==================== End Of Log ============================
--- --- ---

--- --- ---




Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2013
Ran by Georg at 2013-07-14 09:47:28
Running from C:\Users\Georg\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe AIR (x32 Version: 3.7.0.1530)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop CS6 (x32 Version: 13.0)
Adobe Reader X MUI (x32 Version: 10.0.0)
Age of Mythology Gold (x32 Version: 1.0)
ANNO 1503 Königs- Edition (x32 Version: 3.05.042.00)
Any Video Converter 5 5.0.2 (x32)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ASUS Instant Connect (x32 Version: 1.2.8)
ASUS InstantOn (x32 Version: 3.0.2)
ASUS LifeFrame3 (x32 Version: 3.1.5)
ASUS Live Update (x32 Version: 3.1.8)
ASUS Power4Gear Hybrid (Version: 2.0.4)
ASUS Smart Gesture (x32 Version: 1.0.35)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.03.0004)
ASUS Tutor (x32 Version: 1.0.7)
ASUS USB Charger Plus (x32 Version: 2.1.4)
ASUS WebStorage Sync Agent (x32 Version: 1.1.9.120)
ASUSDVD (x32 Version: 10.0.4126.52)
AsusVibe2.0 (x32 Version: 2.0.10.168)
ATK Package (x32 Version: 1.0.0022)
AudibleManager (x32 Version: 18414980.4759644.48.1996765000)
Bmp2Din (x32)
Bonjour (Version: 3.0.0.10)
calibre 64bit (Version: 0.9.22)
Command & Conquer™ Alarmstufe Rot 3 (x32 Version: 1.0.1.0)
Convert AVI to MP4 1.3 (x32)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Delta Chrome Toolbar (x32)
Desktop Icon für Amazon (Version: 1.0.1 (de))
dows-Treiberpaket - Datel Design & Development (usbio) USBIOControlledDevices  (04/21/2009 2.40.0.0) (Version: 04/21/2009 2.40.0.0)
Empire Earth (x32)
Empire Earth II (x32 Version: 1.02)
Explorer Suite IV
FilmRiss 0.1.27 (x32 Version: 0.1.27)
FireJump (x32 Version: 1.0.2.5)
Free Video Dub version 2.0.17.128 (x32 Version: 2.0.17.128)
Free WMA to MP3 Converter 1.16 (x32)
FTDownloader (x32 Version: 2.1 Build 26473)
G-Filter (HKCU)
Google Chrome (x32 Version: 28.0.1500.72)
Google Earth (x32 Version: 7.1.1.1871)
Google Update Helper (x32 Version: 1.3.21.153)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iPumper Installer (HKCU)
IrfanView (remove only) (x32 Version: 4.35)
iTunes (Version: 11.0.3.42)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
JDownloader 0.9 (x32 Version: 0.9)
Legacy of Kain Soul Reaver (x32)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Media converter (x32)
Metin2 (x32)
Microsoft Age of Empires Gold (x32)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mouse Editor (x32 Version: 10.05.0004)
MOUSE Editor (x32 Version: 10.05.0004)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
MSXML4 Parser (x32 Version: 1.0.0)
Notepad++ (x32 Version: 6.3.3)
NVIDIA 3D Vision Treiber 306.97 (Version: 306.97)
NVIDIA Grafiktreiber 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0697)
NVIDIA Systemsteuerung 306.97 (Version: 306.97)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Opera 12.15 (x32 Version: 12.15.1748)
PDF Settings CS6 (x32 Version: 11.0)
Prince of Persia Warrior Within (x32)
Python 3.3.2 (x32 Version: 3.3.2150)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6716)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.27023)
Roll (x32)
Rulers (x32)
SearchAnonymizer (Version: 1.0.1 (de))
Serious Sam 2 (x32)
Serious Sam 3: BFE - Serious Deluxe Edition (x32 Version: 147879)
Shared C Run-time for x64 (Version: 10.0.0)
Soldier of Fortune II - Double Helix (x32 Version: 1.03)
Soul Reaver 2 (x32)
SparPilot (x32 Version: 2.0.9)
Starcraft (x32)
Thandor - Die Invasion (x32)
Virtual Hottie 2 (x32)
VLC media player 2.0.5 (Version: 2.0.5)
Windows-Treiberpaket - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (Version: 10/29/2012 1.0.0.148)
Windows-Treiberpaket - Datel Design & Development USBIOControlledDevices  (04/21/2009 2.40.0.0) (Version: 04/21/2009 2.40.0.0)
WinFlash (x32 Version: 2.41.1)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
XnView 2.03 (x32 Version: 2.03)
Yontoo 1.10.03 (Version: 1.10.03)
Zombie Driver HD (x32)
Zoo Tycoon 2 (x32 Version: 1.0)

==================== Restore Points  =========================

14-07-2013 00:35:08 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {085FCAD2-2AA9-4CDE-8077-5B75DF0BF4A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-21] (Google Inc.)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {1DF255D8-3E4A-4368-B81C-75A87930167D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2BD36DE2-DBB8-494C-A5CF-8C6160D98778} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {30E63F4C-7AF6-4BB2-91FA-E894DD4EA142} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-01-29] (Microsoft Corporation)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {382E1014-F17B-4A6B-8979-7C4CAF34CBCE} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4ED9C60A-E6E8-4F3B-A3C0-43843C17F142} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {55FB9977-980A-48D6-BA42-3AD20034C0BC} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {59AC5F6C-1C81-4BE9-81DE-E5FB15BF47DA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {606E054C-219B-4A72-9FCB-603B43D790F6} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2133237442-3676028956-401365519-1002 => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {67D50A2E-5D7C-434F-8202-82499D693C6C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {69BDA916-7439-4D6B-A61E-84D67E44AFA4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {6E14B9A0-82DC-4C38-BC11-E2C0AEE85486} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-01-29] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6EAAFC65-9F6A-4899-A03A-76DE4D8436F4} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {714F5637-FAFA-40E2-9564-4AD583776AC5} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8A0B720A-F5C7-4FB3-8945-F180E7487A50} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {914B0B23-C902-4C78-8816-6DF9EF248173} - System32\Tasks\EPUpdater => C:\Users\Georg\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A08B0A2D-1055-471F-A7DE-05327ACAE5C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-01-29] (Microsoft Corporation)
Task: {A25C6BD5-693D-41F4-9F20-2322EF14CB12} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2133237442-3676028956-401365519-1002
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B3F5AD47-A1E3-4C0C-B70F-6D5BACC95480} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-01-29] (Microsoft Corporation)
Task: {B8E1072A-FA5D-4D1E-8970-89CA27E04968} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4998CBF-F3BF-42DC-BADC-18E1A11E470E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-21] (Google Inc.)
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F69A8074-C30E-4191-8E10-95BEB0FF52D6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2013 11:23:32 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: KBDIT152.exe, Version: 1.0.0.1, Zeitstempel: 0x511f2e27
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9200.16384, Zeitstempel: 0x5010ac20
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000024e2
ID des fehlerhaften Prozesses: 0x71c
Startzeit der fehlerhaften Anwendung: 0xKBDIT152.exe0
Pfad der fehlerhaften Anwendung: KBDIT152.exe1
Pfad des fehlerhaften Moduls: KBDIT152.exe2
Berichtskennung: KBDIT152.exe3
Vollständiger Name des fehlerhaften Pakets: KBDIT152.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: KBDIT152.exe5

Error: (07/12/2013 10:06:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SoF2.exe, Version: 0.0.0.0, Zeitstempel: 0x3cd2fea1
Name des fehlerhaften Moduls: ~df394b.tmp, Version: 0.0.0.0, Zeitstempel: 0x3c76503b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000966d8
ID des fehlerhaften Prozesses: 0xd10
Startzeit der fehlerhaften Anwendung: 0xSoF2.exe0
Pfad der fehlerhaften Anwendung: SoF2.exe1
Pfad des fehlerhaften Moduls: SoF2.exe2
Berichtskennung: SoF2.exe3
Vollständiger Name des fehlerhaften Pakets: SoF2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SoF2.exe5

Error: (07/09/2013 09:29:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PC)
Description: Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (07/09/2013 04:49:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: KBDIT152.exe, Version: 1.0.0.1, Zeitstempel: 0x511f2e27
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000017269f2
ID des fehlerhaften Prozesses: 0x754
Startzeit der fehlerhaften Anwendung: 0xKBDIT152.exe0
Pfad der fehlerhaften Anwendung: KBDIT152.exe1
Pfad des fehlerhaften Moduls: KBDIT152.exe2
Berichtskennung: KBDIT152.exe3
Vollständiger Name des fehlerhaften Pakets: KBDIT152.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: KBDIT152.exe5

Error: (07/08/2013 06:15:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PC)
Description: Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (07/08/2013 04:07:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: KBDIT152.exe, Version: 1.0.0.1, Zeitstempel: 0x511f2e27
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16579, Zeitstempel: 0x51637f77
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000038115
ID des fehlerhaften Prozesses: 0x8c8
Startzeit der fehlerhaften Anwendung: 0xKBDIT152.exe0
Pfad der fehlerhaften Anwendung: KBDIT152.exe1
Pfad des fehlerhaften Moduls: KBDIT152.exe2
Berichtskennung: KBDIT152.exe3
Vollständiger Name des fehlerhaften Pakets: KBDIT152.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: KBDIT152.exe5

