Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.11.2013, 15:17   #1
Thure
 
Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter) - Standard

Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)



Ich habe ganz seltsame Probleme. Seit heute offnet sich beim STart immer der IE mit einer Seite namens "hxxp://www_getwindowinfo". Wenn ich das Fenster schließe öffnet es sich wieder. Außerdem scheint Firefox, wenn ich nicht da bin und der Rechner aus sein sollte, Spiele runterzuladen. Ich weiß jetzt leider nichtmehr welche es waren. Alles sehr seltsam. Ich habe mal einen Suchlauf mit FRST gemacht (Das blöde ist das meine Mutter und Schwester den Rechner auch nutzen, wenn ich in der Uni bin... Und ich sage jedesmal, sie sollen aufpassen). Auch Antivir kann keinen Echtzeitscan starten. Alles sehr merkwürdig.
Angehängte Dateien
Dateityp: txt FRST.txt (76,8 KB, 124x aufgerufen)
Dateityp: txt Addition.txt (41,3 KB, 141x aufgerufen)

Alt 18.11.2013, 15:27   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter) - Standard

Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 18.11.2013, 15:33   #3
Thure
 
Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter) - Standard

Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)



FRST.txt:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2013 02
Ran by Florian_2 (administrator) on FLORIAN-PC on 18-11-2013 16:05:09
Running from C:\Users\Florian_2\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apache Software Foundation) C:\OSGeo4W\apache\bin\httpd.exe
(Apache Software Foundation) C:\OSGeo4W\apache\bin\httpd.exe
() D:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\Rapoo\RP24G\RP24G_Config.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\avgnt.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640 2011-08-31] (CyberLink Corp.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Sweetpacks Communicator] - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [295728 2012-02-26] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Rapoo RP24G] - C:\Program Files (x86)\Rapoo\RP24G\RP24G_Config.exe [5406720 2011-12-16] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Florian\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-08-09] (InstallShield Software Corporation)
HKU\Florian\...\Run: [WLSync] - C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe [1449824 2012-03-08] (Microsoft Corporation)
HKU\Florian\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\Florian\...\Run: [SearchEngineProtection] - C:\Program Files (x86)\GamesBar\update\SearchEngineProtection.exe [620480 2013-11-13] (Oberon Media )
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?q={searchTerms}
BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Florian\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Florian\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
BHO-x32: Mein Gutscheincode - {11111111-1111-1111-1111-110211941181} - C:\Program Files (x86)\Mein Gutscheincode\Mein Gutscheincode-bho.dll (Mein Gutscheincode GmbH)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: YrJie New Games - {A86EFAD9-8377-476D-9192-CF440B6F88EC} - C:\Program Files (x86)\IeAdsBlocker.dll (YrJie Games)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Burger%20Bustle/Images/stg_drm.ocx
DPF: HKLM-x32 {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Burger%20Bustle/Images/armhelper.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Florian_2\AppData\Roaming\Mozilla\Firefox\Profiles\msbyjj6g.default
FF Homepage: gmx.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @alawar.com/npapi - C:\Windows\npapi.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: noscript - C:\Users\Florian_2\AppData\Roaming\Mozilla\Firefox\Profiles\msbyjj6g.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: tabmix - C:\Users\Florian_2\AppData\Roaming\Mozilla\Firefox\Profiles\msbyjj6g.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 ApacheOSGeo4WWebServer; C:\OSGeo4W\apache\bin\httpd.exe [24645 2009-09-28] (Apache Software Foundation)
S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2012-06-07] (BOONTY)
R2 DAZContentManagementService; D:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] ()
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [559552 2013-08-08] (RealNetworks, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-04-04] ()
R2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [185856 2012-05-01] ()
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-03-08] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-03-08] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 rp24gms; C:\Windows\System32\drivers\rp24gms.sys [18944 2011-08-03] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-18 16:05 - 2013-11-18 16:05 - 00019568 _____ C:\Users\Florian_2\Desktop\FRST.txt
2013-11-18 16:00 - 2013-11-18 16:00 - 00000000 ____D C:\Users\Florian_2\AppData\Local\Adobe
2013-11-18 15:52 - 2013-11-18 15:52 - 00000000 ____D C:\FRST
2013-11-18 15:51 - 2013-11-18 15:52 - 01958026 _____ (Farbar) C:\Users\Florian_2\Desktop\FRST64.exe
2013-11-18 15:49 - 2013-11-18 15:49 - 00602112 _____ (OldTimer Tools) C:\Users\Florian_2\Desktop\OTL.exe
2013-11-18 15:40 - 2013-11-18 15:40 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\Malwarebytes
2013-11-18 15:38 - 2013-11-18 15:38 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Florian_2\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 15:15 - 2013-11-18 15:15 - 00138904 _____ C:\Users\Florian_2\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-18 15:08 - 2013-11-18 15:08 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\HpUpdate
2013-11-18 15:08 - 2013-11-18 15:08 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\Avira
2013-11-18 15:04 - 2013-11-18 15:04 - 00000000 ____D C:\Users\Florian_2\AppData\Local\Apple
2013-11-18 14:58 - 2013-11-18 15:10 - 00000000 ____D C:\Users\Florian_2\AppData\Local\Mozilla
2013-11-18 14:58 - 2013-11-18 14:58 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\Mozilla
2013-11-18 14:58 - 2013-11-18 14:58 - 00000000 ____D C:\Users\Florian_2\AppData\Local\Macromedia
2013-11-18 14:57 - 2013-11-18 14:57 - 00000355 _____ C:\Users\Florian_2\Desktop\Arbeitsplatz.lnk
2013-11-18 14:55 - 2013-11-18 14:55 - 00000000 ____D C:\Users\Florian\AppData\Local\{DDC9375A-284B-4708-962D-C1BAEB0FCFDA}
2013-11-18 14:44 - 2013-11-18 16:00 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\Adobe
2013-11-18 12:26 - 2013-11-18 12:39 - 00000000 ____D C:\ProgramData\Farm Fishes
2013-11-18 12:25 - 2013-11-18 14:52 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Frenzy - Frische Fische
2013-11-18 12:25 - 2013-11-18 14:52 - 00000000 ____D C:\Program Files (x86)\Farm Frenzy - Frische Fische
2013-11-18 12:07 - 2013-11-18 12:07 - 00000000 ____D C:\Users\Florian\AppData\Local\DoNotTrackPlus
2013-11-18 12:05 - 2013-11-18 14:52 - 00000000 ____D C:\Users\Florian\AppData\Local\Temp711f7a3e2997334f02e27ab2d747ea0c_
2013-11-18 12:02 - 2013-11-18 14:52 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempb3f88457adf499c9cba560d11c9727b6
2013-11-18 12:02 - 2013-11-18 14:52 - 00000000 ____D C:\Users\Florian\AppData\Local\Temp711f7a3e2997334f02e27ab2d747ea0c
2013-11-18 11:38 - 2013-11-18 14:52 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Windows Net Data
2013-11-18 11:38 - 2013-11-18 11:38 - 00000000 ____D C:\ProgramData\CheckPoint
2013-11-18 11:38 - 2013-11-18 11:38 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2013-11-18 11:38 - 2013-11-18 11:38 - 00000000 ____D C:\Program Files (x86)\Check Point Software Technologies LTD
2013-11-18 11:26 - 2013-11-18 14:52 - 00000000 ____D C:\Program Files (x86)\Alawar Elements
2013-11-18 11:25 - 2013-11-18 11:25 - 00000000 ____D C:\Program Files (x86)\Alawar
2013-11-18 09:07 - 2013-11-18 09:08 - 00000000 ____D C:\Users\Florian\AppData\Local\{64100A0A-05E7-4149-9A60-F45BD34F0B49}
2013-11-17 09:07 - 2013-11-17 21:07 - 00000000 ____D C:\Users\Florian\AppData\Local\{CB99D928-7CB5-4471-99D6-739D9D5D53E5}
2013-11-17 00:18 - 2013-11-17 00:18 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Broken Sword 2.5
2013-11-16 23:26 - 2013-11-18 14:52 - 00000000 ____D C:\Program Files (x86)\Broken Sword 2.5
2013-11-16 20:18 - 2013-11-18 14:52 - 00000000 ____D C:\Users\Florian\AppData\Roaming\ScummVM
2013-11-16 20:18 - 2013-11-18 14:52 - 00000000 ____D C:\Program Files (x86)\ScummVM
2013-11-16 09:06 - 2013-11-16 21:06 - 00000000 ____D C:\Users\Florian\AppData\Local\{9280C9E6-E9FE-460A-A53A-C7F3A0594D16}
2013-11-15 09:05 - 2013-11-15 21:06 - 00000000 ____D C:\Users\Florian\AppData\Local\{03B92C1A-87E0-4A47-976F-09C8D44A5EB8}
2013-11-14 21:05 - 2013-11-14 21:05 - 00000000 ____D C:\Users\Florian\AppData\Local\{3E363C14-EB24-4369-AE57-018660CE5D7A}
2013-11-14 11:13 - 2013-11-18 14:52 - 00000000 ____D C:\Program Files (x86)\Gamesgames.com
2013-11-14 11:13 - 2013-11-14 11:13 - 00000000 _____ C:\END
2013-11-14 09:05 - 2013-11-14 09:05 - 00000000 ____D C:\Users\Florian\AppData\Local\{110C282D-BF6D-4C94-8709-BC56152C64D4}
2013-11-13 21:04 - 2013-11-13 21:04 - 00000000 ____D C:\Users\Florian\AppData\Local\{13B381CB-8EF1-4358-B683-536249DD9288}
2013-11-13 16:00 - 2013-11-13 16:00 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-11-13 15:59 - 2013-11-18 14:52 - 00000000 ____D C:\Program Files (x86)\Shockwave.com
2013-11-13 15:59 - 2013-11-13 15:59 - 00001229 _____ C:\Users\Public\Desktop\Farm Frenzy - Ancient Rome.lnk
2013-11-13 09:04 - 2013-11-13 09:04 - 00000000 ____D C:\Users\Florian\AppData\Local\{F7679D7E-5416-41A7-92FD-B100157C346F}
