[Win8 64) InternetExplorer öffnet sich ohne in der taskleiste aufzutauchen, spielt Sound ab, lässt sich nur durch Task Manager beend Hallo liebes Trojaner-Board!
Seit ein paar Wochen öffnet sich immer de InternetExplorer bei mir im Hintergrund, wird aber nicht in der Taskleiste angezeigt und lässt sich nur mit dem Taskmanager beenden.
Ich poste euch mal die Log Dateien von FRST, und GMER:
FRST:
Code:
Alles auswählen Aufklappen ATTFilter
FRST Logfile:
FRST Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-06-2014
Ran by Thorgrem (administrator) on THERBREG on 26-06-2014 13:40:44
Running from C:\Users\Thorgrem\Downloads
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Akamai Technologies, Inc.) C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Thorgrem\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thorgrem\AppData\Local\Temp\GPUpd53ABF9460.exe
() C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Thorgrem\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap.dll [1048152 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [327680 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [122880 2013-04-16] (Saitek)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [631816 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [404080 2014-04-29] (CyberGhost S.R.L.)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [Spotify Web Helper] => C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [Spotify] => C:\Users\Thorgrem\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-27] (Spotify Ltd)
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Run: [InetStat] => C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe [659470 2014-06-19] ()
HKU\S-1-5-21-729715285-913791145-1909180566-1001\...\Policies\Explorer: [DisallowRun] 1
AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x63A1700B172FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKLM - {FB16A4F9-54C5-4F68-8D50-474449B462BE} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
SearchScopes: HKCU - {FB16A4F9-54C5-4F68-8D50-474449B462BE} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default
FF NewTab: hxxp://www.v9.com/newtab/?type=nt&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: hxxp://www.v9.com/?type=hppp&ts=1403506107&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3448e0955
FF Keyword.URL: hxxp://www.sm.de/?q=
FF NetworkProxy: "http", "184.105.18.60"
FF NetworkProxy: "http_port", 7808
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\v9.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\amazon-icon@giga.de [2014-06-02]
FF Extension: Quick Start - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\quick_start@gmail.com [2014-06-19]
FF Extension: YouTube Unblocker - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\youtubeunblocker@unblocker.yt [2014-06-21]
FF Extension: DownloadHelper - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Firebug - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\firebug@software.joehewitt.com.xpi [2014-06-19]
FF Extension: CSSAddon - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\{a31bea78-e3a8-4eb0-8fad-89e40aeaf15f}.xpi [2014-04-19]
FF Extension: Adblock Plus - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-15]
FF Extension: {fc118710-982f-446f-9772-5f125dbe1a6f} - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\Extensions\{fc118710-982f-446f-9772-5f125dbe1a6f}.xpi [2014-04-19]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Thorgrem\AppData\Roaming\Mozilla\Firefox\Profiles\vsqfhgqo.default\extensions\quick_start@gmail.com [2014-06-19]
========================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-04-29] (CyberGhost S.R.L)
R2 Fabs; C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe [1155072 2008-12-16] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [140800 2014-02-19] (Microsoft Corporation) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
S3 Te.Service; C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [91136 2013-08-21] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-03-24] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-03-24] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2014-04-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [97648 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [136216 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [37352 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
S3 BthA2DP; C:\WINDOWS\system32\drivers\BthA2DP.sys [107648 2013-08-22] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2014-06-19] (Disc Soft Ltd)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [16256 2013-05-17] ()
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R3 SaiK1708; C:\WINDOWS\system32\DRIVERS\SaiK1708.sys [145216 2012-09-20] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23200 2013-04-30] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [46624 2013-04-30] (Saitek)
R3 SaiU1708; C:\WINDOWS\System32\drivers\SaiU1708.sys [41280 2012-09-20] (Saitek)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
R1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [28520 2014-02-25] (Avira GmbH)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 tap0901t; C:\WINDOWS\system32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [92504 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
R3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\Thorgrem\AppData\Local\Temp\ALSysIO.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-26 13:40 - 2014-06-26 13:41 - 00020137 _____ () C:\Users\Thorgrem\Downloads\FRST.txt
2014-06-26 13:40 - 2014-06-26 13:40 - 01073152 _____ (Farbar) C:\Users\Thorgrem\Downloads\FRST.exe
2014-06-26 13:40 - 2014-06-26 13:40 - 00000000 ____D () C:\FRST
2014-06-26 13:39 - 2014-06-26 13:39 - 00050477 _____ () C:\Users\Thorgrem\Downloads\Defogger.exe
2014-06-26 13:39 - 2014-06-26 13:39 - 00000548 _____ () C:\Users\Thorgrem\Downloads\defogger_disable.log
2014-06-26 13:39 - 2014-06-26 13:39 - 00000156 _____ () C:\Users\Thorgrem\defogger_reenable
2014-06-26 13:35 - 2014-06-26 13:35 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\HijackThis - CHIP-Installer.exe
2014-06-22 19:19 - 2014-06-22 19:19 - 03067063 _____ () C:\Users\Thorgrem\Downloads\alle_chars_100_unskilled.zip
2014-06-22 19:11 - 2014-06-22 19:11 - 00000000 ____D () C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2014-06-22 19:11 - 2014-06-22 19:11 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-21 22:32 - 2014-06-21 22:32 - 00001631 _____ () C:\Users\Public\Desktop\Sacred Gold.lnk
2014-06-21 22:32 - 2014-06-21 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sacred Gold [GOG.com]