Error: (07/07/2013 00:16:56 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: QuestViewer.exe, Version: 0.0.0.0, Zeitstempel: 0x44bb6866
Name des fehlerhaften Moduls: SaveMovie.dll, Version: 0.0.0.0, Zeitstempel: 0x44eb8a3a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002a1d
ID des fehlerhaften Prozesses: 0x1dfc
Startzeit der fehlerhaften Anwendung: 0xQuestViewer.exe0
Pfad der fehlerhaften Anwendung: QuestViewer.exe1
Pfad des fehlerhaften Moduls: QuestViewer.exe2
Berichtskennung: QuestViewer.exe3
Vollständiger Name des fehlerhaften Pakets: QuestViewer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: QuestViewer.exe5

Error: (07/07/2013 00:09:35 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: QuestViewer.exe, Version: 0.0.0.0, Zeitstempel: 0x44bb6866
Name des fehlerhaften Moduls: SaveMovie.dll, Version: 0.0.0.0, Zeitstempel: 0x44eb8a3a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002a1d
ID des fehlerhaften Prozesses: 0x1e38
Startzeit der fehlerhaften Anwendung: 0xQuestViewer.exe0
Pfad der fehlerhaften Anwendung: QuestViewer.exe1
Pfad des fehlerhaften Moduls: QuestViewer.exe2
Berichtskennung: QuestViewer.exe3
Vollständiger Name des fehlerhaften Pakets: QuestViewer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: QuestViewer.exe5

Error: (07/05/2013 04:07:52 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.2.9200.16433, Zeitstempel: 0x50763312
Name des fehlerhaften Moduls: twinui.dll, Version: 6.2.9200.16604, Zeitstempel: 0x5184a60b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000a43e6
ID des fehlerhaften Prozesses: 0x8f8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (07/05/2013 04:07:52 AM) (Source: .NET Runtime) (User: )
Description: Anwendung: Explorer.EXE
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 000007FD219043E6


System errors:
=============
Error: (07/13/2013 11:23:33 AM) (Source: Service Control Manager) (User: )
Description: Dienst "vsmraid Network Diagnosesystemhost" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/13/2013 11:01:26 AM) (Source: DCOM) (User: PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/13/2013 11:01:26 AM) (Source: DCOM) (User: PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/13/2013 11:01:26 AM) (Source: DCOM) (User: PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/13/2013 11:01:26 AM) (Source: DCOM) (User: PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/13/2013 11:01:26 AM) (Source: DCOM) (User: PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/13/2013 11:01:12 AM) (Source: DCOM) (User: PC)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (07/13/2013 10:57:48 AM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.

Error: (07/13/2013 10:57:48 AM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.

Error: (07/13/2013 10:57:48 AM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.


Microsoft Office Sessions:
=========================
Error: (07/13/2013 11:23:32 AM) (Source: Application Error)(User: )
Description: KBDIT152.exe1.0.0.1511f2e27msvcrt.dll7.0.9200.163845010ac20c000000500000000000024e271c01ce7fa7e7620cceC:\Windows\system32\KBDIT152.exeC:\Windows\system32\msvcrt.dlle2866e1d-eb9d-11e2-bea0-08606e0555de

Error: (07/12/2013 10:06:31 PM) (Source: Application Error)(User: )
Description: SoF2.exe0.0.0.03cd2fea1~df394b.tmp0.0.0.03c76503bc0000005000966d8d1001ce7f3b4a62dc57C:\Program Files (x86)\Soldier of Fortune II - Double Helix\SoF2.exeC:\Users\Georg\AppData\Local\Temp\~ef0ebf\~df394b.tmp8ac0185a-eb2e-11e2-be9f-08606e0555de

Error: (07/09/2013 09:29:07 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PC)
Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos

Error: (07/09/2013 04:49:31 PM) (Source: Application Error)(User: )
Description: KBDIT152.exe1.0.0.1511f2e27unknown0.0.0.000000000c000000500000000017269f275401ce7be9ef338595C:\Windows\system32\KBDIT152.exeunknownc2cb6813-e8a6-11e2-be9f-08606e0555de

Error: (07/08/2013 06:15:20 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PC)
Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos

Error: (07/08/2013 04:07:53 PM) (Source: Application Error)(User: )
Description: KBDIT152.exe1.0.0.1511f2e27ntdll.dll6.2.9200.1657951637f77c000000500000000000381158c801ce7b25cb39b7bdC:\Windows\system32\KBDIT152.exeC:\Windows\SYSTEM32\ntdll.dllc757f0f9-e7d7-11e2-be9d-08606e0555de

Error: (07/07/2013 00:16:56 AM) (Source: Application Error)(User: )
Description: QuestViewer.exe0.0.0.044bb6866SaveMovie.dll0.0.0.044eb8a3ac000000500002a1d1dfc01ce7a95dae54d90C:\Program Files\Virtual Hottie 2\Default\QuestViewer.exeC:\Program Files\Virtual Hottie 2\Default\channels\SaveMovie.dllc46f0b67-e689-11e2-be9a-08606e0555de

Error: (07/07/2013 00:09:35 AM) (Source: Application Error)(User: )
Description: QuestViewer.exe0.0.0.044bb6866SaveMovie.dll0.0.0.044eb8a3ac000000500002a1d1e3801ce7a957338fd3eC:\Program Files\Virtual Hottie 2\Default\QuestViewer.exeC:\Program Files\Virtual Hottie 2\Default\channels\SaveMovie.dllbdd87b04-e688-11e2-be9a-08606e0555de

Error: (07/05/2013 04:07:52 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.2.9200.1643350763312twinui.dll6.2.9200.166045184a60bc000000500000000000a43e68f801ce758f96c5a38dC:\Windows\Explorer.EXEC:\Windows\System32\twinui.dllb2a89de7-e517-11e2-be9a-08606e0555de

Error: (07/05/2013 04:07:52 AM) (Source: .NET Runtime)(User: )
Description: Anwendung: Explorer.EXE
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 000007FD219043E6


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 8077.48 MB
Available physical RAM: 4905.18 MB
Total Pagefile: 9293.48 MB
Available Pagefile: 5876.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:114.7 GB) NTFS (Disk=0 Partition=4) ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:537.89 GB) (Free:383.59 GB) NTFS
Drive f: (INTENSO) (Fixed) (Total:2794.51 GB) (Free:603.52 GB) NTFS (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: B19F8D36)

Partition: GPT Partition TypeAttempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================


Alt 14.07.2013, 12:54   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Kein Browser öffnet Facebook

Alt 14.07.2013, 13:37   #7
RatzoR
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


Malwarebytes Anti-Malware

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.14.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
Georg :: PC [limitiert]

14/07/2013 14:02:11
mbam-log-2013-07-14 (14-02-11).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 244316
Laufzeit: 3 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

AdwCleaner

Code:
ATTFilter
# AdwCleaner v2.305 - Datei am 14/07/2013 um 14:18:56 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Georg - PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Georg\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : GFilterSvc
Gestoppt & Gelöscht : SearchAnonymizer

***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files (x86)\FTDownloader.com
Ordner Gelöscht : C:\Program Files (x86)\Gophoto.it
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\Yontoo
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn
Ordner Gelöscht : C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Ordner Gelöscht : C:\Users\Georg\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Georg\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Georg\AppData\LocalLow\delta
Ordner Gelöscht : C:\Users\Georg\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Georg\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Georg\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Georg\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Ordner Gelöscht : C:\Users\Georg\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Georg\AppData\Roaming\PerformerSoft

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{206a7328-437f-4bd9-b53e-12bfee24d588}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\5f4d6d8e669bf41
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5f4d6d8e669bf41
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\extensions [firejump@firejump.net]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=119828&babsrc=HP_ss_din2g&mntrId=42811E85DE72E5A7 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={5B9F977F-63EB-11E2-BE7A-08606E0555DE} --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\rx8jucdl.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.15.1748.0

Datei : C:\Users\Georg\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [300 octets] - [14/07/2013 14:18:45]
AdwCleaner[S2].txt - [18053 octets] - [14/07/2013 14:18:56]

########## EOF - C:\AdwCleaner[S2].txt - [18114 octets] ##########


Junkware Removal Tool

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.9 (07.12.2013:2)
OS: Windows 8 x64
Ran by Georg on 14/07/2013 at 14:24:10.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim



~~~ Files



~~~ Folders



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Georg\appdata\local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/07/2013 at 14:27:28.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


neue FRST log


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Georg (administrator) on 14-07-2013 14:32:43
Running from C:\Users\Georg\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
() C:\Windows\system32\KBDIT152.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oleg N. Scherbakov) C:\Users\Georg\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Ocs_SM] - C:\Users\Georg\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
HKLM\...\Run: [EKIJ5000StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [OscarEditor] - "C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe" Minimum [2603520 2010-05-06] ()
HKCU\...\Run: [AdobeBridge] -  [x]
MountPoints2: {5dea3bc1-6d31-11e2-be80-08606e0555de} - "G:\autorun.exe" 
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL,C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0BF6405E-4879-4461-A7F4-423E5B7F4DC9} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {10253F8E-3EFC-49F6-8DCC-6A87B7EE1D7C} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {1BC175F8-6E23-4368-B426-3CF3F6BCDC3E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {3DD704DF-29E2-43F7-991C-5B7CCD3CEDE3} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4ABFAF14-4CD9-4377-B242-3A99C2235569} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {EB3401B0-C5B3-414C-86ED-64EA07A2B293} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\rx8jucdl.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\rx8jucdl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [ntfdsaftsfdfdxx@mozilla.org] C:\Users\Georg\AppData\Roaming\iPumper\extension_firefox.xpi
FF Extension: No Name - C:\Users\Georg\AppData\Roaming\iPumper\extension_firefox.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\extensions\sparpilot@sparpilot.com