2013-11-13 07:43 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 07:43 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 07:42 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 07:42 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:42 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 07:42 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 07:42 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 07:42 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 07:42 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 07:42 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 07:42 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 07:42 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 07:42 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 07:42 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 07:42 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 07:42 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 07:42 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 07:42 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 07:42 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 07:42 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 07:42 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 07:42 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 07:42 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 07:42 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 07:42 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 07:42 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 07:42 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 07:42 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 07:42 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 07:42 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 21:03 - 2013-11-12 21:03 - 00000000 ____D C:\Users\Florian\AppData\Local\{1FE009A8-5C21-49A5-BE07-1515487CE5B1}
2013-11-12 14:27 - 2013-11-13 15:19 - 00000000 ____D C:\Program Files (x86)\FarmFrenzyAncientRome_at
2013-11-12 09:24 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-12 09:21 - 2013-11-12 09:21 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 09:21 - 2013-11-12 09:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 09:21 - 2013-11-12 09:21 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 09:21 - 2013-11-12 09:21 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 09:21 - 2013-11-12 09:21 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 09:21 - 2013-11-12 09:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 09:21 - 2013-11-12 09:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 09:21 - 2013-11-12 09:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 09:21 - 2013-11-12 09:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 09:21 - 2013-11-12 09:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 09:21 - 2013-11-12 09:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 09:20 - 2013-11-12 09:24 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-12 09:03 - 2013-11-12 09:03 - 00000000 ____D C:\Users\Florian\AppData\Local\{ADE48B51-3BE2-4F2E-A9E6-0410DDA6C277}
2013-11-11 11:26 - 2013-11-18 14:53 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CasualGameBox
2013-11-11 09:02 - 2013-11-11 21:03 - 00000000 ____D C:\Users\Florian\AppData\Local\{11E9A68F-79BA-4EF0-BBF2-784408D5A22D}
2013-11-10 09:02 - 2013-11-10 21:02 - 00000000 ____D C:\Users\Florian\AppData\Local\{F2314A83-714C-4D3C-B6AE-94FADCA8BC29}
2013-11-09 08:47 - 2013-11-09 20:47 - 00000000 ____D C:\Users\Florian\AppData\Local\{86D8FE36-DD4B-490E-9D43-FB4A0ADDA4DF}
2013-11-08 13:06 - 2013-11-08 13:06 - 00000106 ____H C:\Users\Florian\Documents\.~lock.Feedback-Sheet-Short-Essays-and-Term-Paper.doc#
2013-11-08 08:46 - 2013-11-08 20:46 - 00000000 ____D C:\Users\Florian\AppData\Local\{783A174E-0A70-4D0D-A67B-A550F015E504}
2013-11-07 20:45 - 2013-11-07 20:46 - 00000000 ____D C:\Users\Florian\AppData\Local\{2A452E0A-7952-4D65-94C7-3B41DCF03334}
2013-11-07 10:10 - 2013-11-07 10:10 - 00000000 ____D C:\Users\Public\Documents\FarmFrenzy3_Madagascar
2013-11-07 08:45 - 2013-11-07 08:45 - 00000000 ____D C:\Users\Florian\AppData\Local\{EA68DE84-6EF1-4B92-B48F-793234D6C961}
2013-11-06 20:44 - 2013-11-06 20:45 - 00000000 ____D C:\Users\Florian\AppData\Local\{3D84F73B-8274-4F22-A124-E128F88DC791}
2013-11-06 18:39 - 2013-11-06 18:39 - 00001304 _____ C:\Users\Florian\Desktop\Notepad.lnk
2013-11-06 08:44 - 2013-11-06 08:44 - 00000000 ____D C:\Users\Florian\AppData\Local\{48E68A34-F713-42AA-93EA-1E20746723C5}
2013-11-05 20:43 - 2013-11-05 20:44 - 00000000 ____D C:\Users\Florian\AppData\Local\{DB4112C4-823F-4121-A3CD-B648D8325928}
2013-11-05 08:43 - 2013-11-05 08:43 - 00000000 ____D C:\Users\Florian\AppData\Local\{D97B95CF-507E-4184-84B2-0AFD5BEDDC96}
2013-11-04 20:43 - 2013-11-04 20:43 - 00000000 ____D C:\Users\Florian\AppData\Local\{1CF64D91-AD8E-459F-8B00-6A8732AA95C8}
2013-11-04 18:02 - 2013-11-18 15:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-04 12:42 - 2013-11-04 12:42 - 00000000 ____D C:\ProgramData\FarmFrenzy3_America
2013-11-04 08:42 - 2013-11-04 08:42 - 00000000 ____D C:\Users\Florian\AppData\Local\{A08ABFE3-F435-4F03-A851-F862A93184FC}
2013-11-03 15:15 - 2013-11-03 15:22 - 00000000 ____D C:\Users\Florian\AppData\Roaming\.minecraft
2013-11-03 08:42 - 2013-11-03 20:42 - 00000000 ____D C:\Users\Florian\AppData\Local\{9E609033-8F53-406A-8435-2A2432B77C1E}
2013-11-02 08:09 - 2013-11-02 20:09 - 00000000 ____D C:\Users\Florian\AppData\Local\{5AACE0AF-080C-486C-A498-78ABEA1C49CC}
2013-11-01 09:10 - 2013-11-01 09:10 - 00000000 ____D C:\Users\Florian\AppData\Local\PunkBuster
2013-11-01 08:39 - 2013-11-01 08:45 - 00000000 ____D C:\Users\Florian\AppData\Local\Ubisoft Game Launcher
2013-11-01 07:48 - 2013-11-01 19:49 - 00000000 ____D C:\Users\Florian\AppData\Local\{49242743-960C-4405-AB06-263D921FFBB9}
2013-10-31 19:48 - 2013-10-31 19:48 - 00000000 ____D C:\Users\Florian\AppData\Local\{6BBC8C21-B041-41EB-85B2-97D73211712E}
2013-10-31 07:47 - 2013-10-31 07:47 - 00000000 ____D C:\Users\Florian\AppData\Local\{C2942D9C-C5F7-4ACE-B337-A245565970F8}
2013-10-30 19:47 - 2013-10-30 19:47 - 00000000 ____D C:\Users\Florian\AppData\Local\{E77521B3-ABDC-4B20-AC73-06166F3935A9}
2013-10-30 17:55 - 2013-10-30 17:55 - 00016964 _____ C:\Users\Florian\Documents\Anschrift2.odt
2013-10-30 16:20 - 2013-11-04 10:18 - 00000000 ____D C:\ProgramData\FarmFrenzy3_Madagascar
2013-10-30 16:01 - 2013-10-30 16:13 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Farm Girl am Nil
2013-10-30 07:46 - 2013-10-30 07:47 - 00000000 ____D C:\Users\Florian\AppData\Local\{99AE3FB5-7D8A-4B8E-B83C-1F55914F126E}
2013-10-29 19:35 - 2013-10-29 19:35 - 00000000 ____D C:\Users\Florian\AppData\Local\{C6BC6EB2-4049-4A43-8478-2ACA82ED1880}
2013-10-29 07:34 - 2013-10-29 07:34 - 00000000 ____D C:\Users\Florian\AppData\Local\{9304F45B-67EA-41F7-A076-F9462868609F}
2013-10-28 12:51 - 2013-10-28 12:51 - 00000000 ____D C:\Users\Florian\AppData\Local\{3C3826ED-7D08-41BE-8CFB-47800CDA95C1}
2013-10-27 11:02 - 2013-10-27 23:02 - 00000000 ____D C:\Users\Florian\AppData\Local\{692A6ADF-7093-4EFE-B407-7B4D6DF07969}
2013-10-26 11:01 - 2013-10-26 23:02 - 00000000 ____D C:\Users\Florian\AppData\Local\{D3C9E4B3-424D-4E86-B5BE-90DD3CB589E3}
2013-10-25 11:56 - 2013-10-29 11:55 - 00000000 ____D C:\Program Files (x86)\FF3RussianRoulette_at
2013-10-25 11:01 - 2013-10-25 23:01 - 00000000 ____D C:\Users\Florian\AppData\Local\{A84BD354-4FB7-4569-99A4-3BA757F6B910}
2013-10-24 23:00 - 2013-10-24 23:00 - 00000000 ____D C:\Users\Florian\AppData\Local\{5FF2F49F-84AB-4DF4-BD68-AD2820B8B2D9}
2013-10-24 11:00 - 2013-10-24 11:00 - 00000000 ____D C:\Users\Florian\AppData\Local\{8F055FC7-C1D3-4BBE-810B-5C79DC9B1A5D}
2013-10-24 10:21 - 2013-11-06 11:30 - 00003160 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-10-23 17:31 - 2013-10-23 17:31 - 00000000 ____D C:\Users\Public\Documents\FarmFrenzy3_Russia
2013-10-23 17:30 - 2013-11-07 12:04 - 00003364 _____ C:\Windows\System32\Tasks\RunAsStdUser Task
2013-10-23 17:30 - 2013-11-07 12:04 - 00000000 ____D C:\ProgramData\PogoDGC
2013-10-23 17:05 - 2013-10-23 17:06 - 00000000 ____D C:\ProgramData\FarmFrenzy3
2013-10-23 16:59 - 2013-10-30 14:13 - 00012631 _____ C:\Users\Florian\Documents\Praktikum 2.odt
2013-10-23 10:59 - 2013-10-23 23:00 - 00000000 ____D C:\Users\Florian\AppData\Local\{0EE81E0A-8B23-44D6-A418-1B43D40CE120}
2013-10-22 10:58 - 2013-10-22 22:59 - 00000000 ____D C:\Users\Florian\AppData\Local\{E2FB0C43-47D3-4625-B9B5-28DAC6C96A11}
2013-10-21 16:31 - 2013-10-21 16:31 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 16:31 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-21 16:31 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-21 16:31 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-21 16:31 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-21 16:30 - 2013-10-21 16:31 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-21 13:19 - 2013-10-21 13:40 - 00000000 ____D C:\ProgramData\FarmFrenzy3_Russia
2013-10-21 10:58 - 2013-10-21 22:58 - 00000000 ____D C:\Users\Florian\AppData\Local\{3DCFF790-7CC9-4182-998E-524E90413949}
2013-10-21 09:28 - 2013-11-11 14:16 - 00000000 ____D C:\Program Files (x86)\BoontyGames
2013-10-21 09:26 - 2013-10-21 09:26 - 00000000 ____D C:\Boonty
2013-10-20 10:57 - 2013-10-20 22:57 - 00000000 ____D C:\Users\Florian\AppData\Local\{21E645C1-A76B-4009-B394-88725FA5095E}
2013-10-19 10:56 - 2013-10-19 22:56 - 00000000 ____D C:\Users\Florian\AppData\Local\{FFB565E4-AD55-44F3-AA09-08FC453EB188}