2014-06-21 22:24 - 2014-06-21 22:24 - 00000000 ____D () C:\Users\Thorgrem\Downloads\sacred.gold.german.soundfiles
2014-06-21 20:10 - 2014-06-21 22:24 - 408819582 _____ () C:\Users\Thorgrem\Downloads\sacred.gold.german.soundfiles.rar
2014-06-20 20:38 - 2014-06-20 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-20 11:49 - 2014-06-21 22:28 - 00000000 ____D () C:\GOG Games
2014-06-20 11:17 - 2014-06-20 11:17 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred Gold 2.0.0.4
2014-06-19 21:35 - 2014-06-19 21:35 - 00000000 ____D () C:\Users\Thorgrem\Downloads\JDownloader
2014-06-19 18:35 - 2014-06-19 18:35 - 00000000 ____D () C:\Program Files\Sacred Underworld
2014-06-19 16:09 - 2014-06-19 16:09 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred Underworld
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\SupTab
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\Program Files\SupTab
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\v9
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\InetStat
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\wi_upd
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\GetPrivate
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Program Files\GetPrivate
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\Program Files\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\Program Files\Elcomsoft
2014-06-19 13:50 - 2014-06-19 13:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\Advanced Archive Password Recovery - CHIP-Installer.exe
2014-06-19 13:37 - 2014-06-19 13:37 - 00001908 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-19 13:37 - 2014-06-19 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-06-19 13:36 - 2014-06-19 13:37 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\DAEMON Tools Lite
2014-06-19 13:36 - 2014-06-19 13:36 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-19 13:36 - 2014-06-19 13:36 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-06-19 13:35 - 2014-06-19 13:38 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-19 13:35 - 2014-06-19 13:35 - 13429504 _____ (Disc Soft Ltd) C:\Users\Thorgrem\Downloads\DTLite4491-0356.exe
2014-06-19 12:19 - 2014-06-20 20:00 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred.Underworld - SKIDROW
2014-06-19 12:18 - 2014-06-20 11:52 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\uTorrent
2014-06-19 12:18 - 2014-06-19 12:18 - 00000900 _____ () C:\Users\Thorgrem\Desktop\µTorrent.lnk
2014-06-19 12:18 - 2014-06-19 12:18 - 00000880 _____ () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-19 12:11 - 2014-06-20 19:39 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Alle Chars unskilled lvl 100
2014-06-19 12:08 - 2014-06-19 12:08 - 00163138 _____ () C:\Users\Thorgrem\Downloads\Alle Chars unskilled lvl 100.zip
2014-06-19 12:04 - 2014-06-19 12:04 - 00000000 ____D () C:\Users\Thorgrem\Downloads\UnskilledGladiLvl50
2014-06-19 12:03 - 2014-06-19 12:03 - 00043151 _____ () C:\Users\Thorgrem\Downloads\UnskilledGladiLvl50.zip
2014-06-18 22:18 - 2014-06-18 22:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 21:16 - 2014-06-17 21:16 - 00001175 _____ () C:\Users\Thorgrem\Desktop\Sacred.lnk
2014-06-17 21:16 - 2014-06-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2014-06-17 21:10 - 2014-06-22 19:22 - 00000000 ____D () C:\Program Files\Ascaron Entertainment
2014-06-16 21:09 - 2014-06-16 21:09 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2014-06-15 22:01 - 2014-06-15 22:01 - 00000000 ____D () C:\Users\Thorgrem\Documents\MAGIX_Screenshare
2014-06-15 22:01 - 2014-06-15 22:01 - 00000000 ____D () C:\Users\Thorgrem\Documents\MAGIX_Online_Druck_Service
2014-06-15 21:09 - 2014-06-15 21:09 - 01058200 _____ (Adobe) C:\Users\Thorgrem\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-06-15 21:08 - 2014-06-15 21:08 - 00207872 _____ () C:\Users\Thorgrem\Documents\Das Projekt.ppt
2014-06-15 10:19 - 2014-06-15 21:07 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-12 17:27 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-12 17:27 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-12 17:27 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-12 17:27 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-12 17:27 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-12 17:27 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-12 17:27 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-12 17:27 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-12 17:27 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-12 17:27 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-12 17:27 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-12 17:27 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-12 17:27 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-12 17:27 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-12 17:27 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-12 17:27 - 2014-05-19 07:33 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-12 17:27 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-12 17:27 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-12 17:27 - 2014-05-09 01:08 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-12 17:27 - 2014-05-05 06:02 - 02826240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-12 17:27 - 2014-05-03 08:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-06-12 17:27 - 2014-05-03 08:12 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-12 17:27 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-12 17:27 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-12 17:27 - 2014-05-01 13:00 - 02257608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-12 17:27 - 2014-05-01 13:00 - 00046512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-12 17:27 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-12 17:27 - 2014-05-01 08:42 - 02045440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-12 17:27 - 2014-05-01 07:31 - 02366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-12 17:27 - 2014-04-30 12:10 - 01090296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-12 17:27 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-12 17:27 - 2014-04-30 05:43 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-12 17:27 - 2014-02-06 12:19 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-12 17:27 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-12 17:27 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-12 17:27 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-12 17:27 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-12 