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (SharaGet download helper) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\kekfoodhbhpjhjcdecjngamojfhknooc\1.0_0
CHR Extension: (Gmail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 iexprets; C:\Windows\system32\KBDIT152.exe [118272 2013-03-02] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-02-03] (DT Soft Ltd)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [54200 2012-09-26] (Thesycon GmbH, Germany)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-14 14:27 - 2013-07-14 14:27 - 00000918 _____ C:\Users\Georg\Desktop\JRT.txt
2013-07-14 14:24 - 2013-07-14 14:24 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 14:23 - 2013-07-14 14:23 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Georg\Downloads\JRT.exe
2013-07-14 14:21 - 2013-07-14 14:21 - 00018078 _____ C:\Users\Georg\Desktop\AdwCleaner[S2].txt
2013-07-14 14:20 - 2013-07-14 14:20 - 04941016 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 14:18 - 2013-07-14 14:19 - 00018078 _____ C:\AdwCleaner[S2].txt
2013-07-14 14:18 - 2013-07-14 14:18 - 00000300 _____ C:\AdwCleaner[S1].txt
2013-07-14 14:17 - 2013-07-14 14:17 - 00000502 _____ C:\Users\Georg\Desktop\tabs.txt
2013-07-14 14:03 - 2013-07-14 14:03 - 00662345 _____ C:\Users\Georg\Desktop\adwcleaner.exe
2013-07-14 14:00 - 2013-07-14 14:00 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-14 14:00 - 2013-07-14 14:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 14:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-14 13:59 - 2013-07-14 13:59 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Georg\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-14 13:33 - 2013-07-14 13:33 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Mozilla
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-14 13:32 - 2013-07-14 13:32 - 00280368 _____ (Mozilla) C:\Users\Georg\Downloads\Firefox Setup Stub 22.0.exe
2013-07-14 13:15 - 2013-07-14 13:15 - 00001236 _____ C:\Users\UpdatusUser\Desktop\Play Hitman 2.lnk
2013-07-14 13:15 - 2013-07-14 13:15 - 00001236 _____ C:\Users\Georg\Desktop\Play Hitman 2.lnk
2013-07-14 09:47 - 2013-07-14 09:47 - 00027329 _____ C:\Users\Georg\Desktop\Addition.txt
2013-07-14 09:45 - 2013-07-14 09:45 - 01777839 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2013-07-14 09:45 - 2013-07-14 09:45 - 00000000 ____D C:\FRST
2013-07-13 13:04 - 2013-07-13 13:04 - 00002153 _____ C:\Users\Public\Desktop\Age of Empires Expansion.lnk
2013-07-13 13:04 - 2013-07-13 13:04 - 00002146 _____ C:\Users\Public\Desktop\Age of Empires.lnk
2013-07-13 13:04 - 1999-01-21 13:00 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2013-07-13 13:04 - 1999-01-21 13:00 - 00056832 ____N C:\Windows\SysWOW64\iyvu9_32.dll
2013-07-13 11:01 - 2013-07-13 11:01 - 00002149 _____ C:\Users\Public\Desktop\Age of Mythology Gold.lnk
2013-07-13 10:57 - 2013-07-13 10:57 - 00000000 ____D C:\Windows\Watson
2013-07-12 23:29 - 2013-07-12 23:29 - 00003584 _____ C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-12 22:20 - 2013-07-12 22:20 - 00067584 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe
2013-07-12 22:20 - 2013-07-12 22:20 - 00011295 _____ C:\Windows\scunin.dat
2013-07-12 22:20 - 2013-07-12 22:20 - 00000967 _____ C:\Windows\ScUnin.pif
2013-07-12 22:08 - 2013-07-12 22:08 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldier of Fortune II - Double Helix GOLD - Help
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\UpdatusUser\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\Georg\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\UpdatusUser\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\Georg\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raven Software
2013-07-12 18:36 - 2013-07-01 10:25 - 00000000 ____D C:\Users\Georg\Downloads\World War Z
2013-07-10 17:03 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 17:03 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 17:03 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 17:03 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 17:03 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 17:02 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 17:02 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 17:02 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 17:02 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 17:02 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 17:02 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 17:02 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 17:02 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-08 17:01 - 2013-07-08 17:01 - 00000000 ____D C:\ProgramData\2DBoy
2013-07-08 17:00 - 2013-07-08 17:01 - 00000000 ____D C:\Program Files (x86)\WorldOfGoo
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\Documents\Empire Earth II
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Sierra
2013-07-08 16:49 - 2013-07-08 16:49 - 00000000 ____D C:\Program Files (x86)\Sierra
2013-07-07 17:03 - 2013-07-07 17:04 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2013-07-07 17:03 - 2013-07-07 17:04 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2013-07-07 17:03 - 2013-07-07 17:04 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
2013-07-07 17:03 - 2013-07-07 17:03 - 00000224 _____ C:\Windows\SIERRA.INI
2013-07-07 17:03 - 2013-07-07 17:03 - 00000000 ____D C:\Sierra
2013-07-07 16:58 - 2013-07-07 17:02 - 00000000 ____D C:\Program Files (x86)\Dead Island Riptide
2013-07-07 15:26 - 2013-07-07 15:26 - 00002214 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-07 15:25 - 2013-07-13 04:13 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-07 01:09 - 2013-07-07 01:09 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 01:09 - 2013-07-07 01:09 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 00:26 - 2013-07-07 00:26 - 00000632 _____ C:\Windows\Wlf.INI
2013-07-07 00:12 - 2013-07-07 00:12 - 00001356 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuestViewer.lnk
2013-07-07 00:07 - 2013-07-07 00:07 - 00001750 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie v2.lnk
2013-07-07 00:04 - 2013-07-07 00:09 - 00001105 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2.lnk
2013-07-07 00:04 - 2013-07-07 00:09 - 00001073 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2 Uninstall.lnk
2013-07-07 00:04 - 2013-07-07 00:04 - 00000000 ____D C:\Program Files\Virtual Hottie 2
2013-07-06 15:45 - 2013-07-14 10:19 - 00000000 ____D C:\Users\Georg\Downloads\American Dad
2013-07-03 22:55 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-01 21:44 - 2013-07-03 01:36 - 00000000 ____D C:\Users\Georg\Downloads\MythBusters
2013-06-30 20:57 - 2013-06-30 20:57 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Red Alert 3
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 __RHD C:\Users\Georg\AppData\Roaming\SecuROM
2013-06-30 20:48 - 2013-06-30 20:48 - 00001052 _____ C:\Windows\DirectX.log
2013-06-30 20:48 - 2013-06-30 20:48 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-06-30 14:30 - 2013-06-30 14:30 - 00000000 ____D C:\Users\Georg\Downloads\Mesonia_Client_Release
2013-06-30 04:14 - 2013-06-30 04:39 - 00000000 ____D C:\Program Files (x86)\Metin2
2013-06-30 03:28 - 2013-06-30 14:40 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-30 03:28 - 2013-06-30 03:28 - 00000000 ____D C:\Users\Georg\AppData\Local\Gameforge4d
2013-06-30 03:11 - 2013-06-30 03:12 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll
2013-06-30 03:02 - 2013-06-30 03:07 - 00000000 ____D C:\Program Files (x86)\ANNO 1503 Königs- Edition
2013-06-30 01:21 - 2013-07-14 14:19 - 00012760 _____ C:\Windows\PFRO.log
2013-06-30 01:14 - 2013-06-30 01:15 - 00000000 ____D C:\Program Files (x86)\Thandor
2013-06-30 00:58 - 2013-06-30 00:58 - 00000000 ____D C:\Users\Georg\Documents\ZombieDriverHD
2013-06-30 00:55 - 2013-06-30 00:55 - 00000000 ____D C:\Program Files (x86)\Exor Studios
2013-06-29 15:13 - 2013-06-29 16:42 - 272473314 _____ C:\Users\Georg\Downloads\OPT596HD.rar
2013-06-29 14:21 - 2013-06-29 14:21 - 00000632 _____ C:\Users\Georg\Desktop\Cyber.txt
2013-06-29 12:55 - 2013-07-08 18:11 - 00000000 ____D C:\Users\Georg\Desktop\Spiele
2013-06-29 12:55 - 2013-07-08 16:44 - 00000000 ____D C:\Users\Georg\Desktop\Bilder und sonstiges
2013-06-29 12:50 - 2013-06-29 12:52 - 00000000 ____D C:\Users\Georg\Desktop\Converter
2013-06-29 12:49 - 2013-07-09 23:26 - 00000000 ____D C:\Users\Georg\Desktop\Standart Anwendungen
2013-06-29 02:24 - 2013-06-29 02:26 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-29 02:11 - 2013-06-30 00:30 - 00000000 ____D C:\Users\Georg\Downloads\Metin
2013-06-23 22:12 - 2013-07-14 14:16 - 01535297 _____ C:\Windows\WindowsUpdate.log
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Malwarebytes
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-23 04:50 - 2013-06-29 03:40 - 00000000 ____D C:\Users\Georg\Downloads\Dexter
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Users\Georg\AppData\Local\Opera
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Program Files (x86)\Opera
2013-06-21 19:52 - 2013-07-14 14:20 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-21 19:52 - 2013-07-14 14:12 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-21 19:52 - 2013-07-13 04:07 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-06-21 19:52 - 2013-07-13 04:07 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-06-21 19:52 - 2013-07-07 15:26 - 00000000 ____D C:\Users\Georg\AppData\Local\Google
2013-06-21 19:52 - 2013-07-07 15:26 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-15 08:18 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-15 08:18 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-15 07:42 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-06-15 07:42 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-15 06:43 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-06-15 06:43 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-06-15 06:43 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-15 06:43 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 05:37 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-06-15 05:37 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-06-15 05:37 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-06-15 05:37 - 2013-05-04 09:34 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-06-15 05:37 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-06-15 05:37 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-06-15 05:37 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-06-15 05:37 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-06-15 05:37 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-06-15 05:37 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-06-15 05:37 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 05:37 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 05:37 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 05:37 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 05:37 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 05:37 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 05:37 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 05:37 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-06-15 05:37 - 2013-05-04 06:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-06-15 05:37 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-06-15 05:37 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-06-15 05:37 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 05:37 - 2013-05-03 00:04 - 00386646 _____ C:\Windows\system32\ApnDatabase.xml