==================== One Month Modified Files and Folders =======

2013-11-18 16:05 - 2013-11-18 16:05 - 00019568 _____ C:\Users\Florian_2\Desktop\FRST.txt
2013-11-18 16:00 - 2013-11-18 16:00 - 00000000 ____D C:\Users\Florian_2\AppData\Local\Adobe
2013-11-18 16:00 - 2013-11-18 14:44 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\Adobe
2013-11-18 15:52 - 2013-11-18 15:52 - 00000000 ____D C:\FRST
2013-11-18 15:52 - 2013-11-18 15:51 - 01958026 _____ (Farbar) C:\Users\Florian_2\Desktop\FRST64.exe
2013-11-18 15:49 - 2013-11-18 15:49 - 00602112 _____ (OldTimer Tools) C:\Users\Florian_2\Desktop\OTL.exe
2013-11-18 15:40 - 2013-11-18 15:40 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\Malwarebytes
2013-11-18 15:38 - 2013-11-18 15:38 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Florian_2\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 15:20 - 2013-11-04 18:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 15:18 - 2012-08-23 07:00 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-18 15:15 - 2013-11-18 15:15 - 00138904 _____ C:\Users\Florian_2\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-18 15:15 - 2012-10-09 22:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-18 15:10 - 2013-11-18 14:58 - 00000000 ____D C:\Users\Florian_2\AppData\Local\Mozilla
2013-11-18 15:10 - 2012-08-23 07:00 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-18 15:08 - 2013-11-18 15:08 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\HpUpdate
2013-11-18 15:08 - 2013-11-18 15:08 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\Avira
2013-11-18 15:04 - 2013-11-18 15:04 - 00000000 ____D C:\Users\Florian_2\AppData\Local\Apple
2013-11-18 15:03 - 2012-08-23 07:00 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-18 15:02 - 2012-02-24 15:59 - 00000000 ____D C:\ProgramData\clear.fi
2013-11-18 15:01 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-18 15:01 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-18 15:00 - 2011-11-23 21:33 - 01452848 _____ C:\Windows\WindowsUpdate.log
2013-11-18 15:00 - 2011-11-19 19:33 - 00699416 _____ C:\Windows\system32\perfh007.dat
2013-11-18 15:00 - 2011-11-19 19:33 - 00149556 _____ C:\Windows\system32\perfc007.dat
2013-11-18 15:00 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-18 14:58 - 2013-11-18 14:58 - 00000000 ____D C:\Users\Florian_2\AppData\Roaming\Mozilla
2013-11-18 14:58 - 2013-11-18 14:58 - 00000000 ____D C:\Users\Florian_2\AppData\Local\Macromedia
2013-11-18 14:57 - 2013-11-18 14:57 - 00000355 _____ C:\Users\Florian_2\Desktop\Arbeitsplatz.lnk
2013-11-18 14:57 - 2012-09-14 06:13 - 00001425 _____ C:\Users\Florian_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-18 14:57 - 2012-09-14 06:13 - 00000000 ___RD C:\Users\Florian_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-18 14:57 - 2012-09-14 06:13 - 00000000 ___RD C:\Users\Florian_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-18 14:55 - 2013-11-18 14:55 - 00000000 ____D C:\Users\Florian\AppData\Local\{DDC9375A-284B-4708-962D-C1BAEB0FCFDA}
2013-11-18 14:54 - 2012-02-24 19:38 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-18 14:54 - 2012-02-24 15:17 - 00000000 ____D C:\Users\Florian
2013-11-18 14:54 - 2011-11-23 21:36 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-18 14:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-18 14:54 - 2009-07-14 05:51 - 00101438 _____ C:\Windows\setupact.log
2013-11-18 14:53 - 2013-11-11 11:26 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CasualGameBox
2013-11-18 14:53 - 2013-05-23 05:57 - 00000000 ____D C:\Users\Florian\AppData\Local\clear.fi
2013-11-18 14:53 - 2012-09-14 06:12 - 00000000 ____D C:\Users\Florian_2
2013-11-18 14:53 - 2012-02-28 16:50 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Notepad++
2013-11-18 14:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-18 14:52 - 2013-11-18 12:25 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farm Frenzy - Frische Fische
2013-11-18 14:52 - 2013-11-18 12:25 - 00000000 ____D C:\Program Files (x86)\Farm Frenzy - Frische Fische
2013-11-18 14:52 - 2013-11-18 12:05 - 00000000 ____D C:\Users\Florian\AppData\Local\Temp711f7a3e2997334f02e27ab2d747ea0c_
2013-11-18 14:52 - 2013-11-18 12:02 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempb3f88457adf499c9cba560d11c9727b6
2013-11-18 14:52 - 2013-11-18 12:02 - 00000000 ____D C:\Users\Florian\AppData\Local\Temp711f7a3e2997334f02e27ab2d747ea0c
2013-11-18 14:52 - 2013-11-18 11:38 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Windows Net Data
2013-11-18 14:52 - 2013-11-18 11:26 - 00000000 ____D C:\Program Files (x86)\Alawar Elements
2013-11-18 14:52 - 2013-11-16 23:26 - 00000000 ____D C:\Program Files (x86)\Broken Sword 2.5
2013-11-18 14:52 - 2013-11-16 20:18 - 00000000 ____D C:\Users\Florian\AppData\Roaming\ScummVM
2013-11-18 14:52 - 2013-11-16 20:18 - 00000000 ____D C:\Program Files (x86)\ScummVM
2013-11-18 14:52 - 2013-11-14 11:13 - 00000000 ____D C:\Program Files (x86)\Gamesgames.com
2013-11-18 14:52 - 2013-11-13 15:59 - 00000000 ____D C:\Program Files (x86)\Shockwave.com
2013-11-18 14:52 - 2013-10-16 10:39 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-11-18 14:52 - 2012-11-06 17:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 14:52 - 2012-11-06 17:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 14:52 - 2012-05-07 12:42 - 00000000 ____D C:\Program Files (x86)\CasualGameBox
2013-11-18 14:52 - 2012-05-03 10:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-18 14:52 - 2012-03-03 10:58 - 00000000 ____D C:\ProgramData\AlawarWrapper
2013-11-18 14:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-18 14:51 - 2012-03-19 10:55 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2013-11-18 12:39 - 2013-11-18 12:26 - 00000000 ____D C:\ProgramData\Farm Fishes
2013-11-18 12:18 - 2013-10-07 08:32 - 00000000 ____D C:\BigFishCache
2013-11-18 12:07 - 2013-11-18 12:07 - 00000000 ____D C:\Users\Florian\AppData\Local\DoNotTrackPlus
2013-11-18 11:38 - 2013-11-18 11:38 - 00000000 ____D C:\ProgramData\CheckPoint
2013-11-18 11:38 - 2013-11-18 11:38 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2013-11-18 11:38 - 2013-11-18 11:38 - 00000000 ____D C:\Program Files (x86)\Check Point Software Technologies LTD
2013-11-18 11:25 - 2013-11-18 11:25 - 00000000 ____D C:\Program Files (x86)\Alawar
2013-11-18 09:08 - 2013-11-18 09:07 - 00000000 ____D C:\Users\Florian\AppData\Local\{64100A0A-05E7-4149-9A60-F45BD34F0B49}
2013-11-17 21:07 - 2013-11-17 09:07 - 00000000 ____D C:\Users\Florian\AppData\Local\{CB99D928-7CB5-4471-99D6-739D9D5D53E5}
2013-11-17 00:18 - 2013-11-17 00:18 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Broken Sword 2.5
2013-11-16 21:06 - 2013-11-16 09:06 - 00000000 ____D C:\Users\Florian\AppData\Local\{9280C9E6-E9FE-460A-A53A-C7F3A0594D16}
2013-11-15 21:06 - 2013-11-15 09:05 - 00000000 ____D C:\Users\Florian\AppData\Local\{03B92C1A-87E0-4A47-976F-09C8D44A5EB8}
2013-11-14 21:05 - 2013-11-14 21:05 - 00000000 ____D C:\Users\Florian\AppData\Local\{3E363C14-EB24-4369-AE57-018660CE5D7A}
2013-11-14 11:13 - 2013-11-14 11:13 - 00000000 _____ C:\END
2013-11-14 09:05 - 2013-11-14 09:05 - 00000000 ____D C:\Users\Florian\AppData\Local\{110C282D-BF6D-4C94-8709-BC56152C64D4}
2013-11-13 21:04 - 2013-11-13 21:04 - 00000000 ____D C:\Users\Florian\AppData\Local\{13B381CB-8EF1-4358-B683-536249DD9288}
2013-11-13 16:00 - 2013-11-13 16:00 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-11-13 15:59 - 2013-11-13 15:59 - 00001229 _____ C:\Users\Public\Desktop\Farm Frenzy - Ancient Rome.lnk
2013-11-13 15:59 - 2012-05-07 12:47 - 00000000 ____D C:\Users\Florian\AppData\Roaming\OpenCandy
2013-11-13 15:54 - 2013-08-09 11:55 - 00000000 ____D C:\Zylom Games
2013-11-13 15:22 - 2013-10-08 14:08 - 00000000 ____D C:\ProgramData\Oberon Media
2013-11-13 15:22 - 2012-08-24 11:31 - 00000000 ____D C:\Program Files (x86)\Oberon Media SIDR
2013-11-13 15:21 - 2012-05-29 10:29 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Oberon Media
2013-11-13 15:19 - 2013-11-12 14:27 - 00000000 ____D C:\Program Files (x86)\FarmFrenzyAncientRome_at
2013-11-13 13:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-13 09:04 - 2013-11-13 09:04 - 00000000 ____D C:\Users\Florian\AppData\Local\{F7679D7E-5416-41A7-92FD-B100157C346F}
2013-11-13 08:36 - 2013-07-24 23:41 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 08:33 - 2012-02-26 10:22 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 07:35 - 2010-11-21 04:47 - 00456188 _____ C:\Windows\PFRO.log
2013-11-12 21:03 - 2013-11-12 21:03 - 00000000 ____D C:\Users\Florian\AppData\Local\{1FE009A8-5C21-49A5-BE07-1515487CE5B1}
2013-11-12 14:24 - 2012-02-24 19:04 - 00000000 ____D C:\Games
2013-11-12 13:45 - 2012-02-26 10:23 - 00000000 ____D C:\Users\Florian\AppData\Local\Windows Live
2013-11-12 10:15 - 2012-03-01 10:04 - 00062152 _____ C:\Windows\wininit.ini