17:27 - 2014-02-06 11:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-12 17:27 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-12 17:26 - 2014-04-18 15:43 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-12 17:26 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-12 17:26 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-12 17:26 - 2014-04-18 10:51 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-12 17:26 - 2014-04-18 10:01 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-12 17:26 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-12 17:26 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-12 17:26 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-12 17:26 - 2014-04-11 07:29 - 01016320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-12 17:26 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-12 17:26 - 2014-04-11 05:27 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-12 17:26 - 2014-04-09 12:47 - 00294744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-12 17:26 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-12 17:26 - 2014-04-09 06:01 - 01089536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-12 17:26 - 2014-04-09 05:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-12 17:26 - 2014-04-08 01:47 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-12 17:26 - 2014-04-06 17:27 - 00311128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-12 17:26 - 2014-04-06 17:27 - 00240472 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-12 17:26 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-12 17:26 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-12 17:26 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-12 17:26 - 2014-04-06 17:18 - 00271192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-12 17:26 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 01159520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-12 17:26 - 2014-04-06 17:16 - 00194752 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-12 17:26 - 2014-04-06 15:06 - 03497472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-12 17:26 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-12 17:26 - 2014-04-06 14:00 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-12 17:26 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-12 17:26 - 2014-04-06 13:47 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-12 17:26 - 2014-04-06 13:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-12 17:26 - 2014-04-06 12:58 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-12 17:26 - 2014-04-06 12:55 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-12 17:26 - 2014-04-06 12:44 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-12 17:26 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-12 17:26 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-12 17:26 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-12 17:26 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-12 17:26 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-12 17:26 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-12 17:26 - 2014-04-03 05:46 - 01871704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-12 17:26 - 2014-04-03 05:46 - 00286040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-12 17:26 - 2014-04-03 04:46 - 03563008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-12 17:26 - 2014-04-03 04:45 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-12 17:26 - 2014-04-03 04:44 - 01210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-12 17:26 - 2014-04-03 04:24 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-12 17:26 - 2014-04-03 04:24 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-12 17:26 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-12 17:26 - 2014-04-01 07:09 - 00333656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-12 17:26 - 2014-03-31 05:34 - 05786968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-12 17:26 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2014-06-12 17:26 - 2014-03-31 01:26 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-12 17:26 - 2014-03-31 01:13 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-12 17:26 - 2014-03-31 00:37 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-12 17:26 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-12 17:26 - 2014-03-31 00:09 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-12 17:26 - 2014-03-30 23:49 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-12 17:26 - 2014-03-28 11:04 - 00328984 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-12 17:26 - 2014-03-27 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-12 17:26 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-12 17:26 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-12 17:26 - 2014-03-27 05:22 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-12 17:26 - 2014-03-27 05:03 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-12 17:26 - 2014-03-27 04:59 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-12 17:26 - 2014-03-25 00:57 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-12 17:26 - 2014-03-21 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-06-12 17:26 - 2014-03-20 03:20 - 00229344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-12 17:26 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-06-12 17:26 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-12 17:26 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-12 17:26 - 2014-03-19 09:09 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-12 17:26 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-12 17:26 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-12 17:26 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-12 17:26 - 2014-03-19 06:47 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-12 17:26 - 2014-03-19 06:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-12 17:26 - 2014-03-19 06:14 - 02130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-12 17:26 - 2014-03-18 09:22 - 00069632 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-12 17:26 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-12 17:26 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-12 17:26 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-12 17:26 - 2014-03-17 04:36 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-12 17:26 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-12 17:26 - 2014-03-06 12:37 - 00264536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-12 17:15 - 2014-06-12 17:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-10 11:29 - 2014-06-10 12:11 - 00000000 ____D () C:\Users\Thorgrem\Downloads\bücher