==================== One Month Modified Files and Folders =======

2013-07-14 14:27 - 2013-07-14 14:27 - 00000918 _____ C:\Users\Georg\Desktop\JRT.txt
2013-07-14 14:27 - 2013-01-12 17:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-14 14:24 - 2013-07-14 14:24 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 14:23 - 2013-07-14 14:23 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Georg\Downloads\JRT.exe
2013-07-14 14:21 - 2013-07-14 14:21 - 00018078 _____ C:\Users\Georg\Desktop\AdwCleaner[S2].txt
2013-07-14 14:20 - 2013-07-14 14:20 - 04941016 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 14:20 - 2013-06-21 19:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-14 14:20 - 2013-01-12 15:24 - 00000408 _____ C:\Users\Georg\AppData\Roaming\sp_data.sys
2013-07-14 14:20 - 2012-11-01 23:31 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-14 14:20 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-14 14:19 - 2013-07-14 14:18 - 00018078 _____ C:\AdwCleaner[S2].txt
2013-07-14 14:19 - 2013-06-30 01:21 - 00012760 _____ C:\Windows\PFRO.log
2013-07-14 14:19 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-14 14:18 - 2013-07-14 14:18 - 00000300 _____ C:\AdwCleaner[S1].txt
2013-07-14 14:17 - 2013-07-14 14:17 - 00000502 _____ C:\Users\Georg\Desktop\tabs.txt
2013-07-14 14:16 - 2013-06-23 22:12 - 01535297 _____ C:\Windows\WindowsUpdate.log
2013-07-14 14:15 - 2013-03-10 15:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\vlc
2013-07-14 14:12 - 2013-06-21 19:52 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-14 14:03 - 2013-07-14 14:03 - 00662345 _____ C:\Users\Georg\Desktop\adwcleaner.exe
2013-07-14 14:00 - 2013-07-14 14:00 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-14 14:00 - 2013-07-14 14:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 14:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-14 13:59 - 2013-07-14 13:59 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Georg\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-14 13:33 - 2013-07-14 13:33 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Mozilla
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-14 13:32 - 2013-07-14 13:32 - 00280368 _____ (Mozilla) C:\Users\Georg\Downloads\Firefox Setup Stub 22.0.exe
2013-07-14 13:15 - 2013-07-14 13:15 - 00001236 _____ C:\Users\UpdatusUser\Desktop\Play Hitman 2.lnk
2013-07-14 13:15 - 2013-07-14 13:15 - 00001236 _____ C:\Users\Georg\Desktop\Play Hitman 2.lnk
2013-07-14 13:15 - 2013-03-16 16:02 - 00000000 ____D C:\Program Files (x86)\Eidos Interactive
2013-07-14 10:19 - 2013-07-06 15:45 - 00000000 ____D C:\Users\Georg\Downloads\American Dad
2013-07-14 09:47 - 2013-07-14 09:47 - 00027329 _____ C:\Users\Georg\Desktop\Addition.txt
2013-07-14 09:45 - 2013-07-14 09:45 - 01777839 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2013-07-14 09:45 - 2013-07-14 09:45 - 00000000 ____D C:\FRST
2013-07-14 09:26 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-14 08:05 - 2013-01-28 16:51 - 00693760 ___SH C:\Users\Georg\Desktop\Thumbs.db
2013-07-14 08:05 - 2013-01-14 00:23 - 00605184 ___SH C:\Users\Georg\Downloads\Thumbs.db
2013-07-14 02:35 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-13 13:04 - 2013-07-13 13:04 - 00002153 _____ C:\Users\Public\Desktop\Age of Empires Expansion.lnk
2013-07-13 13:04 - 2013-07-13 13:04 - 00002146 _____ C:\Users\Public\Desktop\Age of Empires.lnk
2013-07-13 13:04 - 2013-02-23 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-07-13 11:22 - 2013-02-23 20:58 - 00000000 ____D C:\Users\Georg\Documents\My Games
2013-07-13 11:01 - 2013-07-13 11:01 - 00002149 _____ C:\Users\Public\Desktop\Age of Mythology Gold.lnk
2013-07-13 11:01 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 10:57 - 2013-07-13 10:57 - 00000000 ____D C:\Windows\Watson
2013-07-13 04:13 - 2013-07-07 15:25 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 04:07 - 2013-06-21 19:52 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 04:07 - 2013-06-21 19:52 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 23:29 - 2013-07-12 23:29 - 00003584 _____ C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-12 22:20 - 2013-07-12 22:20 - 00067584 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe
2013-07-12 22:20 - 2013-07-12 22:20 - 00011295 _____ C:\Windows\scunin.dat
2013-07-12 22:20 - 2013-07-12 22:20 - 00000967 _____ C:\Windows\ScUnin.pif
2013-07-12 22:08 - 2013-07-12 22:08 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldier of Fortune II - Double Helix GOLD - Help
2013-07-12 22:08 - 2013-03-10 00:55 - 00000000 ____D C:\Program Files (x86)\Soldier of Fortune II - Double Helix
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\UpdatusUser\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\Georg\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\UpdatusUser\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\Georg\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raven Software
2013-07-12 22:06 - 2013-02-03 17:55 - 00000770 _____ C:\Windows\Sof2.INI
2013-07-12 17:42 - 2012-08-03 01:02 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-07-12 17:42 - 2012-08-03 01:02 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-07-12 17:42 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-12 14:34 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-10 23:52 - 2013-01-13 18:06 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-09 23:26 - 2013-06-29 12:49 - 00000000 ____D C:\Users\Georg\Desktop\Standart Anwendungen
2013-07-08 18:11 - 2013-06-29 12:55 - 00000000 ____D C:\Users\Georg\Desktop\Spiele
2013-07-08 17:01 - 2013-07-08 17:01 - 00000000 ____D C:\ProgramData\2DBoy
2013-07-08 17:01 - 2013-07-08 17:00 - 00000000 ____D C:\Program Files (x86)\WorldOfGoo
2013-07-08 16:58 - 2013-01-12 15:19 - 00000000 ____D C:\Users\Georg\AppData\Local\VirtualStore
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\Documents\Empire Earth II
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Sierra
2013-07-08 16:49 - 2013-07-08 16:49 - 00000000 ____D C:\Program Files (x86)\Sierra
2013-07-08 16:49 - 2012-11-01 23:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-08 16:44 - 2013-06-29 12:55 - 00000000 ____D C:\Users\Georg\Desktop\Bilder und sonstiges
2013-07-07 17:14 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-07 17:04 - 2013-07-07 17:03 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2013-07-07 17:04 - 2013-07-07 17:03 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2013-07-07 17:04 - 2013-07-07 17:03 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
2013-07-07 17:03 - 2013-07-07 17:03 - 00000224 _____ C:\Windows\SIERRA.INI
2013-07-07 17:03 - 2013-07-07 17:03 - 00000000 ____D C:\Sierra
2013-07-07 17:02 - 2013-07-07 16:58 - 00000000 ____D C:\Program Files (x86)\Dead Island Riptide
2013-07-07 15:26 - 2013-07-07 15:26 - 00002214 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-07 15:26 - 2013-06-21 19:52 - 00000000 ____D C:\Users\Georg\AppData\Local\Google
2013-07-07 15:26 - 2013-06-21 19:52 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-07 03:58 - 2013-01-12 15:29 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2133237442-3676028956-401365519-1002
2013-07-07 01:09 - 2013-07-07 01:09 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 01:09 - 2013-07-07 01:09 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 01:09 - 2013-01-12 16:20 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-07 01:09 - 2013-01-12 16:20 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-07 00:26 - 2013-07-07 00:26 - 00000632 _____ C:\Windows\Wlf.INI
2013-07-07 00:12 - 2013-07-07 00:12 - 00001356 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuestViewer.lnk
2013-07-07 00:09 - 2013-07-07 00:04 - 00001105 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2.lnk
2013-07-07 00:09 - 2013-07-07 00:04 - 00001073 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2 Uninstall.lnk
2013-07-07 00:07 - 2013-07-07 00:07 - 00001750 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie v2.lnk
2013-07-07 00:04 - 2013-07-07 00:04 - 00000000 ____D C:\Program Files\Virtual Hottie 2
2013-07-05 04:11 - 2013-01-12 15:19 - 00000000 ____D C:\Users\Georg\AppData\Local\Packages
2013-07-03 01:36 - 2013-07-01 21:44 - 00000000 ____D C:\Users\Georg\Downloads\MythBusters
2013-07-01 10:25 - 2013-07-12 18:36 - 00000000 ____D C:\Users\Georg\Downloads\World War Z
2013-06-30 20:57 - 2013-06-30 20:57 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Red Alert 3
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 __RHD C:\Users\Georg\AppData\Roaming\SecuROM
2013-06-30 20:48 - 2013-06-30 20:48 - 00001052 _____ C:\Windows\DirectX.log
2013-06-30 20:48 - 2013-06-30 20:48 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-06-30 14:40 - 2013-06-30 03:28 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-30 14:30 - 2013-06-30 14:30 - 00000000 ____D C:\Users\Georg\Downloads\Mesonia_Client_Release
2013-06-30 04:39 - 2013-06-30 04:14 - 00000000 ____D C:\Program Files (x86)\Metin2
2013-06-30 03:28 - 2013-06-30 03:28 - 00000000 ____D C:\Users\Georg\AppData\Local\Gameforge4d
2013-06-30 03:12 - 2013-06-30 03:11 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll
2013-06-30 03:07 - 2013-06-30 03:02 - 00000000 ____D C:\Program Files (x86)\ANNO 1503 Königs- Edition
2013-06-30 01:15 - 2013-06-30 01:14 - 00000000 ____D C:\Program Files (x86)\Thandor
2013-06-30 00:58 - 2013-06-30 00:58 - 00000000 ____D C:\Users\Georg\Documents\ZombieDriverHD
2013-06-30 00:55 - 2013-06-30 00:55 - 00000000 ____D C:\Program Files (x86)\Exor Studios
2013-06-30 00:54 - 2013-02-03 01:10 - 00000000 ____D C:\Users\Georg\AppData\Roaming\DAEMON Tools Lite
2013-06-30 00:30 - 2013-06-29 02:11 - 00000000 ____D C:\Users\Georg\Downloads\Metin
2013-06-29 16:42 - 2013-06-29 15:13 - 272473314 _____ C:\Users\Georg\Downloads\OPT596HD.rar
2013-06-29 14:21 - 2013-06-29 14:21 - 00000632 _____ C:\Users\Georg\Desktop\Cyber.txt
2013-06-29 12:54 - 2013-05-07 11:33 - 00000000 ____D C:\Users\Georg\Desktop\iphone fotos
2013-06-29 12:52 - 2013-06-29 12:50 - 00000000 ____D C:\Users\Georg\Desktop\Converter
2013-06-29 03:40 - 2013-06-23 04:50 - 00000000 ____D C:\Users\Georg\Downloads\Dexter
2013-06-29 03:03 - 2013-06-02 09:52 - 00000000 ____D C:\Users\Georg\AppData\Roaming\elsterformular
2013-06-29 03:03 - 2013-06-02 09:52 - 00000000 ____D C:\ProgramData\elsterformular
2013-06-29 03:03 - 2013-05-25 15:35 - 00001793 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-29 03:01 - 2013-02-16 17:32 - 00000000 ____D C:\Program Files (x86)\iWin.com Games
2013-06-29 03:00 - 2013-06-13 22:27 - 00000000 ____D C:\Program Files (x86)\Bilder zu G-Code 1
2013-06-29 03:00 - 2013-05-09 14:13 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2013-06-29 03:00 - 2013-04-03 12:01 - 00000000 ____D C:\Program Files (x86)\Bridge Project
2013-06-29 02:57 - 2013-05-02 11:35 - 00000000 ____D C:\Program Files (x86)\Datel
2013-06-29 02:26 - 2013-06-29 02:24 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-28 00:04 - 2013-01-15 13:16 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-15 13:16 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Malwarebytes
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-23 21:45 - 2013-02-19 16:01 - 00000000 ____D C:\Windows\Minidump
2013-06-23 21:45 - 2012-08-03 00:24 - 00000000 ____D C:\Windows\Panther
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Users\Georg\AppData\Local\Opera
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Program Files (x86)\Opera
2013-06-21 08:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-21 07:06 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-21 07:06 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-06-20 05:02 - 2013-06-13 22:27 - 00003376 _____ C:\Windows\System32\Tasks\EPUpdater
2013-06-15 12:49 - 2013-06-11 22:12 - 01850316 _____ C:\Users\Georg\Desktop\111.dst