2013-11-12 09:37 - 2012-02-24 15:20 - 00001425 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-12 09:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-12 09:24 - 2013-11-12 09:20 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-12 09:21 - 2013-11-12 09:21 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 09:21 - 2013-11-12 09:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 09:21 - 2013-11-12 09:21 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 09:21 - 2013-11-12 09:21 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 09:21 - 2013-11-12 09:21 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 09:21 - 2013-11-12 09:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 09:21 - 2013-11-12 09:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 09:21 - 2013-11-12 09:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 09:21 - 2013-11-12 09:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 09:21 - 2013-11-12 09:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 09:21 - 2013-11-12 09:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 09:21 - 2013-11-12 09:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 09:21 - 2013-11-12 09:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 09:03 - 2013-11-12 09:03 - 00000000 ____D C:\Users\Florian\AppData\Local\{ADE48B51-3BE2-4F2E-A9E6-0410DDA6C277}
2013-11-11 21:03 - 2013-11-11 09:02 - 00000000 ____D C:\Users\Florian\AppData\Local\{11E9A68F-79BA-4EF0-BBF2-784408D5A22D}
2013-11-11 14:16 - 2013-10-21 09:28 - 00000000 ____D C:\Program Files (x86)\BoontyGames
2013-11-10 21:02 - 2013-11-10 09:02 - 00000000 ____D C:\Users\Florian\AppData\Local\{F2314A83-714C-4D3C-B6AE-94FADCA8BC29}
2013-11-09 20:47 - 2013-11-09 08:47 - 00000000 ____D C:\Users\Florian\AppData\Local\{86D8FE36-DD4B-490E-9D43-FB4A0ADDA4DF}
2013-11-08 20:46 - 2013-11-08 08:46 - 00000000 ____D C:\Users\Florian\AppData\Local\{783A174E-0A70-4D0D-A67B-A550F015E504}
2013-11-08 13:06 - 2013-11-08 13:06 - 00000106 ____H C:\Users\Florian\Documents\.~lock.Feedback-Sheet-Short-Essays-and-Term-Paper.doc#
2013-11-07 20:46 - 2013-11-07 20:45 - 00000000 ____D C:\Users\Florian\AppData\Local\{2A452E0A-7952-4D65-94C7-3B41DCF03334}
2013-11-07 12:04 - 2013-10-23 17:30 - 00003364 _____ C:\Windows\System32\Tasks\RunAsStdUser Task
2013-11-07 12:04 - 2013-10-23 17:30 - 00000000 ____D C:\ProgramData\PogoDGC
2013-11-07 10:10 - 2013-11-07 10:10 - 00000000 ____D C:\Users\Public\Documents\FarmFrenzy3_Madagascar
2013-11-07 10:05 - 2013-10-08 12:35 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2013-11-07 10:05 - 2012-07-04 12:16 - 00000000 ____D C:\Users\Florian\AppData\Roaming\WildTangent
2013-11-07 10:05 - 2011-07-11 04:39 - 00000000 ____D C:\ProgramData\WildTangent
2013-11-07 08:45 - 2013-11-07 08:45 - 00000000 ____D C:\Users\Florian\AppData\Local\{EA68DE84-6EF1-4B92-B48F-793234D6C961}
2013-11-06 23:20 - 2013-06-19 12:35 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-06 20:45 - 2013-11-06 20:44 - 00000000 ____D C:\Users\Florian\AppData\Local\{3D84F73B-8274-4F22-A124-E128F88DC791}
2013-11-06 18:39 - 2013-11-06 18:39 - 00001304 _____ C:\Users\Florian\Desktop\Notepad.lnk
2013-11-06 16:04 - 2013-05-22 13:16 - 00000000 ____D C:\Users\Florian\AppData\Local\VirtualStore
2013-11-06 11:30 - 2013-10-24 10:21 - 00003160 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-11-06 08:44 - 2013-11-06 08:44 - 00000000 ____D C:\Users\Florian\AppData\Local\{48E68A34-F713-42AA-93EA-1E20746723C5}
2013-11-05 20:44 - 2013-11-05 20:43 - 00000000 ____D C:\Users\Florian\AppData\Local\{DB4112C4-823F-4121-A3CD-B648D8325928}
2013-11-05 08:43 - 2013-11-05 08:43 - 00000000 ____D C:\Users\Florian\AppData\Local\{D97B95CF-507E-4184-84B2-0AFD5BEDDC96}
2013-11-04 20:43 - 2013-11-04 20:43 - 00000000 ____D C:\Users\Florian\AppData\Local\{1CF64D91-AD8E-459F-8B00-6A8732AA95C8}
2013-11-04 12:42 - 2013-11-04 12:42 - 00000000 ____D C:\ProgramData\FarmFrenzy3_America
2013-11-04 10:18 - 2013-10-30 16:20 - 00000000 ____D C:\ProgramData\FarmFrenzy3_Madagascar
2013-11-04 08:42 - 2013-11-04 08:42 - 00000000 ____D C:\Users\Florian\AppData\Local\{A08ABFE3-F435-4F03-A851-F862A93184FC}
2013-11-03 20:42 - 2013-11-03 08:42 - 00000000 ____D C:\Users\Florian\AppData\Local\{9E609033-8F53-406A-8435-2A2432B77C1E}
2013-11-03 15:22 - 2013-11-03 15:15 - 00000000 ____D C:\Users\Florian\AppData\Roaming\.minecraft
2013-11-02 20:09 - 2013-11-02 08:09 - 00000000 ____D C:\Users\Florian\AppData\Local\{5AACE0AF-080C-486C-A498-78ABEA1C49CC}
2013-11-02 12:43 - 2013-06-19 12:46 - 00000000 ____D C:\Users\Florian\Documents\Screenshots
2013-11-01 19:49 - 2013-11-01 07:48 - 00000000 ____D C:\Users\Florian\AppData\Local\{49242743-960C-4405-AB06-263D921FFBB9}
2013-11-01 15:28 - 2013-05-23 10:10 - 00000000 ____D C:\Users\Florian\AppData\Local\Paint.NET
2013-11-01 12:35 - 2012-06-21 13:34 - 00000000 ____D C:\Users\Florian\Documents\Politik Simulator 2 - Rulers of Nations
2013-11-01 09:10 - 2013-11-01 09:10 - 00000000 ____D C:\Users\Florian\AppData\Local\PunkBuster
2013-11-01 09:10 - 2013-04-18 18:54 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-01 09:10 - 2013-04-04 19:39 - 00280976 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-01 08:45 - 2013-11-01 08:39 - 00000000 ____D C:\Users\Florian\AppData\Local\Ubisoft Game Launcher
2013-10-31 19:48 - 2013-10-31 19:48 - 00000000 ____D C:\Users\Florian\AppData\Local\{6BBC8C21-B041-41EB-85B2-97D73211712E}
2013-10-31 10:46 - 2012-03-02 11:59 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-10-31 07:47 - 2013-10-31 07:47 - 00000000 ____D C:\Users\Florian\AppData\Local\{C2942D9C-C5F7-4ACE-B337-A245565970F8}
2013-10-30 19:47 - 2013-10-30 19:47 - 00000000 ____D C:\Users\Florian\AppData\Local\{E77521B3-ABDC-4B20-AC73-06166F3935A9}
2013-10-30 17:55 - 2013-10-30 17:55 - 00016964 _____ C:\Users\Florian\Documents\Anschrift2.odt
2013-10-30 17:55 - 2012-09-28 17:07 - 00014670 _____ C:\Users\Florian\Documents\Lebenfabi.odt
2013-10-30 16:13 - 2013-10-30 16:01 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Farm Girl am Nil
2013-10-30 14:13 - 2013-10-23 16:59 - 00012631 _____ C:\Users\Florian\Documents\Praktikum 2.odt
2013-10-30 14:05 - 2013-08-13 14:28 - 00015888 _____ C:\Users\Florian\Documents\Lebenfabi Jornal.odt
2013-10-30 14:04 - 2013-08-13 14:28 - 00017104 _____ C:\Users\Florian\Documents\Anschrift Jonal.odt
2013-10-30 11:31 - 2013-03-20 19:06 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-30 07:47 - 2013-10-30 07:46 - 00000000 ____D C:\Users\Florian\AppData\Local\{99AE3FB5-7D8A-4B8E-B83C-1F55914F126E}
2013-10-29 19:35 - 2013-10-29 19:35 - 00000000 ____D C:\Users\Florian\AppData\Local\{C6BC6EB2-4049-4A43-8478-2ACA82ED1880}
2013-10-29 11:55 - 2013-10-25 11:56 - 00000000 ____D C:\Program Files (x86)\FF3RussianRoulette_at
2013-10-29 07:34 - 2013-10-29 07:34 - 00000000 ____D C:\Users\Florian\AppData\Local\{9304F45B-67EA-41F7-A076-F9462868609F}
2013-10-28 12:51 - 2013-10-28 12:51 - 00000000 ____D C:\Users\Florian\AppData\Local\{3C3826ED-7D08-41BE-8CFB-47800CDA95C1}
2013-10-27 23:02 - 2013-10-27 11:02 - 00000000 ____D C:\Users\Florian\AppData\Local\{692A6ADF-7093-4EFE-B407-7B4D6DF07969}
2013-10-26 23:02 - 2013-10-26 11:01 - 00000000 ____D C:\Users\Florian\AppData\Local\{D3C9E4B3-424D-4E86-B5BE-90DD3CB589E3}
2013-10-25 23:01 - 2013-10-25 11:01 - 00000000 ____D C:\Users\Florian\AppData\Local\{A84BD354-4FB7-4569-99A4-3BA757F6B910}
2013-10-24 23:00 - 2013-10-24 23:00 - 00000000 ____D C:\Users\Florian\AppData\Local\{5FF2F49F-84AB-4DF4-BD68-AD2820B8B2D9}
2013-10-24 11:00 - 2013-10-24 11:00 - 00000000 ____D C:\Users\Florian\AppData\Local\{8F055FC7-C1D3-4BBE-810B-5C79DC9B1A5D}
2013-10-23 23:00 - 2013-10-23 10:59 - 00000000 ____D C:\Users\Florian\AppData\Local\{0EE81E0A-8B23-44D6-A418-1B43D40CE120}
2013-10-23 17:31 - 2013-10-23 17:31 - 00000000 ____D C:\Users\Public\Documents\FarmFrenzy3_Russia
2013-10-23 17:06 - 2013-10-23 17:05 - 00000000 ____D C:\ProgramData\FarmFrenzy3
2013-10-22 22:59 - 2013-10-22 10:58 - 00000000 ____D C:\Users\Florian\AppData\Local\{E2FB0C43-47D3-4625-B9B5-28DAC6C96A11}
2013-10-21 22:58 - 2013-10-21 10:58 - 00000000 ____D C:\Users\Florian\AppData\Local\{3DCFF790-7CC9-4182-998E-524E90413949}
2013-10-21 16:31 - 2013-10-21 16:31 - 00000000 ____D C:\ProgramData\Oracle
2013-10-21 16:31 - 2013-10-21 16:30 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-21 16:31 - 2012-02-24 18:41 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-21 13:40 - 2013-10-21 13:19 - 00000000 ____D C:\ProgramData\FarmFrenzy3_Russia
2013-10-21 09:26 - 2013-10-21 09:26 - 00000000 ____D C:\Boonty
2013-10-20 22:57 - 2013-10-20 10:57 - 00000000 ____D C:\Users\Florian\AppData\Local\{21E645C1-A76B-4009-B394-88725FA5095E}
2013-10-19 22:56 - 2013-10-19 10:56 - 00000000 ____D C:\Users\Florian\AppData\Local\{FFB565E4-AD55-44F3-AA09-08FC453EB188}