2014-06-08 11:58 - 2014-06-08 11:58 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\SniperV2
2014-06-05 20:58 - 2014-06-05 20:58 - 00428399 _____ () C:\Users\Thorgrem\Downloads\sixpackcode10fehler.zip
2014-06-05 20:58 - 2014-06-05 20:58 - 00000000 ____D () C:\Users\Thorgrem\Downloads\sixpackcode10fehler
2014-06-05 17:34 - 2014-06-05 17:34 - 00000000 ____D () C:\Users\Thorgrem\Downloads\rezepte
2014-06-05 17:33 - 2014-06-05 17:33 - 00294828 _____ () C:\Users\Thorgrem\Downloads\rezepte.zip
2014-06-04 21:04 - 2014-06-04 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.4
2014-06-04 21:04 - 2014-06-04 21:04 - 00000000 ____D () C:\Program Files\GeoGebra 4.4
2014-06-04 21:02 - 2014-06-04 21:04 - 41946528 _____ (International GeoGebra Institute) C:\Users\Thorgrem\Downloads\GeoGebra-Windows-Installer-4-4-37-0.exe
2014-06-04 18:17 - 2014-06-04 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-06-04 15:43 - 2014-06-04 15:43 - 00000903 _____ () C:\Users\Thorgrem\Documents\Downloads - Verknüpfung.lnk
2014-06-03 21:08 - 2014-06-03 21:09 - 44199212 _____ () C:\Users\Thorgrem\Desktop\Pentakill-SmiteandIgnite.zip
2014-06-02 15:57 - 2014-06-02 15:57 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Security System 2
2014-06-02 15:57 - 2014-06-02 15:57 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Tempb7198e9bb9ab25f664356c451ef253f1
2014-06-02 15:12 - 2014-06-02 15:12 - 00000188 _____ () C:\Users\Thorgrem\Desktop\Amazon.de.url
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Thorgrem\ChromeExtensions
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Temp9a4653a4bc5a5527baaf9453f4749d2f
2014-06-02 15:04 - 2014-06-02 15:04 - 00001876 _____ () C:\Users\Public\Desktop\Black & White 2.lnk
2014-06-02 15:00 - 2014-06-02 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ____D () C:\Program Files\Lionhead Studios
2014-06-01 10:11 - 2014-06-01 12:02 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Tunngle
2014-06-01 10:11 - 2014-06-01 12:02 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-01 10:11 - 2014-06-01 10:13 - 00000000 ____D () C:\Program Files\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000961 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Thorgrem\Documents\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-06-01 10:11 - 2009-09-16 07:02 - 00027136 _____ (Tunngle.net) C:\WINDOWS\system32\Drivers\tap0901t.sys
2014-06-01 09:46 - 2014-06-01 09:46 - 00000214 _____ () C:\Users\Thorgrem\Desktop\Sid Meier's Civilization V.url
2014-05-27 20:23 - 2014-06-26 12:43 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Spotify
2014-05-27 20:23 - 2014-05-27 20:23 - 00001866 _____ () C:\Users\Thorgrem\Desktop\Spotify.lnk
2014-05-27 20:23 - 2014-05-27 20:23 - 00001852 _____ () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-05-27 20:22 - 2014-06-26 12:44 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Spotify
2014-05-27 20:22 - 2014-05-27 20:22 - 00126112 _____ (Spotify Ltd) C:\Users\Thorgrem\Downloads\SpotifySetup.exe
2014-05-27 17:46 - 2014-05-27 17:46 - 00000000 ____D () C:\Program Files\Common Files\Skype
==================== One Month Modified Files and Folders =======
2014-06-26 13:41 - 2014-06-26 13:40 - 00020137 _____ () C:\Users\Thorgrem\Downloads\FRST.txt
2014-06-26 13:40 - 2014-06-26 13:40 - 01073152 _____ (Farbar) C:\Users\Thorgrem\Downloads\FRST.exe
2014-06-26 13:40 - 2014-06-26 13:40 - 00000000 ____D () C:\FRST
2014-06-26 13:39 - 2014-06-26 13:39 - 00050477 _____ () C:\Users\Thorgrem\Downloads\Defogger.exe
2014-06-26 13:39 - 2014-06-26 13:39 - 00000548 _____ () C:\Users\Thorgrem\Downloads\defogger_disable.log
2014-06-26 13:39 - 2014-06-26 13:39 - 00000156 _____ () C:\Users\Thorgrem\defogger_reenable
2014-06-26 13:39 - 2014-02-24 18:31 - 00000000 ____D () C:\Users\Thorgrem
2014-06-26 13:37 - 2014-02-22 15:36 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-26 13:35 - 2014-06-26 13:35 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\HijackThis - CHIP-Installer.exe
2014-06-26 13:26 - 2014-03-17 16:47 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Skype
2014-06-26 13:06 - 2014-02-24 18:27 - 01513329 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-26 13:02 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-26 12:45 - 2014-04-19 12:26 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-06-26 12:44 - 2014-05-27 20:22 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Spotify
2014-06-26 12:43 - 2014-05-27 20:23 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Spotify
2014-06-26 12:41 - 2014-05-13 21:14 - 00001604 _____ () C:\WINDOWS\Sandboxie.ini
2014-06-26 12:40 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-22 19:34 - 2014-03-09 15:24 - 00000000 ____D () C:\Program Files\Steam
2014-06-22 19:22 - 2014-06-17 21:10 - 00000000 ____D () C:\Program Files\Ascaron Entertainment
2014-06-22 19:19 - 2014-06-22 19:19 - 03067063 _____ () C:\Users\Thorgrem\Downloads\alle_chars_100_unskilled.zip
2014-06-22 19:11 - 2014-06-22 19:11 - 00000000 ____D () C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2014-06-22 19:11 - 2014-06-22 19:11 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-22 10:22 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-06-21 22:32 - 2014-06-21 22:32 - 00001631 _____ () C:\Users\Public\Desktop\Sacred Gold.lnk
2014-06-21 22:32 - 2014-06-21 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sacred Gold [GOG.com]
2014-06-21 22:28 - 2014-06-20 11:49 - 00000000 ____D () C:\GOG Games
2014-06-21 22:24 - 2014-06-21 22:24 - 00000000 ____D () C:\Users\Thorgrem\Downloads\sacred.gold.german.soundfiles
2014-06-21 22:24 - 2014-06-21 20:10 - 408819582 _____ () C:\Users\Thorgrem\Downloads\sacred.gold.german.soundfiles.rar
2014-06-20 20:38 - 2014-06-20 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-20 20:00 - 2014-06-19 12:19 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred.Underworld - SKIDROW
2014-06-20 19:39 - 2014-06-19 12:11 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Alle Chars unskilled lvl 100
2014-06-20 11:52 - 2014-06-19 12:18 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\uTorrent
2014-06-20 11:17 - 2014-06-20 11:17 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred Gold 2.0.0.4
2014-06-19 22:00 - 2014-02-24 18:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-19 22:00 - 2013-11-14 01:00 - 00109288 _____ () C:\WINDOWS\PFRO.log