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-12 03:00

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 14.07.2013, 18:33   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Was macht Facebook?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 08:39   #9
RatzoR
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e055be93ca4ae5489887ffcfcb75f90b
# engine=14394
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-14 09:37:39
# local_time=2013-07-14 11:37:39 (+0100, Mitteleuropäische Sommerzeit)
# country="United Kingdom"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=5893 16776573 100 94 0 14426958 0 0
# scanned=278446
# found=0
# cleaned=0
# scan_time=9419

Security check:

da öffnet die DOS-box, ich deücke beliebige taste und dann steht da:

UNSUPPORTED OPERATING SYSTEM! ABORTED!



neues FRST log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2013
Ran by Georg (administrator) on 15-07-2013 09:34:27
Running from C:\Users\Georg\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
() C:\Windows\system32\KBDIT152.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
() C:\Users\Georg\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Ocs_SM] - C:\Users\Georg\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
HKLM\...\Run: [EKIJ5000StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [OscarEditor] - "C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe" Minimum [2603520 2010-05-06] ()
HKCU\...\Run: [AdobeBridge] -  [x]
MountPoints2: {5dea3bc1-6d31-11e2-be80-08606e0555de} - "G:\autorun.exe" 
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL,C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0BF6405E-4879-4461-A7F4-423E5B7F4DC9} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {10253F8E-3EFC-49F6-8DCC-6A87B7EE1D7C} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {1BC175F8-6E23-4368-B426-3CF3F6BCDC3E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {3DD704DF-29E2-43F7-991C-5B7CCD3CEDE3} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4ABFAF14-4CD9-4377-B242-3A99C2235569} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {EB3401B0-C5B3-414C-86ED-64EA07A2B293} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=f2974a0f-7c23-42a2-9861-cae3d5135485&pid=freewarede&mode=bounce&k=0
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\rx8jucdl.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\rx8jucdl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [ntfdsaftsfdfdxx@mozilla.org] C:\Users\Georg\AppData\Roaming\iPumper\extension_firefox.xpi
FF Extension: No Name - C:\Users\Georg\AppData\Roaming\iPumper\extension_firefox.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\4pwrp3dy.default\extensions\sparpilot@sparpilot.com