Files to move or delete:
====================
C:\ProgramData\GC_INSTALLER.exe
C:\Users\Florian\farmfrenzy4{1220413}.exe


Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\alawar.en.single.exe
C:\Users\Florian\AppData\Local\Temp\AlawarGameBoxSetup.exe
C:\Users\Florian\AppData\Local\Temp\avgnt.exe
C:\Users\Florian\AppData\Local\Temp\bfguni.exe
C:\Users\Florian\AppData\Local\Temp\bstrapInstall.exe
C:\Users\Florian\AppData\Local\Temp\DefaultPackOffer.dll
C:\Users\Florian\AppData\Local\Temp\Gw2.exe
C:\Users\Florian\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Florian\AppData\Local\Temp\nspF00D.tmp.exe
C:\Users\Florian\AppData\Local\Temp\nszEED5.tmp.exe
C:\Users\Florian\AppData\Local\Temp\Offercast2802_MTV_.exe
C:\Users\Florian\AppData\Local\Temp\Paint.NET.3.5.11.Install.exe
C:\Users\Florian\AppData\Local\Temp\TUUUninstallHelper.exe
C:\Users\Florian_2\AppData\Local\Temp\avgnt.exe
C:\Users\Florian_2\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Florian_2\AppData\Local\Temp\drm_dyndata_7380013.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 12:35

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 18.11.2013, 15:34   #4
Thure
 
Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter) - Standard

Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)



Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2013 02
Ran by Florian_2 at 2013-11-18 16:06:09
Running from C:\Users\Florian_2\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 clear.fi  (x32 Version: 1.5.1717_38186)
 clear.fi  (x32 Version: 9.0.8031)
A New Beginning (x32 Version: 1.2.1)
A Vampyre Story (x32)
Acer eRecovery Management (x32 Version: 5.00.3505)
Acer Registration (x32 Version: 1.04.3503)
Acer ScreenSaver (x32 Version: 1.1.0609.2011)
Acer Updater (x32 Version: 1.02.3500)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (x32 Version: 15.4.5722.2)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2)
Adobe AIR (x32 Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Age of Pirates 2: City of Abandoned Ships ver.1.3.0 (x32)
Ahnenblatt 2.70 (x32 Version: 2.70.0.0)
ANNO 1602 (x32 Version: 1.05)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
Arcanum (x32 Version: 1.0.6.4)
Arsenal of Democracy (x32)
ArtMoney SE v7.40 (x32 Version: 7.40)
Assassin's Creed (x32 Version: 1.02)
Assassin's Creed Brotherhood (x32 Version: 1.03)
Assassin's Creed II (x32 Version: 1.01)
Assassin's Creed Revelations 1.03 (x32 Version: 1.03)
AutoREALM Version 2.2.1 (x32)
Avira Free Antivirus (x32 Version: 14.0.1.719)
Babylon toolbar on IE (x32)
Baldur's Gate (x32)
Baldurs Gate(TM) II - Thron des Bhaal (TM) (x32)
Battle Realms Complete (x32)
Big Fish: Game Manager (x32 Version: 3.2.0.6)
Bing Bar (x32 Version: 7.2.241.0)
BioShock Demo (x32 Version: 1.09.0000)
Bitmap Font Generator (x32)
Bridge Constructor v1.2 (x32 Version: 1.2)
Bully: Scholarship Edition (x32)
Castlevania: Lords of Shadow - Ultimate Edition DEMO (x32)
Chaos on Deponia (x32 Version: 2.0.0.3)
clear.fi (x32 Version: 1.5.2212.35)
clear.fi Client (x32 Version: 1.05.3002)
Common RTP 1.0 (x32)
Complément Messenger (x32 Version: 15.4.3502.0922)
Complemento Messenger (x32 Version: 15.4.3502.0922)
Complitly (x32)
ContentMod_GD1.1 (x32)
ContentMod2.3 (x32)
ContentMod2.6 (x32)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Control ActiveX del Windows Live Mesh per a connexions remotes (x32 Version: 15.4.5722.2)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (x32 Version: 15.4.5722.2)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
Crusader Kings (x32)
Crusader Kings II version 1.111 (x32 Version: 1.111)
D3DX10 (x32 Version: 15.4.2368.0902)
Darkest Hour (x32)
Das Geheimnis der Mumie (x32 Version: 1.00.0000)
Das Spiel des Lebens (x32)
DAZ Content Management Service (x32 Version: 4.8.1.7)
DAZ Studio 4 (64bit) (x32 Version: 4.0.3.47)
DDS Converter 2.1 (x32)
Deponia (x32 Version: 2.0.0.6)
Deponia Demo (x32 Version: 1.0)
Der Clou!2 (x32)
Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta (x32 Version: 1.16.2)
Die Sims™ 3 (x32 Version: 1.42.130)
Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86)
Die Sims™ 3 Stadt-Accessoires (x32 Version: 9.0.73)
Die Sims Mittelalter (x32 Version: 2.0.113)
Divine Wind Version 5.1 (x32 Version: 5.1)
DivX-Setup (x32 Version: 2.6.1.9)
Doplnok programu Messenger (x32 Version: 15.4.3502.0922)
DS4 Default Content (x32 Version: 4.0.0.19)
Eastern - Anno Domini 1400 Sprite Pack (x32)
Edna Bricht Aus (x32 Version: 1.0)
Etron USB3.0 Host Controller (x32 Version: 0.103)
Europa Universalis - Rome (x32)
Europa Universalis III (x32)
Europa Universalis III Enlightenment Spritepack (x32)
Europa Universalis III Medieval Spritepack (x32)
Europa Universalis III Reformation Spritepack (x32)
Europa Universalis III Revolution Spritepack (x32)
Europa Universalis IV Demo (x32)
Evernote v. 4.5.1 (x32 Version: 4.5.1.5451)
Fable - The Lost Chapters (x32)
Face Noir (x32 Version: 1.0)
Face Noir Demo (x32 Version: 1.0)
Fallout (x32 Version: 1.0)
Fallout 2 (x32)
Fallout 2 Unofficial Patch 1.02.28 (x32)
Fallout 3 - Game of the Year Edition (x32)
Fallout 3 - The Garden of Eden Creation Kit (x32 Version: 1.00.0000)
Fallout: New Vegas (x32)
Farm Frenzy: Ancient Rome (x32 Version: 32.0.0.0)
FileZilla Client 3.7.3 (x32 Version: 3.7.3)
Fooz Kids (x32 Version: 3.0.8)
Fooz Kids Platform (x32 Version: 2.1)
For the Glory Demo (x32)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
G I - Die Welt der Verurteilten (mit neuen Texturen) (x32 Version: 1.03)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
GIMP 2.6.12 (x32 Version: 2.6.12)
Global Mapper 14 (64-bit) (Version: 14.00.0010)
GnuWin32: Patch-2.5.9-7 (x32 Version: 2.5.9-7)
GOG.com Downloader version 3.5.7 (x32 Version: 3.5.7)
Google Earth (x32 Version: 6.2.2.6613)
Google Update Helper (x32 Version: 1.3.21.165)
Gothic  (x32 Version: 1.0.0)
Gothic 2 Gold (x32 Version: 1.0.0)
Gothic 3 (x32 Version: 1.0.0)
Gothic III - Götterdämmerung (x32 Version: 1.00.0000)
Gothic III - Götterdämmerung 1.08.9 Patch (x32 Version: 1.0.0)
Gothic_Patch (x32)
Great Invasions v1.03c (x32)
Guild Wars 2 (x32)
Harveys Neue Augen (x32 Version: 1.1)
Hearts of Iron 3 - Demo (x32)
Hotkey Utility (x32 Version: 2.05.3505)
HP Deskjet 2510 series - Grundlegende Software für das Gerät (Version: 28.0.1313.0)
HP Deskjet 2510 series Hilfe (x32 Version: 27.0.0)
HP Deskjet 2510 series Setup Guide (x32 Version: 27.0.0)
HP Photo Creations (x32 Version: 1.0.0.7702)
HP Update (x32 Version: 5.003.003.001)
HPDiagnosticAlert (x32 Version: 1.00.0000)
Icewind Dale - Herz des Winters (x32)
Icewind Dale (x32)
Icewind Dale II (x32 Version: 1.00.000)
Identity Card (x32 Version: 1.00.3501)
Inkscape 0.48.2 (x32 Version: 0.48.2)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.0.1008)
Java 7 Update 45 (x32 Version: 7.0.450)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 27 (64-bit) (Version: 6.0.270)
Java(TM) 6 Update 33 (x32 Version: 6.0.330)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Jojo’s Fashion Show (x32 Version: 0.0.0.0)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Karthago 2 (x32 Version: 0.0.0.0)
Katawa Shoujo (x32)
Katawa Shoujo Act 1 (x32)
Knights Of Honor (x32 Version: 1.00)
Kontrola Windows Live Mesh ActiveX za daljinske veze (x32 Version: 15.4.5722.2)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Marble (remove only) (x32)
March of the Eagles Demo (x32)
Mass Effect 2 (x32 Version: 1.00)
Mein Gutscheincode (x32 Version: 1.27.153.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Assistent (x32 Version: 15.4.3502.0922)
Messenger Companion (x32 Version: 15.4.3502.0922)
Messenger kísérő (x32 Version: 15.4.3502.0922)
Messenger Laguna (x32 Version: 15.4.3502.0922)
Messenger Suradnik (x32 Version: 15.4.3502.0922)
Messenger 分享元件 (x32 Version: 15.4.3502.0922)
Messenger-kumppani (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Windows Media Video 9 VCM (x32)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Monkey Island™ Special Edition Collection (x32 Version: 1.0.0.0)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyWinLocker (Version: 4.0.14.25)
MyWinLocker 4 (x32 Version: 4.0.14.25)
MyWinLocker Suite (x32 Version: 4.0.14.15)
Nero Control Center 10 (x32 Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Core Components 10 (x32 Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (x32 Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Express 10 (x32 Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (x32 Version: 10.5.10300)
Nero StartSmart 10 (x32 Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Update (x32 Version: 1.0.0018)
Neverwinter Nights (x32)
Neverwinter Nights 2 (x32 Version: 1.00.0000)
Norton Online Backup (x32 Version: 2.1.17869)
Notepad++ (x32 Version: 5.9.8)
NVIDIA Grafiktreiber 267.85 (Version: 267.85)
NVIDIA HD-Audiotreiber 1.2.22.1 (Version: 1.2.22.1)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Photoshop Plug-ins 64 bit (x32 Version: 8.50)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6785)
NVIDIA Systemsteuerung 267.85 (Version: 267.85)
Oblivion (x32 Version: 1.2.0416)
Oblivion Improved 1.41 (x32 Version: 1.41)
Online Games Manager v1.21 (x32 Version: 1.21.2)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Opera 12.14 (x32 Version: 12.14.1738)
Origin (x32 Version: 8.4.1.210)
Overlord II (x32 Version: 1.0)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (x32 Version: 15.4.5722.2)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (x32 Version: 15.4.5722.2)
Paint.NET v3.5.11 (Version: 3.61.0)
Patch v4.15 (x32)
Patrizier II Gold (x32)
PDF Architect (x32 Version: 1.1.83.9982)
PDF24 Creator 5.7.0 (x32)
PDFCreator (x32 Version: 1.7.0)
Pegasus Hexa Wizard (x32 Version: 1.0.2)
Planescape - Torment (x32)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Politik Simulator 2 - Rulers of Nations (x32 Version: 4.16)
Pomocnik Messenger (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
PriceGong 2.6.4 (x32 Version: 2.6.4)
Project64 1.6 (x32 Version: 1.6)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14)
PunkBuster Services (x32 Version: 0.991)
Questpaket 4 Update 2 Deinstallation (x32 Version: 4.2.0.0)
QuickTime (x32 Version: 7.74.80.86)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
RAD Video Tools (x32)
Rapoo -Tastatur- und Maustreiber V1.1 (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.45.516.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6257)
Revo Uninstaller 1.95 (x32 Version: 1.95)
RGSS-RTP Standard (x32 Version: 1.04)
Risen (x32 Version: 1.00.0000)
Risen 2 - Dark Waters (x32)
Robin Hood: The Legend of Sherwood (x32)
Rome - Total War - Gold Edition (x32 Version: 1.6)
RPG Maker 2003 v1.08 (x32)
RPG Maker VX RTP (x32 Version: 1.02)
RTK XI Demo (x32 Version: 1.00.0000)
RTL GAME CENTER (x32 Version: 1.0.0.46)
RTP for RM2K (Png, Wav, Midi, Fonts) (x32)
SecondLifeViewer (remove only) (x32)
Sengoku (x32)
Sherlock Holmes - Die Spur der Erwachten Remastered (x32 Version: 1.00.0777)
Shogun - Total War - Gold Edition (x32 Version: 1.00.0000)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Sid Meier's Civilization IV Colonization (x32 Version: 1.00)
Sid Meier's Civilization V: Brave New World Demo (x32)
SopCast 3.5.0 (x32 Version: 3.5.0)
Space Empires V (x32)
Spremljevalec Messenger (x32 Version: 15.4.3502.0922)
Star Wars(TM): Knights of the Old Republic (TM) (x32)
Star Wars: Knights of the Old Republic II (x32)
Steam (x32 Version: 1.0.0.0)
Studie zur Verbesserung von HP Deskjet 2510 series Produkten (Version: 28.0.1313.0)
Tales of Monkey Island (x32 Version: 3.0.0.0)
The Abbey (x32)
The Book of Unwritten Tales 1.0.0.0 (x32)
The Book of Unwritten Tales: The Critter Chronicles Demo (x32)
The Witcher 2 Enhanced Edition Version 3.0 (x32 Version: 3.0)
The Witcher Enhanced Edition (x32 Version: 1.4.5.1280)
Them: The Summoning (x32 Version: 1.0.0.0)
TorchED (x32 Version: 1.0.68.226)
Torchlight (x32)
TREP v1.1 (x32)
Trillian (x32)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89)
Two Worlds II (x32 Version: 1.3.0.0)
Universe Sandbox (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Update Manager for SweetPacks 1.0 (x32 Version: 1.0.0005)
Uplay (x32 Version: 2.1)
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola (x32 Version: 15.4.5722.2)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2)
Vae Victis 2.32 (x32)
Vampire - The Masquerade - Redemption (x32)
Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Victoria - Revolutions (x32)
Victoria 2 (x32)
Victoria II A House Divided Demo Version 1.0 (x32 Version: 1.0)
VLC media player 2.0.3 (x32 Version: 2.0.3)
Vue 11 64bit (x32 Version: 11)
W541U V2.0 (x32 Version: 1.00.0000)
War of the Roses: Kingmaker (x32)
War Thunder Launcher 1.0.1.178 (x32)
Web Assistant 2.0.0.430
Welcome Center (x32 Version: 1.02.3504)
Western - Anno Domini 1400 Sprite Pack (x32)
Wildlife Park 3 v1.11 (x32)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinMerge 2.12.4 (x32 Version: 2.12.4)
WinRAR 4.10 (64-Bit) (Version: 4.10.0)
WinZip 16.0 (x32 Version: 16.0.9715)
World of Tanks (x32)
Xvid 1.2.2 final uninstall (x32 Version: 1.2)
YTD Video Downloader 4.1 (x32 Version: 4.1)
Zylom Games Player Plugin (x32)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Компаньон Messenger (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Помощник на Messenger (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
מסייע Messenger (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