2014-06-19 22:00 - 2013-08-22 09:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-19 21:59 - 2013-08-22 08:13 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-19 21:56 - 2013-11-14 10:09 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-19 21:50 - 2014-02-21 17:24 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-19 21:35 - 2014-06-19 21:35 - 00000000 ____D () C:\Users\Thorgrem\Downloads\JDownloader
2014-06-19 18:35 - 2014-06-19 18:35 - 00000000 ____D () C:\Program Files\Sacred Underworld
2014-06-19 16:09 - 2014-06-19 16:09 - 00000000 ____D () C:\Users\Thorgrem\Downloads\Sacred Underworld
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\SupTab
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-19 14:08 - 2014-06-19 14:08 - 00000000 ____D () C:\Program Files\SupTab
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\v9
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-06-19 14:07 - 2014-06-19 14:07 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\InetStat
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\wi_upd
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\GetPrivate
2014-06-19 14:06 - 2014-06-19 14:06 - 00000000 ____D () C:\Program Files\GetPrivate
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\Program Files\Elcomsoft Password Recovery
2014-06-19 13:52 - 2014-06-19 13:52 - 00000000 ____D () C:\Program Files\Elcomsoft
2014-06-19 13:50 - 2014-06-19 13:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\Advanced Archive Password Recovery - CHIP-Installer.exe
2014-06-19 13:38 - 2014-06-19 13:35 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-19 13:37 - 2014-06-19 13:37 - 00001908 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-19 13:37 - 2014-06-19 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-06-19 13:37 - 2014-06-19 13:36 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\DAEMON Tools Lite
2014-06-19 13:36 - 2014-06-19 13:36 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-19 13:36 - 2014-06-19 13:36 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-06-19 13:35 - 2014-06-19 13:35 - 13429504 _____ (Disc Soft Ltd) C:\Users\Thorgrem\Downloads\DTLite4491-0356.exe
2014-06-19 12:18 - 2014-06-19 12:18 - 00000900 _____ () C:\Users\Thorgrem\Desktop\µTorrent.lnk
2014-06-19 12:18 - 2014-06-19 12:18 - 00000880 _____ () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-19 12:08 - 2014-06-19 12:08 - 00163138 _____ () C:\Users\Thorgrem\Downloads\Alle Chars unskilled lvl 100.zip
2014-06-19 12:04 - 2014-06-19 12:04 - 00000000 ____D () C:\Users\Thorgrem\Downloads\UnskilledGladiLvl50
2014-06-19 12:03 - 2014-06-19 12:03 - 00043151 _____ () C:\Users\Thorgrem\Downloads\UnskilledGladiLvl50.zip
2014-06-18 22:18 - 2014-06-18 22:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-18 21:59 - 2012-07-26 08:43 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-17 21:16 - 2014-06-17 21:16 - 00001175 _____ () C:\Users\Thorgrem\Desktop\Sacred.lnk
2014-06-17 21:16 - 2014-06-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2014-06-17 17:27 - 2014-05-10 20:04 - 00004364 _____ () C:\WINDOWS\setupact.log
2014-06-16 21:09 - 2014-06-16 21:09 - 00961360 _____ (Chip Digital GmbH) C:\Users\Thorgrem\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2014-06-15 22:02 - 2014-03-01 13:21 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Shared
2014-06-15 22:01 - 2014-06-15 22:01 - 00000000 ____D () C:\Users\Thorgrem\Documents\MAGIX_Screenshare
2014-06-15 22:01 - 2014-06-15 22:01 - 00000000 ____D () C:\Users\Thorgrem\Documents\MAGIX_Online_Druck_Service
2014-06-15 22:01 - 2014-03-01 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-06-15 22:01 - 2014-03-01 13:21 - 00000000 ____D () C:\ProgramData\MAGIX
2014-06-15 22:01 - 2014-03-01 13:21 - 00000000 ____D () C:\Program Files\Common Files\xara
2014-06-15 22:01 - 2014-03-01 13:20 - 00007119 _____ () C:\WINDOWS\mgxoschk.ini
2014-06-15 22:01 - 2014-03-01 13:20 - 00000000 ____D () C:\WINDOWS\system32\MAGIX
2014-06-15 22:01 - 2014-03-01 13:20 - 00000000 ____D () C:\Program Files\MAGIX
2014-06-15 22:00 - 2014-03-01 13:21 - 00001115 _____ () C:\Users\Public\Desktop\MAGIX MP3 Maker 15.lnk
2014-06-15 21:10 - 2014-05-19 21:52 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Deployment
2014-06-15 21:09 - 2014-06-15 21:09 - 01058200 _____ (Adobe) C:\Users\Thorgrem\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-06-15 21:08 - 2014-06-15 21:08 - 00207872 _____ () C:\Users\Thorgrem\Documents\Das Projekt.ppt
2014-06-15 21:07 - 2014-06-15 10:19 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-15 10:16 - 2014-03-16 16:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-15 10:15 - 2014-03-16 16:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-13 16:52 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-12 21:00 - 2013-08-22 09:22 - 00494544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-12 18:53 - 2013-11-14 09:53 - 00000000 ____D () C:\WINDOWS\system32\Drivers\de-DE
2014-06-12 18:53 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-12 18:53 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-12 18:53 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-12 17:58 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-06-12 17:55 - 2014-02-22 18:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-12 17:52 - 2014-02-22 18:36 - 92708840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 17:15 - 2014-06-12 17:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-10 12:11 - 2014-06-10 11:29 - 00000000 ____D () C:\Users\Thorgrem\Downloads\bücher
2014-06-09 11:21 - 2014-03-02 16:29 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Audacity
2014-06-08 11:58 - 2014-06-08 11:58 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\SniperV2
2014-06-05 20:58 - 2014-06-05 20:58 - 00428399 _____ () C:\Users\Thorgrem\Downloads\sixpackcode10fehler.zip
2014-06-05 20:58 - 2014-06-05 20:58 - 00000000 ____D () C:\Users\Thorgrem\Downloads\sixpackcode10fehler
2014-06-05 17:34 - 2014-06-05 17:34 - 00000000 ____D () C:\Users\Thorgrem\Downloads\rezepte
2014-06-05 17:33 - 2014-06-05 17:33 - 00294828 _____ () C:\Users\Thorgrem\Downloads\rezepte.zip
2014-06-04 21:04 - 2014-06-04 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 4.4
2014-06-04 21:04 - 2014-06-04 21:04 - 00000000 ____D () C:\Program Files\GeoGebra 4.4
2014-06-04 21:04 - 2014-06-04 21:02 - 41946528 _____ (International GeoGebra Institute) C:\Users\Thorgrem\Downloads\GeoGebra-Windows-Installer-4-4-37-0.exe
2014-06-04 18:17 - 2014-06-04 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-06-04 15:43 - 2014-06-04 15:43 - 00000903 _____ () C:\Users\Thorgrem\Documents\Downloads - Verknüpfung.lnk
2014-06-03 21:09 - 2014-06-03 21:08 - 44199212 _____ () C:\Users\Thorgrem\Desktop\Pentakill-SmiteandIgnite.zip