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Docs) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (SharaGet download helper) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\kekfoodhbhpjhjcdecjngamojfhknooc\1.0_0
CHR Extension: (Gmail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 iexprets; C:\Windows\system32\KBDIT152.exe [118272 2013-03-02] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-02-03] (DT Soft Ltd)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [54200 2012-09-26] (Thesycon GmbH, Germany)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 09:32 - 2013-07-15 09:32 - 00891022 _____ C:\Users\Georg\Desktop\SecurityCheck.exe
2013-07-14 20:57 - 2013-07-14 20:57 - 02347384 _____ (ESET) C:\Users\Georg\Downloads\esetsmartinstaller_enu.exe
2013-07-14 14:34 - 2013-07-14 14:34 - 00053563 _____ C:\Users\Georg\Desktop\FRST neu.txt
2013-07-14 14:27 - 2013-07-14 14:27 - 00000918 _____ C:\Users\Georg\Desktop\JRT.txt
2013-07-14 14:24 - 2013-07-14 14:24 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 14:23 - 2013-07-14 14:23 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Georg\Downloads\JRT.exe
2013-07-14 14:21 - 2013-07-14 14:21 - 00018078 _____ C:\Users\Georg\Desktop\AdwCleaner[S2].txt
2013-07-14 14:20 - 2013-07-14 14:20 - 04941016 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 14:18 - 2013-07-14 14:19 - 00018078 _____ C:\AdwCleaner[S2].txt
2013-07-14 14:18 - 2013-07-14 14:18 - 00000300 _____ C:\AdwCleaner[S1].txt
2013-07-14 14:17 - 2013-07-14 14:17 - 00000502 _____ C:\Users\Georg\Desktop\tabs.txt
2013-07-14 14:03 - 2013-07-14 14:03 - 00662345 _____ C:\Users\Georg\Desktop\adwcleaner.exe
2013-07-14 14:00 - 2013-07-14 14:00 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-14 14:00 - 2013-07-14 14:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 14:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-14 13:59 - 2013-07-14 13:59 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Georg\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-14 13:33 - 2013-07-14 13:33 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Mozilla
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-14 13:32 - 2013-07-14 13:32 - 00280368 _____ (Mozilla) C:\Users\Georg\Downloads\Firefox Setup Stub 22.0.exe
2013-07-14 13:15 - 2013-07-14 13:15 - 00001236 _____ C:\Users\UpdatusUser\Desktop\Play Hitman 2.lnk
2013-07-14 13:15 - 2013-07-14 13:15 - 00001236 _____ C:\Users\Georg\Desktop\Play Hitman 2.lnk
2013-07-14 09:47 - 2013-07-14 09:47 - 00027329 _____ C:\Users\Georg\Desktop\Addition.txt
2013-07-14 09:45 - 2013-07-14 09:45 - 01777839 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2013-07-14 09:45 - 2013-07-14 09:45 - 00000000 ____D C:\FRST
2013-07-13 13:04 - 2013-07-13 13:04 - 00002153 _____ C:\Users\Public\Desktop\Age of Empires Expansion.lnk
2013-07-13 13:04 - 2013-07-13 13:04 - 00002146 _____ C:\Users\Public\Desktop\Age of Empires.lnk
2013-07-13 13:04 - 1999-01-21 13:00 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2013-07-13 13:04 - 1999-01-21 13:00 - 00056832 ____N C:\Windows\SysWOW64\iyvu9_32.dll
2013-07-13 11:01 - 2013-07-13 11:01 - 00002149 _____ C:\Users\Public\Desktop\Age of Mythology Gold.lnk
2013-07-13 10:57 - 2013-07-13 10:57 - 00000000 ____D C:\Windows\Watson
2013-07-12 23:29 - 2013-07-12 23:29 - 00003584 _____ C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-12 22:20 - 2013-07-12 22:20 - 00067584 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe
2013-07-12 22:20 - 2013-07-12 22:20 - 00011295 _____ C:\Windows\scunin.dat
2013-07-12 22:20 - 2013-07-12 22:20 - 00000967 _____ C:\Windows\ScUnin.pif
2013-07-12 22:08 - 2013-07-12 22:08 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldier of Fortune II - Double Helix GOLD - Help
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\UpdatusUser\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\Georg\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\UpdatusUser\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\Georg\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raven Software
2013-07-12 18:36 - 2013-07-01 10:25 - 00000000 ____D C:\Users\Georg\Downloads\World War Z
2013-07-10 17:03 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 17:03 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 17:03 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 17:03 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 17:03 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 17:02 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 17:02 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 17:02 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 17:02 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 17:02 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 17:02 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 17:02 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 17:02 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 17:02 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 17:02 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-08 17:01 - 2013-07-08 17:01 - 00000000 ____D C:\ProgramData\2DBoy
2013-07-08 17:00 - 2013-07-08 17:01 - 00000000 ____D C:\Program Files (x86)\WorldOfGoo
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\Documents\Empire Earth II
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Sierra
2013-07-08 16:49 - 2013-07-08 16:49 - 00000000 ____D C:\Program Files (x86)\Sierra
2013-07-07 17:03 - 2013-07-07 17:04 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2013-07-07 17:03 - 2013-07-07 17:04 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2013-07-07 17:03 - 2013-07-07 17:04 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
2013-07-07 17:03 - 2013-07-07 17:03 - 00000224 _____ C:\Windows\SIERRA.INI
2013-07-07 17:03 - 2013-07-07 17:03 - 00000000 ____D C:\Sierra
2013-07-07 16:58 - 2013-07-07 17:02 - 00000000 ____D C:\Program Files (x86)\Dead Island Riptide
2013-07-07 15:26 - 2013-07-07 15:26 - 00002214 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-07 15:25 - 2013-07-13 04:13 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-07 01:09 - 2013-07-07 01:09 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 01:09 - 2013-07-07 01:09 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 00:26 - 2013-07-07 00:26 - 00000632 _____ C:\Windows\Wlf.INI
2013-07-07 00:12 - 2013-07-07 00:12 - 00001356 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuestViewer.lnk
2013-07-07 00:07 - 2013-07-07 00:07 - 00001750 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie v2.lnk
2013-07-07 00:04 - 2013-07-07 00:09 - 00001105 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2.lnk
2013-07-07 00:04 - 2013-07-07 00:09 - 00001073 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2 Uninstall.lnk
2013-07-07 00:04 - 2013-07-07 00:04 - 00000000 ____D C:\Program Files\Virtual Hottie 2
2013-07-06 15:45 - 2013-07-14 10:19 - 00000000 ____D C:\Users\Georg\Downloads\American Dad
2013-07-03 22:55 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-01 21:44 - 2013-07-03 01:36 - 00000000 ____D C:\Users\Georg\Downloads\MythBusters
2013-06-30 20:57 - 2013-06-30 20:57 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Red Alert 3
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 __RHD C:\Users\Georg\AppData\Roaming\SecuROM
2013-06-30 20:48 - 2013-06-30 20:48 - 00001052 _____ C:\Windows\DirectX.log
2013-06-30 20:48 - 2013-06-30 20:48 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-06-30 14:30 - 2013-06-30 14:30 - 00000000 ____D C:\Users\Georg\Downloads\Mesonia_Client_Release
2013-06-30 04:14 - 2013-06-30 04:39 - 00000000 ____D C:\Program Files (x86)\Metin2
2013-06-30 03:28 - 2013-06-30 14:40 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-30 03:28 - 2013-06-30 03:28 - 00000000 ____D C:\Users\Georg\AppData\Local\Gameforge4d
2013-06-30 03:11 - 2013-06-30 03:12 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll
2013-06-30 03:02 - 2013-06-30 03:07 - 00000000 ____D C:\Program Files (x86)\ANNO 1503 Königs- Edition
2013-06-30 01:21 - 2013-07-14 14:19 - 00012760 _____ C:\Windows\PFRO.log
2013-06-30 01:14 - 2013-06-30 01:15 - 00000000 ____D C:\Program Files (x86)\Thandor
2013-06-30 00:58 - 2013-06-30 00:58 - 00000000 ____D C:\Users\Georg\Documents\ZombieDriverHD
2013-06-30 00:55 - 2013-06-30 00:55 - 00000000 ____D C:\Program Files (x86)\Exor Studios
2013-06-29 15:13 - 2013-06-29 16:42 - 272473314 _____ C:\Users\Georg\Downloads\OPT596HD.rar
2013-06-29 14:21 - 2013-06-29 14:21 - 00000632 _____ C:\Users\Georg\Desktop\Cyber.txt
2013-06-29 12:55 - 2013-07-08 18:11 - 00000000 ____D C:\Users\Georg\Desktop\Spiele
2013-06-29 12:55 - 2013-07-08 16:44 - 00000000 ____D C:\Users\Georg\Desktop\Bilder und sonstiges
2013-06-29 12:50 - 2013-06-29 12:52 - 00000000 ____D C:\Users\Georg\Desktop\Converter
2013-06-29 12:49 - 2013-07-09 23:26 - 00000000 ____D C:\Users\Georg\Desktop\Standart Anwendungen
2013-06-29 02:24 - 2013-06-29 02:26 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-29 02:11 - 2013-06-30 00:30 - 00000000 ____D C:\Users\Georg\Downloads\Metin
2013-06-23 22:12 - 2013-07-15 08:56 - 01849764 _____ C:\Windows\WindowsUpdate.log
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Malwarebytes
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-23 04:50 - 2013-06-29 03:40 - 00000000 ____D C:\Users\Georg\Downloads\Dexter
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Users\Georg\AppData\Local\Opera
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Program Files (x86)\Opera
2013-06-21 19:52 - 2013-07-15 09:12 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-21 19:52 - 2013-07-15 04:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-21 19:52 - 2013-07-13 04:07 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-06-21 19:52 - 2013-07-13 04:07 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-06-21 19:52 - 2013-07-07 15:26 - 00000000 ____D C:\Users\Georg\AppData\Local\Google
2013-06-21 19:52 - 2013-07-07 15:26 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-15 08:18 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-06-15 08:18 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-15 07:42 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-06-15 07:42 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-15 06:43 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-06-15 06:43 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-06-15 06:43 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-15 06:43 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-15 05:37 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-06-15 05:37 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-06-15 05:37 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-06-15 05:37 - 2013-05-04 09:34 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-06-15 05:37 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-06-15 05:37 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-06-15 05:37 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-06-15 05:37 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-06-15 05:37 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-06-15 05:37 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-06-15 05:37 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-06-15 05:37 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-06-15 05:37 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-06-15 05:37 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-15 05:37 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-15 05:37 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-15 05:37 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-15 05:37 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-15 05:37 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-15 05:37 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-15 05:37 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-15 05:37 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-15 05:37 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-06-15 05:37 - 2013-05-04 06:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-06-15 05:37 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-06-15 05:37 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-06-15 05:37 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-15 05:37 - 2013-05-03 00:04 - 00386646 _____ C:\Windows\system32\ApnDatabase.xml