08-11-2013 07:18:38 Windows Update
12-11-2013 07:09:05 Windows Update
12-11-2013 08:20:20 Windows Update
13-11-2013 07:33:16 Windows Update
13-11-2013 17:23:41 TuneUp Utilities 2014 wird entfernt
13-11-2013 17:24:18 TuneUp Utilities 2014 (de-DE) wird entfernt
18-11-2013 13:49:07 Wiederherstellungsvorgang
18-11-2013 13:58:18 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1BEECDAA-D5F0-4E0D-BA38-387BA4E15C36} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {2B3FD0A6-B949-4E97-8A5C-B516DDFDC018} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {3F681EC0-ABDA-419F-95C5-30845382B880} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe
Task: {71D499A4-E14F-450F-9033-321BCA1069D8} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {7745B302-8E73-49AD-913B-9C5768C1E3E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {822886DF-66DA-4CD3-84F4-6B723AD9A8CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {9C68E129-83B7-435D-B931-1650E857C487} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {A400F105-7815-41B5-9D31-92E81B57C61F} - \DealPlyUpdate No Task File
Task: {BDD9C90A-0EBA-426F-BED0-8707D87B7DCF} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-10-12] (CyberLink Corp.)
Task: {C0A66492-11F0-4B1A-A2CD-419F3D98ABAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C48C6C14-C8CF-42BC-9FE1-22BD1944F934} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-12] (Acer Incorporated)
Task: {D3F84472-2AF6-4361-ABD7-8D5EF5C7C964} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {DFECE80C-4D5D-49F8-83B3-B1D523FCFFFF} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [2013-09-03] (Adobe Systems Incorporated)
Task: {EEDA38FC-1A35-4B76-80E5-043C6F5EAE15} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-12] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-02-24 16:38 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-07-18 22:04 - 2011-07-18 22:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2013-08-15 10:43 - 2013-08-15 10:43 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\eb4812681f6ab4406053f3a1803e6da0\IsdiInterop.ni.dll
2011-11-23 21:40 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-08-11 04:57 - 2011-08-11 04:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2011-11-23 21:51 - 2011-10-12 11:22 - 00370984 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2013-02-26 07:24 - 2013-02-26 07:20 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-11-04 18:02 - 2013-11-04 18:02 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-23 23:20 - 2011-03-23 23:20 - 00237160 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Florian:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:00D99749
AlternateDataStreams: C:\ProgramData\Temp:00EAD0D0
AlternateDataStreams: C:\ProgramData\Temp:021703B2
AlternateDataStreams: C:\ProgramData\Temp:02CC0035
AlternateDataStreams: C:\ProgramData\Temp:041C0562
AlternateDataStreams: C:\ProgramData\Temp:0860D6D6
AlternateDataStreams: C:\ProgramData\Temp:092BD83A
AlternateDataStreams: C:\ProgramData\Temp:0C1258F3
AlternateDataStreams: C:\ProgramData\Temp:0ED1C542
AlternateDataStreams: C:\ProgramData\Temp:0F64164E
AlternateDataStreams: C:\ProgramData\Temp:10D98D98
AlternateDataStreams: C:\ProgramData\Temp:114C90CA
AlternateDataStreams: C:\ProgramData\Temp:11590865
AlternateDataStreams: C:\ProgramData\Temp:120B3AFD
AlternateDataStreams: C:\ProgramData\Temp:12258D63
AlternateDataStreams: C:\ProgramData\Temp:12D21A9A
AlternateDataStreams: C:\ProgramData\Temp:140AD176
AlternateDataStreams: C:\ProgramData\Temp:15752405
AlternateDataStreams: C:\ProgramData\Temp:1604D047
AlternateDataStreams: C:\ProgramData\Temp:164561C8
AlternateDataStreams: C:\ProgramData\Temp:16F4BC64
AlternateDataStreams: C:\ProgramData\Temp:183A9046
AlternateDataStreams: C:\ProgramData\Temp:18E3BAF3
AlternateDataStreams: C:\ProgramData\Temp:1A5822A3
AlternateDataStreams: C:\ProgramData\Temp:1B96CF22
AlternateDataStreams: C:\ProgramData\Temp:1C201DEB
AlternateDataStreams: C:\ProgramData\Temp:1CD511E5
AlternateDataStreams: C:\ProgramData\Temp:1DAAC2A7
AlternateDataStreams: C:\ProgramData\Temp:1E942FB9
AlternateDataStreams: C:\ProgramData\Temp:2043337E
AlternateDataStreams: C:\ProgramData\Temp:206470A5
AlternateDataStreams: C:\ProgramData\Temp:244E4E3A
AlternateDataStreams: C:\ProgramData\Temp:27A88EF2
AlternateDataStreams: C:\ProgramData\Temp:2A48233F
AlternateDataStreams: C:\ProgramData\Temp:2A615C9C
AlternateDataStreams: C:\ProgramData\Temp:2A874675
AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9
AlternateDataStreams: C:\ProgramData\Temp:2B40A7DB
AlternateDataStreams: C:\ProgramData\Temp:2BBC2A87
AlternateDataStreams: C:\ProgramData\Temp:2C86E2AD
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:2F474C84
AlternateDataStreams: C:\ProgramData\Temp:2F70C0B4
AlternateDataStreams: C:\ProgramData\Temp:319D783D
AlternateDataStreams: C:\ProgramData\Temp:32289BE8
AlternateDataStreams: C:\ProgramData\Temp:32EA849C
AlternateDataStreams: C:\ProgramData\Temp:35501BA4
AlternateDataStreams: C:\ProgramData\Temp:363E775E
AlternateDataStreams: C:\ProgramData\Temp:393F7B1E
AlternateDataStreams: C:\ProgramData\Temp:398EFF0F
AlternateDataStreams: C:\ProgramData\Temp:3C4BD225
AlternateDataStreams: C:\ProgramData\Temp:3D36932D
AlternateDataStreams: C:\ProgramData\Temp:3D4B733E
AlternateDataStreams: C:\ProgramData\Temp:3D922890
AlternateDataStreams: C:\ProgramData\Temp:3F266659
AlternateDataStreams: C:\ProgramData\Temp:404908B5
AlternateDataStreams: C:\ProgramData\Temp:4149A170
AlternateDataStreams: C:\ProgramData\Temp:4244811A
AlternateDataStreams: C:\ProgramData\Temp:43CBFAB2
AlternateDataStreams: C:\ProgramData\Temp:43F5FA9D
AlternateDataStreams: C:\ProgramData\Temp:474022C7
AlternateDataStreams: C:\ProgramData\Temp:48862C37
AlternateDataStreams: C:\ProgramData\Temp:4A8EB1C4
AlternateDataStreams: C:\ProgramData\Temp:4D551822
AlternateDataStreams: C:\ProgramData\Temp:4D8FCBEF
AlternateDataStreams: C:\ProgramData\Temp:4E6B8D68
AlternateDataStreams: C:\ProgramData\Temp:52C24010
AlternateDataStreams: C:\ProgramData\Temp:53BA2DF6
AlternateDataStreams: C:\ProgramData\Temp:53F09A92
AlternateDataStreams: C:\ProgramData\Temp:5539129F
AlternateDataStreams: C:\ProgramData\Temp:56FBA78D
AlternateDataStreams: C:\ProgramData\Temp:59368BB5
AlternateDataStreams: C:\ProgramData\Temp:5A9F1AE5
AlternateDataStreams: C:\ProgramData\Temp:5DCF8726
AlternateDataStreams: C:\ProgramData\Temp:5E148FDA
AlternateDataStreams: C:\ProgramData\Temp:5E73E1C2
AlternateDataStreams: C:\ProgramData\Temp:5E9B629B
AlternateDataStreams: C:\ProgramData\Temp:5FC043A8
AlternateDataStreams: C:\ProgramData\Temp:62AF94A0
AlternateDataStreams: C:\ProgramData\Temp:65137F0D
AlternateDataStreams: C:\ProgramData\Temp:6677D85A
AlternateDataStreams: C:\ProgramData\Temp:6896CCCE
AlternateDataStreams: C:\ProgramData\Temp:698AFB4D
AlternateDataStreams: C:\ProgramData\Temp:6A9CA6CB
AlternateDataStreams: C:\ProgramData\Temp:6AF6BB0E
AlternateDataStreams: C:\ProgramData\Temp:6C049F97
AlternateDataStreams: C:\ProgramData\Temp:6CF828C2
AlternateDataStreams: C:\ProgramData\Temp:6E3C585B
AlternateDataStreams: C:\ProgramData\Temp:6ECE93A8
AlternateDataStreams: C:\ProgramData\Temp:6F0B6A5A
AlternateDataStreams: C:\ProgramData\Temp:700B8E2E
AlternateDataStreams: C:\ProgramData\Temp:702A7F20
AlternateDataStreams: C:\ProgramData\Temp:70989864
AlternateDataStreams: C:\ProgramData\Temp:70BDB805
AlternateDataStreams: C:\ProgramData\Temp:774A0E14
AlternateDataStreams: C:\ProgramData\Temp:77B64C59
AlternateDataStreams: C:\ProgramData\Temp:78857621
AlternateDataStreams: C:\ProgramData\Temp:795F6DEC
AlternateDataStreams: C:\ProgramData\Temp:7ACF38DE
AlternateDataStreams: C:\ProgramData\Temp:7BFFC6A9
AlternateDataStreams: C:\ProgramData\Temp:80253E8D
AlternateDataStreams: C:\ProgramData\Temp:804A4210
AlternateDataStreams: C:\ProgramData\Temp:823606DE
AlternateDataStreams: C:\ProgramData\Temp:84C34762
AlternateDataStreams: C:\ProgramData\Temp:869C6B4A
AlternateDataStreams: C:\ProgramData\Temp:86B7FDDB
AlternateDataStreams: C:\ProgramData\Temp:8855A119
AlternateDataStreams: C:\ProgramData\Temp:8DD36B71
AlternateDataStreams: C:\ProgramData\Temp:8F76671E
AlternateDataStreams: C:\ProgramData\Temp:905BCB57
AlternateDataStreams: C:\ProgramData\Temp:9195103F
AlternateDataStreams: C:\ProgramData\Temp:927EC486
AlternateDataStreams: C:\ProgramData\Temp:9338F136
AlternateDataStreams: C:\ProgramData\Temp:94A31742
AlternateDataStreams: C:\ProgramData\Temp:95079543
AlternateDataStreams: C:\ProgramData\Temp:96372A73
AlternateDataStreams: C:\ProgramData\Temp:97AAB7F2
AlternateDataStreams: C:\ProgramData\Temp:97ECE74A
AlternateDataStreams: C:\ProgramData\Temp:98838593
AlternateDataStreams: C:\ProgramData\Temp:98CD9221
AlternateDataStreams: C:\ProgramData\Temp:A02025CE
AlternateDataStreams: C:\ProgramData\Temp:A2B3764A
AlternateDataStreams: C:\ProgramData\Temp:A4241298
AlternateDataStreams: C:\ProgramData\Temp:A42FABF7
AlternateDataStreams: C:\ProgramData\Temp:A5A18021
AlternateDataStreams: C:\ProgramData\Temp:A798AA1A
AlternateDataStreams: C:\ProgramData\Temp:A819A132
AlternateDataStreams: C:\ProgramData\Temp:A88BE334
AlternateDataStreams: C:\ProgramData\Temp:A8ADEA55
AlternateDataStreams: C:\ProgramData\Temp:A9B2AAD0
AlternateDataStreams: C:\ProgramData\Temp:AABECEFB
AlternateDataStreams: C:\ProgramData\Temp:AC0528D9
AlternateDataStreams: C:\ProgramData\Temp:AC64D9E9
AlternateDataStreams: C:\ProgramData\Temp:AD2DB2F9
AlternateDataStreams: C:\ProgramData\Temp:B139DDF3
AlternateDataStreams: C:\ProgramData\Temp:B1786630
AlternateDataStreams: C:\ProgramData\Temp:B2D32F1D
AlternateDataStreams: C:\ProgramData\Temp:B3211C67
AlternateDataStreams: C:\ProgramData\Temp:B3A5945E
AlternateDataStreams: C:\ProgramData\Temp:B65E763D
AlternateDataStreams: C:\ProgramData\Temp:B8791731
AlternateDataStreams: C:\ProgramData\Temp:B921EF48
AlternateDataStreams: C:\ProgramData\Temp:BA24E689
AlternateDataStreams: C:\ProgramData\Temp:BACB6B6C
AlternateDataStreams: C:\ProgramData\Temp:BBC9C1EB
AlternateDataStreams: C:\ProgramData\Temp:BCFEA004
AlternateDataStreams: C:\ProgramData\Temp:BE0654D6
AlternateDataStreams: C:\ProgramData\Temp:BECA50FF
AlternateDataStreams: C:\ProgramData\Temp:BEF18713
AlternateDataStreams: C:\ProgramData\Temp:C178954A
AlternateDataStreams: C:\ProgramData\Temp:C2F24DB5
AlternateDataStreams: C:\ProgramData\Temp:C3A047E3
AlternateDataStreams: C:\ProgramData\Temp:C43C957E
AlternateDataStreams: C:\ProgramData\Temp:C82CA1C0
AlternateDataStreams: C:\ProgramData\Temp:C900B47A
AlternateDataStreams: C:\ProgramData\Temp:CA99FD89
AlternateDataStreams: C:\ProgramData\Temp:CB8C8B5D
AlternateDataStreams: C:\ProgramData\Temp:D0005E5A
AlternateDataStreams: C:\ProgramData\Temp:D1FD226D
AlternateDataStreams: C:\ProgramData\Temp:D5B149F6
AlternateDataStreams: C:\ProgramData\Temp:D621CFB8
AlternateDataStreams: C:\ProgramData\Temp:D6D084A5
AlternateDataStreams: C:\ProgramData\Temp:DB2748F7
AlternateDataStreams: C:\ProgramData\Temp:DF5ABA3D
AlternateDataStreams: C:\ProgramData\Temp:E01DB231
AlternateDataStreams: C:\ProgramData\Temp:E1410612
AlternateDataStreams: C:\ProgramData\Temp:E1C0073D
AlternateDataStreams: C:\ProgramData\Temp:E265ED33
AlternateDataStreams: C:\ProgramData\Temp:E3615992
AlternateDataStreams: C:\ProgramData\Temp:E40AB54F
AlternateDataStreams: C:\ProgramData\Temp:E6B95E40
AlternateDataStreams: C:\ProgramData\Temp:E8AEB2BF
AlternateDataStreams: C:\ProgramData\Temp:E8B61305
AlternateDataStreams: C:\ProgramData\Temp:E90B51C0
AlternateDataStreams: C:\ProgramData\Temp:EC0279DC
AlternateDataStreams: C:\ProgramData\Temp:ED51D3ED
AlternateDataStreams: C:\ProgramData\Temp:EE2DD6CC
AlternateDataStreams: C:\ProgramData\Temp:F52DB269
AlternateDataStreams: C:\ProgramData\Temp:F5826D55
AlternateDataStreams: C:\ProgramData\Temp:F65A2273
AlternateDataStreams: C:\ProgramData\Temp:F68CB1A4
AlternateDataStreams: C:\ProgramData\Temp:F860DBFD
AlternateDataStreams: C:\ProgramData\Temp:F89F2593
AlternateDataStreams: C:\ProgramData\Temp:F9F58B80
AlternateDataStreams: C:\ProgramData\Temp:FC70A22A
AlternateDataStreams: C:\ProgramData\Temp:FD11E093
AlternateDataStreams: C:\ProgramData\Temp:FD7DCDA6
AlternateDataStreams: C:\ProgramData\Temp:FDEE14AC
AlternateDataStreams: C:\ProgramData\Temp:FFC3922F
AlternateDataStreams: C:\Users\Florian\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Florian\Cookies:gs5sys
AlternateDataStreams: C:\Users\Florian\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\Florian\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Florian\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Florian\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Florian\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Florian\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Florian\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Florian\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/18/2013 03:37:54 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/18/2013 03:31:26 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/18/2013 03:30:35 PM) (Source: Application Hang) (User: )
Description: Programm avcenter.exe, Version 14.0.0.225 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1488