2014-06-02 15:57 - 2014-06-02 15:57 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Security System 2
2014-06-02 15:57 - 2014-06-02 15:57 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Tempb7198e9bb9ab25f664356c451ef253f1
2014-06-02 15:12 - 2014-06-02 15:12 - 00000188 _____ () C:\Users\Thorgrem\Desktop\Amazon.de.url
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Thorgrem\ChromeExtensions
2014-06-02 15:12 - 2014-06-02 15:12 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\Temp9a4653a4bc5a5527baaf9453f4749d2f
2014-06-02 15:04 - 2014-06-02 15:04 - 00001876 _____ () C:\Users\Public\Desktop\Black & White 2.lnk
2014-06-02 15:04 - 2014-06-02 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ____D () C:\Program Files\Lionhead Studios
2014-06-02 15:00 - 2014-05-06 21:53 - 00044532 _____ () C:\WINDOWS\DirectX.log
2014-06-01 12:02 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Tunngle
2014-06-01 12:02 - 2014-06-01 10:11 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-01 10:27 - 2014-03-09 15:24 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-06-01 10:22 - 2014-05-04 10:52 - 00000000 ____D () C:\Users\Thorgrem\AppData\Local\NVIDIA
2014-06-01 10:13 - 2014-06-01 10:11 - 00000000 ____D () C:\Program Files\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000961 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Thorgrem\Documents\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-06-01 10:11 - 2014-06-01 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-06-01 09:46 - 2014-06-01 09:46 - 00000214 _____ () C:\Users\Thorgrem\Desktop\Sid Meier's Civilization V.url
2014-06-01 09:46 - 2014-03-23 12:29 - 00000000 ____D () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-31 07:13 - 2013-08-22 10:18 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-31 07:13 - 2013-08-22 10:18 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-05-30 11:18 - 2014-06-12 17:27 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-30 10:43 - 2014-06-12 17:27 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-05-30 10:38 - 2014-06-12 17:27 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-05-30 10:27 - 2014-06-12 17:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-05-30 10:16 - 2014-06-12 17:27 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-05-30 10:04 - 2014-06-12 17:27 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 17:27 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-05-30 09:57 - 2014-06-12 17:27 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-05-30 09:56 - 2014-06-12 17:27 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-05-30 09:54 - 2014-06-12 17:27 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-05-30 09:49 - 2014-06-12 17:27 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-05-30 09:40 - 2014-06-12 17:27 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-05-30 09:21 - 2014-06-12 17:27 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-05-30 09:15 - 2014-06-12 17:27 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-05-30 09:13 - 2014-06-12 17:27 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-05-27 20:23 - 2014-05-27 20:23 - 00001866 _____ () C:\Users\Thorgrem\Desktop\Spotify.lnk
2014-05-27 20:23 - 2014-05-27 20:23 - 00001852 _____ () C:\Users\Thorgrem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-05-27 20:22 - 2014-05-27 20:22 - 00126112 _____ (Spotify Ltd) C:\Users\Thorgrem\Downloads\SpotifySetup.exe
2014-05-27 17:47 - 2014-03-17 16:46 - 00000000 ____D () C:\ProgramData\Skype
2014-05-27 17:46 - 2014-05-27 17:46 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-27 17:46 - 2014-03-17 16:47 - 00000000 ___RD () C:\Program Files\Skype
Some content of TEMP:
====================
C:\Users\Thorgrem\AppData\Local\Temp\amazonicon_v5.exe
C:\Users\Thorgrem\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Thorgrem\AppData\Local\Temp\avgnt.exe
C:\Users\Thorgrem\AppData\Local\Temp\cpn54vft.nqo.exe
C:\Users\Thorgrem\AppData\Local\Temp\foxy_security_games.exe
C:\Users\Thorgrem\AppData\Local\Temp\GPUpd53ABF9460.exe
C:\Users\Thorgrem\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\Thorgrem\AppData\Local\Temp\mhpu3cuq.2sp.exe
C:\Users\Thorgrem\AppData\Local\Temp\nvStInst.exe
C:\Users\Thorgrem\AppData\Local\Temp\ose00000.exe
C:\Users\Thorgrem\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Thorgrem\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Thorgrem\AppData\Local\Temp\sdapskill.exe
C:\Users\Thorgrem\AppData\Local\Temp\sdaspwn.exe
C:\Users\Thorgrem\AppData\Local\Temp\SRLDetectionLibrary3755180600171889777.dll
C:\Users\Thorgrem\AppData\Local\Temp\sweetpage294wld_n2.exe
C:\Users\Thorgrem\AppData\Local\Temp\ucmlivxk.uze.exe
C:\Users\Thorgrem\AppData\Local\Temp\Uninstall.exe
C:\Users\Thorgrem\AppData\Local\Temp\unwise.exe
C:\Users\Thorgrem\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Thorgrem\AppData\Local\Temp\w0dvpylu.vui.exe
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-20 10:06
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
Addition:
[QUOTE]Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-06-2014
Ran by Thorgrem at 2014-06-26 13:41:48
Running from C:\Users\Thorgrem\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.31743 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Control Center (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
Application Verifier x86 External Package (Version: 8.100.26629 - Microsoft) Hidden
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM\...\{70a79d1f-686d-4d5c-962b-07aa1294eae0}) (Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Black & White® 2 (HKLM\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
BlueJ (HKLM\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2BC398D2-11C8-43B1-AB84-675D33EB28C2}) (Version: - Microsoft)
EarMaster Pro 6.1 (HKLM\...\EarMaster Pro 6_is1) (Version: 6.1 - EarMaster ApS)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Firebird SQL Server - MAGIX Edition (HKLM\...\{19666E73-D9E5-44D4-8F33-037ED151ECBC}) (Version: 2.1.22.0 - MAGIX AG)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GeoGebra 4.4 (HKLM\...\GeoGebra 4.4) (Version: 4.4.37.0 - International GeoGebra Institute)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 51 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java-Editor 12.17, 2014.05.11 (HKLM\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version: - Gerhard Röhner)
JetBoost (HKLM\...\JetBoost_is1) (Version: 2.0.0 - BlueSprig)
Kits Configuration Installer (Version: 8.100.25984 - Microsoft) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