==================== One Month Modified Files and Folders =======

2013-07-15 09:32 - 2013-07-15 09:32 - 00891022 _____ C:\Users\Georg\Desktop\SecurityCheck.exe
2013-07-15 09:27 - 2013-01-12 17:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 09:12 - 2013-06-21 19:52 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 09:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-15 08:56 - 2013-06-23 22:12 - 01849764 _____ C:\Windows\WindowsUpdate.log
2013-07-15 04:12 - 2013-06-21 19:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-14 22:44 - 2013-03-10 15:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\vlc
2013-07-14 20:57 - 2013-07-14 20:57 - 02347384 _____ (ESET) C:\Users\Georg\Downloads\esetsmartinstaller_enu.exe
2013-07-14 14:34 - 2013-07-14 14:34 - 00053563 _____ C:\Users\Georg\Desktop\FRST neu.txt
2013-07-14 14:27 - 2013-07-14 14:27 - 00000918 _____ C:\Users\Georg\Desktop\JRT.txt
2013-07-14 14:24 - 2013-07-14 14:24 - 00000000 ____D C:\Windows\ERUNT
2013-07-14 14:23 - 2013-07-14 14:23 - 00559441 _____ (Oleg N. Scherbakov) C:\Users\Georg\Downloads\JRT.exe
2013-07-14 14:21 - 2013-07-14 14:21 - 00018078 _____ C:\Users\Georg\Desktop\AdwCleaner[S2].txt
2013-07-14 14:20 - 2013-07-14 14:20 - 04941016 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 14:20 - 2013-01-12 15:24 - 00000408 _____ C:\Users\Georg\AppData\Roaming\sp_data.sys
2013-07-14 14:20 - 2012-11-01 23:31 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-14 14:20 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-14 14:19 - 2013-07-14 14:18 - 00018078 _____ C:\AdwCleaner[S2].txt
2013-07-14 14:19 - 2013-06-30 01:21 - 00012760 _____ C:\Windows\PFRO.log
2013-07-14 14:19 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-14 14:18 - 2013-07-14 14:18 - 00000300 _____ C:\AdwCleaner[S1].txt
2013-07-14 14:17 - 2013-07-14 14:17 - 00000502 _____ C:\Users\Georg\Desktop\tabs.txt
2013-07-14 14:03 - 2013-07-14 14:03 - 00662345 _____ C:\Users\Georg\Desktop\adwcleaner.exe
2013-07-14 14:00 - 2013-07-14 14:00 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-14 14:00 - 2013-07-14 14:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 13:59 - 2013-07-14 13:59 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Georg\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-14 13:33 - 2013-07-14 13:33 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Mozilla
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-14 13:33 - 2013-07-14 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-14 13:32 - 2013-07-14 13:32 - 00280368 _____ (Mozilla) C:\Users\Georg\Downloads\Firefox Setup Stub 22.0.exe
2013-07-14 13:15 - 2013-07-14 13:15 - 00001236 _____ C:\Users\UpdatusUser\Desktop\Play Hitman 2.lnk
2013-07-14 13:15 - 2013-07-14 13:15 - 00001236 _____ C:\Users\Georg\Desktop\Play Hitman 2.lnk
2013-07-14 13:15 - 2013-03-16 16:02 - 00000000 ____D C:\Program Files (x86)\Eidos Interactive
2013-07-14 10:19 - 2013-07-06 15:45 - 00000000 ____D C:\Users\Georg\Downloads\American Dad
2013-07-14 09:47 - 2013-07-14 09:47 - 00027329 _____ C:\Users\Georg\Desktop\Addition.txt
2013-07-14 09:45 - 2013-07-14 09:45 - 01777839 _____ (Farbar) C:\Users\Georg\Desktop\FRST64.exe
2013-07-14 09:45 - 2013-07-14 09:45 - 00000000 ____D C:\FRST
2013-07-14 09:26 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-14 08:05 - 2013-01-28 16:51 - 00693760 ___SH C:\Users\Georg\Desktop\Thumbs.db
2013-07-14 08:05 - 2013-01-14 00:23 - 00605184 ___SH C:\Users\Georg\Downloads\Thumbs.db
2013-07-14 02:35 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-13 13:04 - 2013-07-13 13:04 - 00002153 _____ C:\Users\Public\Desktop\Age of Empires Expansion.lnk
2013-07-13 13:04 - 2013-07-13 13:04 - 00002146 _____ C:\Users\Public\Desktop\Age of Empires.lnk
2013-07-13 13:04 - 2013-02-23 20:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-07-13 11:22 - 2013-02-23 20:58 - 00000000 ____D C:\Users\Georg\Documents\My Games
2013-07-13 11:01 - 2013-07-13 11:01 - 00002149 _____ C:\Users\Public\Desktop\Age of Mythology Gold.lnk
2013-07-13 11:01 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 10:57 - 2013-07-13 10:57 - 00000000 ____D C:\Windows\Watson
2013-07-13 04:13 - 2013-07-07 15:25 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 04:07 - 2013-06-21 19:52 - 00004086 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 04:07 - 2013-06-21 19:52 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 23:29 - 2013-07-12 23:29 - 00003584 _____ C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-12 22:20 - 2013-07-12 22:20 - 00067584 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe
2013-07-12 22:20 - 2013-07-12 22:20 - 00011295 _____ C:\Windows\scunin.dat
2013-07-12 22:20 - 2013-07-12 22:20 - 00000967 _____ C:\Windows\ScUnin.pif
2013-07-12 22:08 - 2013-07-12 22:08 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldier of Fortune II - Double Helix GOLD - Help
2013-07-12 22:08 - 2013-03-10 00:55 - 00000000 ____D C:\Program Files (x86)\Soldier of Fortune II - Double Helix
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\UpdatusUser\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001189 _____ C:\Users\Georg\Desktop\SOF II Einzelspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\UpdatusUser\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00001115 _____ C:\Users\Georg\Desktop\SOF II Mehrspieler.lnk
2013-07-12 22:06 - 2013-07-12 22:06 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raven Software
2013-07-12 22:06 - 2013-02-03 17:55 - 00000770 _____ C:\Windows\Sof2.INI
2013-07-12 17:42 - 2012-08-03 01:02 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-07-12 17:42 - 2012-08-03 01:02 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-07-12 17:42 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-12 14:34 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-10 23:52 - 2013-01-13 18:06 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-09 23:26 - 2013-06-29 12:49 - 00000000 ____D C:\Users\Georg\Desktop\Standart Anwendungen
2013-07-08 18:11 - 2013-06-29 12:55 - 00000000 ____D C:\Users\Georg\Desktop\Spiele
2013-07-08 17:01 - 2013-07-08 17:01 - 00000000 ____D C:\ProgramData\2DBoy
2013-07-08 17:01 - 2013-07-08 17:00 - 00000000 ____D C:\Program Files (x86)\WorldOfGoo
2013-07-08 16:58 - 2013-01-12 15:19 - 00000000 ____D C:\Users\Georg\AppData\Local\VirtualStore
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\Documents\Empire Earth II
2013-07-08 16:51 - 2013-07-08 16:51 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Sierra
2013-07-08 16:49 - 2013-07-08 16:49 - 00000000 ____D C:\Program Files (x86)\Sierra
2013-07-08 16:49 - 2012-11-01 23:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-08 16:44 - 2013-06-29 12:55 - 00000000 ____D C:\Users\Georg\Desktop\Bilder und sonstiges
2013-07-07 17:14 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-07 17:04 - 2013-07-07 17:03 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2013-07-07 17:04 - 2013-07-07 17:03 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2013-07-07 17:04 - 2013-07-07 17:03 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
2013-07-07 17:03 - 2013-07-07 17:03 - 00000224 _____ C:\Windows\SIERRA.INI
2013-07-07 17:03 - 2013-07-07 17:03 - 00000000 ____D C:\Sierra
2013-07-07 17:02 - 2013-07-07 16:58 - 00000000 ____D C:\Program Files (x86)\Dead Island Riptide
2013-07-07 15:26 - 2013-07-07 15:26 - 00002214 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-07 15:26 - 2013-06-21 19:52 - 00000000 ____D C:\Users\Georg\AppData\Local\Google
2013-07-07 15:26 - 2013-06-21 19:52 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-07 03:58 - 2013-01-12 15:29 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2133237442-3676028956-401365519-1002
2013-07-07 01:09 - 2013-07-07 01:09 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-07 01:09 - 2013-07-07 01:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-07 01:09 - 2013-07-07 01:09 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-07 01:09 - 2013-01-12 16:20 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-07 01:09 - 2013-01-12 16:20 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-07 00:26 - 2013-07-07 00:26 - 00000632 _____ C:\Windows\Wlf.INI
2013-07-07 00:12 - 2013-07-07 00:12 - 00001356 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuestViewer.lnk
2013-07-07 00:09 - 2013-07-07 00:04 - 00001105 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2.lnk
2013-07-07 00:09 - 2013-07-07 00:04 - 00001073 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie 2 Uninstall.lnk
2013-07-07 00:07 - 2013-07-07 00:07 - 00001750 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Hottie v2.lnk
2013-07-07 00:04 - 2013-07-07 00:04 - 00000000 ____D C:\Program Files\Virtual Hottie 2
2013-07-05 04:11 - 2013-01-12 15:19 - 00000000 ____D C:\Users\Georg\AppData\Local\Packages
2013-07-03 01:36 - 2013-07-01 21:44 - 00000000 ____D C:\Users\Georg\Downloads\MythBusters
2013-07-01 10:25 - 2013-07-12 18:36 - 00000000 ____D C:\Users\Georg\Downloads\World War Z
2013-06-30 20:57 - 2013-06-30 20:57 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Red Alert 3
2013-06-30 20:54 - 2013-06-30 20:54 - 00000000 __RHD C:\Users\Georg\AppData\Roaming\SecuROM
2013-06-30 20:48 - 2013-06-30 20:48 - 00001052 _____ C:\Windows\DirectX.log
2013-06-30 20:48 - 2013-06-30 20:48 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-06-30 14:40 - 2013-06-30 03:28 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2013-06-30 14:30 - 2013-06-30 14:30 - 00000000 ____D C:\Users\Georg\Downloads\Mesonia_Client_Release
2013-06-30 04:39 - 2013-06-30 04:14 - 00000000 ____D C:\Program Files (x86)\Metin2
2013-06-30 03:28 - 2013-06-30 03:28 - 00000000 ____D C:\Users\Georg\AppData\Local\Gameforge4d
2013-06-30 03:12 - 2013-06-30 03:11 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll
2013-06-30 03:07 - 2013-06-30 03:02 - 00000000 ____D C:\Program Files (x86)\ANNO 1503 Königs- Edition
2013-06-30 01:15 - 2013-06-30 01:14 - 00000000 ____D C:\Program Files (x86)\Thandor
2013-06-30 00:58 - 2013-06-30 00:58 - 00000000 ____D C:\Users\Georg\Documents\ZombieDriverHD
2013-06-30 00:55 - 2013-06-30 00:55 - 00000000 ____D C:\Program Files (x86)\Exor Studios
2013-06-30 00:54 - 2013-02-03 01:10 - 00000000 ____D C:\Users\Georg\AppData\Roaming\DAEMON Tools Lite
2013-06-30 00:30 - 2013-06-29 02:11 - 00000000 ____D C:\Users\Georg\Downloads\Metin
2013-06-29 16:42 - 2013-06-29 15:13 - 272473314 _____ C:\Users\Georg\Downloads\OPT596HD.rar
2013-06-29 14:21 - 2013-06-29 14:21 - 00000632 _____ C:\Users\Georg\Desktop\Cyber.txt
2013-06-29 12:54 - 2013-05-07 11:33 - 00000000 ____D C:\Users\Georg\Desktop\iphone fotos
2013-06-29 12:52 - 2013-06-29 12:50 - 00000000 ____D C:\Users\Georg\Desktop\Converter
2013-06-29 03:40 - 2013-06-23 04:50 - 00000000 ____D C:\Users\Georg\Downloads\Dexter
2013-06-29 03:03 - 2013-06-02 09:52 - 00000000 ____D C:\Users\Georg\AppData\Roaming\elsterformular
2013-06-29 03:03 - 2013-06-02 09:52 - 00000000 ____D C:\ProgramData\elsterformular
2013-06-29 03:03 - 2013-05-25 15:35 - 00001793 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-29 03:01 - 2013-02-16 17:32 - 00000000 ____D C:\Program Files (x86)\iWin.com Games
2013-06-29 03:00 - 2013-06-13 22:27 - 00000000 ____D C:\Program Files (x86)\Bilder zu G-Code 1
2013-06-29 03:00 - 2013-05-09 14:13 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2013-06-29 03:00 - 2013-04-03 12:01 - 00000000 ____D C:\Program Files (x86)\Bridge Project
2013-06-29 02:57 - 2013-05-02 11:35 - 00000000 ____D C:\Program Files (x86)\Datel
2013-06-29 02:26 - 2013-06-29 02:24 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-06-29 02:24 - 2013-06-29 02:24 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-06-28 00:04 - 2013-01-15 13:16 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-15 13:16 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Malwarebytes
2013-06-23 21:49 - 2013-06-23 21:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-23 21:45 - 2013-02-19 16:01 - 00000000 ____D C:\Windows\Minidump
2013-06-23 21:45 - 2012-08-03 00:24 - 00000000 ____D C:\Windows\Panther
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Users\Georg\AppData\Local\Opera
2013-06-21 19:58 - 2013-06-21 19:58 - 00000000 ____D C:\Program Files (x86)\Opera
2013-06-21 08:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-21 07:06 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-21 07:06 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-21 07:06 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-06-20 05:02 - 2013-06-13 22:27 - 00003376 _____ C:\Windows\System32\Tasks\EPUpdater
2013-06-15 12:49 - 2013-06-11 22:12 - 01850316 _____ C:\Users\Georg\Desktop\111.dst