Startzeit: 01cee46a767df1df

Endzeit: 60000

Anwendungspfad: C:\program files (x86)\avira\antivir desktop\avcenter.exe

Berichts-ID: d0c347e0-505d-11e3-b479-386077bf6892

Error: (11/18/2013 03:29:10 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/18/2013 03:28:38 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/18/2013 03:26:20 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/18/2013 03:26:14 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/18/2013 02:55:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 02:54:23 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (11/18/2013 02:37:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/18/2013 02:54:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/18/2013 02:43:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BBUpdate" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/18/2013 02:43:27 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BBUpdate erreicht.

Error: (11/18/2013 02:43:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BBUpdate" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/18/2013 02:43:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BBUpdate erreicht.

Error: (11/18/2013 02:43:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BBUpdate" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/18/2013 02:43:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BBUpdate erreicht.

Error: (11/18/2013 02:43:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BBUpdate" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/18/2013 02:43:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BBUpdate erreicht.

Error: (11/18/2013 02:43:26 PM) (Source: DCOM) (User: )
Description: 1053BBUpdate-Service{D6381B4A-D254-46EB-9018-A62E0F4BA6BA}


Microsoft Office Sessions:
=========================
Error: (11/18/2013 03:37:54 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (11/18/2013 03:31:26 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (11/18/2013 03:30:35 PM) (Source: Application Hang)(User: )
Description: avcenter.exe14.0.0.225148801cee46a767df1df60000C:\program files (x86)\avira\antivir desktop\avcenter.exed0c347e0-505d-11e3-b479-386077bf6892

Error: (11/18/2013 03:29:10 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (11/18/2013 03:28:38 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (11/18/2013 03:26:20 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (11/18/2013 03:26:14 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (11/18/2013 02:55:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2013 02:54:23 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (11/18/2013 02:37:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 8172.26 MB
Available physical RAM: 5198.01 MB
Total Pagefile: 16342.7 MB
Available Pagefile: 13341.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:455.95 GB) (Free:173.51 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.46 GB) (Free:164.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1311065B)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 19.11.2013, 09:33   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter) - Standard

Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)
antivir, blöde, fenster, firefox, heute, merkwürdig, mutter, namens, nichtmehr, nutze, nutzen, rechner, runter, scan, schei, schließe, seite, seltsame, spiele, start, starte, troja, trojanerbefall, ungefragt, öffnet



Ähnliche Themen: Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)


  1. neues Fenster und Werbung öffnet sich in Chrome ungefragt
    Plagegeister aller Art und deren Bekämpfung - 04.03.2015 (41)
  2. mozilla firefox-viele fenster (v.a. werbung für spiele) öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 09.06.2014 (9)
  3. Nation Zoom öffnet sich ungefragt in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 04.01.2014 (12)
  4. Spiele minimieren sich von selbst bzw. Fenster wie zb. Firefox sind einfach inaktiv.
    Plagegeister aller Art und deren Bekämpfung - 10.11.2013 (5)
  5. Firefox öffnet ungefragt Sponsorship- Tab (Avast rebelliert)
    Plagegeister aller Art und deren Bekämpfung - 23.09.2013 (13)
  6. Windows 7: IE öffnet sich mehrmals ungefragt (Delta Search -> bösartig)
    Log-Analyse und Auswertung - 29.08.2013 (7)
  7. Firefox öffnet laufend ungefragt World of tanks
    Plagegeister aller Art und deren Bekämpfung - 24.07.2013 (19)
  8. Webseite bizcoaching öffnet sich ständig ungefragt
    Plagegeister aller Art und deren Bekämpfung - 10.07.2013 (38)
  9. Firefox öffnet willkührlich fenster und system fährt runter!
    Plagegeister aller Art und deren Bekämpfung - 03.06.2011 (3)
  10. Internetexplorer öffnet sich ungefragt, Trojaner wird vermutet.
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (23)
  11. IE öffnet ungefragt / Ton schaltetet sich ab
    Plagegeister aller Art und deren Bekämpfung - 12.07.2010 (8)
  12. Werbepopups, iexplorer.exe öffnet sich, Wave-Sound aus und Spiele minimieren sich...
    Plagegeister aller Art und deren Bekämpfung - 11.07.2010 (1)
  13. IE-Explorer öffnet sich ungefragt! Hier die Logfile...
    Log-Analyse und Auswertung - 04.06.2010 (7)
  14. HILFE: Firefox öffnet Werbetabs&Internet Explorer öffnet sich selbstständig
    Log-Analyse und Auswertung - 07.05.2010 (6)
  15. Firefox öffnet sich und läd weiter Malware runter.
    Log-Analyse und Auswertung - 01.12.2009 (1)
  16. prunnet.exe >> IE öffnet sich ungefragt
    Log-Analyse und Auswertung - 11.01.2009 (10)
  17. Im Firefox bewegt sich Bildschirm dauernd 5mm rauf & runter
    Plagegeister aller Art und deren Bekämpfung - 23.07.2005 (2)

Zum Thema Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter) - Ich habe ganz seltsame Probleme. Seit heute offnet sich beim STart immer der IE mit einer Seite namens "hxxp://www_getwindowinfo". Wenn ich das Fenster schließe öffnet es sich wieder. Außerdem scheint - Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter)...
Archiv
Du betrachtest: Trojanerbefall (IE öffnet sich ungefragt, Firefox läd Spiele runter) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.