MAGIX MP3 Maker 15 10.0.0.257 (D) (HKLM\...\MAGIX MP3 Maker 15 D) (Version: 10.0.0.257 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (HKLM\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSI Development Tools (Version: 8.100.25984 - Microsoft Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Sacred (HKLM\...\Sacred_is1) (Version: - Ascaron Entertainment GmbH)
Sacred Gold (HKLM\...\GOGPACKSACREDGOLD_is1) (Version: 2.0.0.4 - GOG.com)
Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
SDK Debuggers (Version: 8.100.26629 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{6193D1C9-FEAC-4158-8EB5-1B1D7B0C8DA7}) (Version: 7.0.27.13 - Mad Catz)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version: - Rebellion)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Tunngle beta (HKLM\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{33BAD262-B737-4DFA-8527-02961A9CE7BB}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{968E82F6-FAF7-45E0-BCC0-EF8AA31A4EB3}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1FB43AFB-8112-41B9-B9A6-A43474F46123}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{071A9ED9-C72F-4CDA-9A88-F100C5EF9EE1}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{3365FE58-896F-45DE-8051-E48F6D8069FD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{A2D4D766-14AE-46CA-BD99-801FB1523626}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 32-Bit Edition (HKLM\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{FE13BE31-2B5B-4D4E-8538-B3BB9B370C66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D3CFB57E-39C0-4D2F-96D2-EC8BB1DB369D}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E102B907-56A0-476E-9D7F-D74C7C42527F}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F3B2C6F-B7F9-431F-84ED-C29F47B31DB7}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{173C8CEB-B73E-4C38-AF3A-05EA5BB860D4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F60958B9-F8A9-488F-99AD-8A6D95070CD8}) (Version: - Microsoft)
v9 uninstaller (HKLM\...\v9 uninstaller) (Version: - v9)
VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x86 (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Software Development Kit (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit EULA (Version: 8.100.25984 - Microsoft Corporations) Hidden
Windows Software Development Kit for Windows 8.1 (HKLM\...\{57334b90-51ab-4979-a6e4-ab0f7632479a}) (Version: 8.100.26654 - Microsoft Corporation)
Windows Software Development Kit for Windows Store Apps (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit Redistributables (Version: 8.100.26654 - Microsoft Corporation) Hidden
WPT Redistributables (Version: 8.100.26654 - Microsoft) Hidden
WPTx86 (Version: 8.100.26629 - Microsoft) Hidden
==================== Restore Points =========================
15-06-2014 20:02:10 Firebird SQL Server - MAGIX Edition wird installiert
19-06-2014 11:51:30 Installed Advanced Archive Password Recovery
22-06-2014 17:11:15 Sacred 2 wurde installiert.
==================== Hosts content: ==========================
2013-08-22 08:13 - 2013-08-22 08:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {20A6C59B-C383-4308-A79F-84955C282C37} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {4793E451-ACEB-41EA-88D3-50393FA15334} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\msoia.exe
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {4DC0D96B-9A83-46BE-A4FA-D9F0C9810774} - System32\Tasks\SoftUpdateDaily => C:\Users\Thorgrem\AppData\Local\SoftUpdate\SoftUpdate.exe
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {5E4FAF01-346B-4712-A24F-105513D7FAC9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {74C481D4-5369-48F7-AF12-59279E240F2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {7883EEFF-AA96-405C-9356-ED73361F225C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\msoia.exe
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {807DC311-69F1-4EA2-86C2-4201310CF89F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {8410D4E1-C03D-4B1D-858A-292FAEFCA5A9} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {92414D17-159E-434E-B69D-AF7B1735747B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-12] (Microsoft Corporation)
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {B5A67861-AA69-4B17-9FE8-AA5099D3D400} - System32\Tasks\GPUpdate => C:\Program Files\GetPrivate\gpup.exe [2014-06-19] ()
Task: {BB6F00A8-D239-4563-91F0-9DA017BDE449} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E1AC355F-9C80-4D2D-95AC-16B127E28843} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Therbreg-Thorgrem Therbreg => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-04-08] (Microsoft Corporation)
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {E68C661F-75D1-4FBC-9657-0D9AEEF2CCD0} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files\BlueSprig\JetBoost\AutoUpdate.exe [2012-11-27] (BlueSprig)
Task: {F0D8184F-880A-4E6B-ABEF-903998A15E66} - System32\Tasks\GPUpdateCheck => C:\Program Files\GetPrivate\gpup.exe [2014-06-19] ()
Task: {F1D1F5C6-C90A-46E7-8F60-0026369BC00A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {F49B30B6-AF06-4796-936C-6523EF7F0F80} - System32\Tasks\SoftUpdateLogon => C:\Users\Thorgrem\AppData\Local\SoftUpdate\SoftUpdate.exe
Task: {F615B43F-7D1D-4243-AC0E-82FFE5FBEFA5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-04-17 22:28 - 2014-04-17 22:28 - 00203776 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:10 - 2014-02-11 07:10 - 03854336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-02-11 07:10 - 2014-02-11 07:10 - 00618496 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00138320 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00065616 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-02-24 18:27 - 2014-03-04 14:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-05-27 20:23 - 2014-05-27 20:23 - 36966968 _____ () C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\libcef.dll
2014-06-19 14:07 - 2014-06-19 14:07 - 00659470 _____ () C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe
2014-06-18 22:18 - 2014-06-18 22:18 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-05-27 20:23 - 2014-05-27 20:23 - 00598072 _____ () C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-06-26 12:43 - 2014-06-26 12:43 - 01610776 _____ () C:\Users\Thorgrem\AppData\Local\Temp\GPUpd53ABF9460.exe
2014-05-27 20:23 - 2014-05-27 20:23 - 00886840 _____ () C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-05-27 20:23 - 2014-05-27 20:23 - 00108600 _____ () C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\libegl.dll