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-12 03:00

==================== End Of Log ============================
--- --- ---




Facebook geht noch immer nicht aber bis hier hin schon mal danke =)

Alt 15.07.2013, 09:26   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


in welchem Browser? Bitte mal genaue Fehlerbeschreibung oder Screenshot.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 09:35   #11
RatzoR
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


fehler tritt bei allen browsern auf die ich seit dem ausprobiert habe (Mozilla, Opera, Internet Explorer und google chrome)




und wenn ich die seite aktualisiere passiert nichts - sie bleibt genau so wie sie jetzt ist

wenn ich die seite lange nicht öffne dann startet die seite ganz normal (da wo man sich anmelden muss) und wenn ich mich dann einlogge dann is der bildschirm wieder weiß...

Alt 15.07.2013, 10:56   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


und wenn du http statt https versuchst?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 11:00   #13
RatzoR
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


dann ändert sich auch nichts

also virus hab ich schon mal keinen oder?

Alt 15.07.2013, 11:36   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


Nicht mehr.

Firefox deinstallieren, keine Daten behalten, neu installieren. Nochmal testen.

Wenns nit geht:

Router komplett vom Strom nehmen, 20 min warten, wieder anschliessen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 18:36   #15
RatzoR
 
Kein Browser öffnet Facebook - Standard

Kein Browser öffnet Facebook


firefox mit alle cokkies etc. gelöscht, router eine stunde ausgeschalten und mozilla neu installiert (bei der installation nichts von anderen browsern importiert)

geht immer noch nicht =(

da wird mir dann wohl doch nichts anderes übrig bleiben als pc wiederherzustellen oder?

Antwort
Seite 1 von 2 1 2

Themen zu Kein Browser öffnet Facebook
browser, chrome, facebook, facebook öffnet nicht, folge, folgendes, freue, gesuch, gesucht, google, google chrome, guten, hilfe, https, laptop, morgen, mozilla, opera, problem, seite, standartbrowser, wenig, würde, zugang, öffnen, öffnet


« Win32:Addlyrics-M [Adw] Trojaner Windows 8 | Trojan Downloader: Win32 Adload.DA-Virus »


Ähnliche Themen: Kein Browser öffnet Facebook


  1. Kein Internetzugriff, nur durch Browser.
    Plagegeister aller Art und deren Bekämpfung - 09.04.2015 (7)
  2. Facebook: Ausfall war kein Hackerangriff
    Nachrichten - 27.01.2015 (0)
  3. Die Facebook Seite öffnet sich seid heute nicht mehr.
    Plagegeister aller Art und deren Bekämpfung - 28.10.2014 (5)
  4. Windows 8 / "Feun2Save": Nur noch Werbelinks usw. im Browser; Browser öffnet sich von alleine
    Log-Analyse und Auswertung - 06.10.2014 (18)
  5. Verschiedene Browser öffnen nur Facebook, Google & YouTube
    Plagegeister aller Art und deren Bekämpfung - 23.06.2014 (17)
  6. Google chrome Öffnet 3 Facebook tabs unaufgefordert
    Plagegeister aller Art und deren Bekämpfung - 08.03.2014 (25)
  7. Task Manager geht nicht mehr, Browser öffnet Internetseite, cmd-Fenster öffnet sich bei Start
    Log-Analyse und Auswertung - 19.06.2013 (8)
  8. Kein Zugriff mehr auf YouTube, Facebook, Google,Ebay und tumblr
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (1)
  9. Werbeanzeigen in Facebook Profil & AudioWerbung wenn Browser geöffnet (Trojan.BHO)(Rootkit.Agent)
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (11)
  10. Programme bekommen kein Verbindung mehr (Facebook-Update)
    Plagegeister aller Art und deren Bekämpfung - 20.06.2012 (1)
  11. Trojaner (chatfenster öffnet sich, person verlangt geld und hat meine facebook login daten...)
    Log-Analyse und Auswertung - 04.06.2012 (3)
  12. Google lädt nur sehr langsam und öffnet manchmal Werbeseiten (vermutlich durch Facebook infiziert)
    Log-Analyse und Auswertung - 02.11.2011 (8)
  13. Dropper.gen über Facebook-Link - kein Windows-Start
    Plagegeister aller Art und deren Bekämpfung - 07.10.2011 (1)
  14. Browser öffnet Facebook nicht, Google Suchmaschiene funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 26.04.2011 (1)
  15. Es Funktioniert kein Browser mehr
    Plagegeister aller Art und deren Bekämpfung - 16.12.2010 (30)
  16. Browser kein Verbindung über LAN
    Plagegeister aller Art und deren Bekämpfung - 09.03.2009 (2)
  17. Browser öffnet selsbt Werbefenster. Kaspersky kann kein Update mehr machen u.s.w.
    Log-Analyse und Auswertung - 30.10.2008 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kein Browser öffnet Facebook - Guten Morgen, also ich habe folgendes Problem: Bei mir öffnen kein Browser die Seite https://www.facebook.com/ - mein Standartbrowser ist Mozilla, versuchsweise habe ich es mit Google Chrome und Opera versucht. - Kein Browser öffnet Facebook...
Archiv
Du betrachtest: Kein Browser öffnet Facebook auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131