2014-04-19 12:27 - 2014-05-05 10:37 - 00049744 _____ () C:\Users\Thorgrem\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-05-13 20:37 - 2014-05-13 20:37 - 16361136 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-06-26 13:39 - 2014-06-26 13:39 - 00050477 _____ () C:\Users\Thorgrem\Downloads\Defogger.exe
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: WlanSvc => 3
HKCU\...\StartupApproved\Run: => "CyberGhost"
==================== Faulty Device Manager Devices =============
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (06/23/2014 08:49:22 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (06/23/2014 08:17:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: Die App „windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (06/22/2014 07:11:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/22/2014 07:11:14 PM) (Source: MsiInstaller) (EventID: 1013) (User: Therbreg)
Description: Produkt: AGEIA PhysX v7.11.13 -- Installation terminated
Error: (06/22/2014 09:22:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SystemSettings.exe, Version 6.3.9600.17055 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f64
Startzeit: 01cf8dea8f83c240
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
Berichts-ID: da43cac6-f9dd-11e3-afed-c86000570b4c
Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel
Error: (06/22/2014 09:22:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Therbreg)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/22/2014 09:21:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: Die App „windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (06/21/2014 07:25:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Therbreg)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/21/2014 07:25:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SystemSettings.exe, Version 6.3.9600.17055 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 918
Startzeit: 01cf8d75b43f2814
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
Berichts-ID: fd647f82-f968-11e3-afed-c86000570b4c
Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel
Error: (06/21/2014 07:25:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: Die App „windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
System errors:
=============
Error: (06/22/2014 10:22:37 AM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/22/2014 10:22:07 AM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/21/2014 08:25:34 PM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/21/2014 08:25:04 PM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/21/2014 08:09:23 PM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/21/2014 08:08:53 PM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/20/2014 05:58:18 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (06/20/2014 10:06:53 AM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/20/2014 10:06:23 AM) (Source: DCOM) (EventID: 10010) (User: Therbreg)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/19/2014 10:01:39 PM) (Source: DCOM) (EventID: 10016) (User: Therbreg)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}TherbregThorgremS-1-5-21-729715285-913791145-1909180566-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office Sessions:
=========================
Error: (06/23/2014 08:49:22 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (06/23/2014 08:17:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel
Error: (06/22/2014 07:11:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (06/22/2014 07:11:14 PM) (Source: MsiInstaller) (EventID: 1013) (User: Therbreg)
Description: Produkt: AGEIA PhysX v7.11.13 -- Installation terminated(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (06/22/2014 09:22:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SystemSettings.exe6.3.9600.17055f6401cf8dea8f83c2404294967295C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exeda43cac6-f9dd-11e3-afed-c86000570b4cwindows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel
Error: (06/22/2014 09:22:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Therbreg)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927142
Error: (06/22/2014 09:21:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel
Error: (06/21/2014 07:25:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Therbreg)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927142
Error: (06/21/2014 07:25:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SystemSettings.exe6.3.9600.1705591801cf8d75b43f28144294967295C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exefd647f82-f968-11e3-afed-c86000570b4cwindows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel
Error: (06/21/2014 07:25:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Therbreg)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 3582.11 MB
Available physical RAM: 1362.96 MB
Total Pagefile: 7166.11 MB
Available Pagefile: 4297.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1863.49 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.88 GB) (Free:136.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 26FD26FC)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GMER hängt sich beim Scan auf, aber
HijackThis funkioniert:
Code:
Alles auswählen Aufklappen ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:51:14, on 26.06.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\SmartTechnology\Software\ProfilerU.exe
C:\Program Files\SmartTechnology\Software\SaiMfd.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe
C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe
C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe
C:\WINDOWS\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Users\Thorgrem\AppData\Local\Temp\OCS\ocs_v71b.exe
C:\Users\Thorgrem\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fee276ba88bb81\HiJackThis204.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.v9.com/web/?type=ds&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1403179653&from=irs&uid=ST3250823AS_4ND0JF5PXXXX4ND0JF5P&i=psd&t=3445c393b
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Thorgrem\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Thorgrem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Thorgrem\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [InetStat] C:\Users\Thorgrem\AppData\Roaming\InetStat\inetstat.exe
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
--
End of file - 9506 bytes
Ich hoffe mal ihr könnt damit was anfangen, ich kanns nicht :P
Schonmal Danke im Vorraus!
Geändert von Therbreg (26.06.2014 um 14:13 Uhr)
26.06.2014, 13:52
Baum-Darstellung