Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 31.07.2014, 23:56   #1
medicus93
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Icon21

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Hallo,

eben beim Arbeiten hat mein PC plötzlich Firefox (Standardbrowser) geöffnet und in unzähligen Tabs immer wieder die Webseite "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" aufgerufen.

Habe in letzter Zeit eigentlich keine dubiose Software aus dem Internet heruntergeladen und achte eigentlich auch immer auf Adware etc..

Mein Virenscanner Avast Free hat nichts gemeldet.

Logfiles siehe Anhang.

Liebe Grüße

medicus

Alt 01.08.2014, 00:00   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Standard

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 01.08.2014, 09:34   #3
medicus93
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Standard

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Pardon, war dann gestern doch etwas spät.

Also... geht los:

defogger_disable.log
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:25 on 01/08/2014 (Thore93)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-
         
FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by Thore93 (administrator) on PC on 01-08-2014 00:27:07
Running from C:\Users\Thore93\Desktop
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avatron Software) C:\Program Files\Avatron\Air Display\AVTHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Thore93\AppData\Roaming\Spotify\spotify.exe
(Avatron Software, Inc) C:\Program Files\Avatron\Air Display\AirDisplay.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Users\Thore93\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.exe
(Microsoft) C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDockTray.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
() C:\Users\Thore93\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-07-16] (Valve Corporation)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [ViUpdater] => C:\Program Files (x86)\ViUpdater\ViUpdater.exe [122880 2013-01-11] (Lee-Soft.com)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Spotify Web Helper] => C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Spotify] => C:\Users\Thore93\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Air Display Support] => C:\Program Files\Avatron\Air Display\AirDisplay.exe [4189688 2013-12-04] (Avatron Software, Inc)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\MountPoints2: {83a67c74-8f24-11e2-be65-806e6f6e6963} - "D:\Launch.exe" 
AppInit_DLLs-x32: AirfoilInject3.dll => "AirfoilInject3.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe (Stardock)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9EA193AC3223CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: No Name -> {0124123D-61B4-456f-AF86-78C53A0790C5} ->  No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {0124123D-61B4-456f-AF86-78C53A0790C5} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default
FF NetworkProxy: "http", "223.30.31.160"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxyProxy Standard - C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default\Extensions\foxyproxy@eric.h.jung [2014-05-27]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default\Extensions\ich@maltegoetz.de [2014-05-22]
FF Extension: YouTube ALL HTML5 - C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2014-05-22]
FF Extension: Tab notifier - C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default\Extensions\tabnotifier@unusoft.it.xpi [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-23]

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Google Wallet) - C:\Users\Thore93\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-10] (AVAST Software)
R2 AVTHelper; C:\Program Files\Avatron\Air Display\AVTHelper.exe [237048 2013-12-04] (Avatron Software)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2012-07-26] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-13] ()
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-01-31] (Stardock Software, Inc)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AirDisplayWDDM; C:\Windows\system32\DRIVERS\AVWDDMMiniPort.sys [48632 2013-12-04] (Windows (R) Win 7 DDK provider)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-10] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-03-17] ()
R0 AVPCIFilter; C:\Windows\System32\drivers\AVPCIFilter.sys [36344 2013-12-04] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-04-10] (DT Soft Ltd)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-05-04] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-03-17] ()
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [38272 2013-05-25] (Windows (R) Win 7 DDK provider)
S3 cpuz137; \??\C:\Users\Thore93\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta\Hardware Monitor for G15 V1.0.1-Beta\res\HardwareMonitorProzess.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 00:27 - 2014-08-01 00:27 - 00023631 _____ () C:\Users\Thore93\Desktop\FRST.txt
2014-08-01 00:26 - 2014-08-01 00:27 - 00000000 ____D () C:\FRST
2014-08-01 00:26 - 2014-08-01 00:26 - 02094080 _____ (Farbar) C:\Users\Thore93\Desktop\FRST64.exe
2014-08-01 00:25 - 2014-08-01 00:25 - 00050477 _____ () C:\Users\Thore93\Desktop\Defogger.exe
2014-08-01 00:25 - 2014-08-01 00:25 - 00000546 _____ () C:\Users\Thore93\Desktop\defogger_disable.log
2014-08-01 00:25 - 2014-08-01 00:25 - 00000168 _____ () C:\Users\Thore93\defogger_reenable
2014-07-31 19:30 - 2014-07-31 19:30 - 00002102 _____ () C:\Users\Thore93\Desktop\GothicStarter.exe - Verknüpfung.lnk
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-27 14:35 - 2014-07-27 14:35 - 03031183 _____ (${MOD_COMP}) C:\Users\Thore93\Downloads\gothic2_fix-2.6.0.0-rev2.exe
2014-07-27 14:35 - 2014-07-27 14:35 - 00026684 _____ () C:\Users\Thore93\Downloads\download_278.htm
2014-07-27 14:24 - 2014-07-27 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-07-27 14:21 - 2014-07-27 14:22 - 75281126 _____ (Tricky) C:\Users\Thore93\Downloads\MiniMod_Balance-2.52.exe
2014-07-25 00:06 - 2014-07-25 00:04 - 00033280 _____ () C:\Users\Thore93\Desktop\DBInfoBuilder.exe
2014-07-25 00:05 - 2014-07-25 00:05 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Microsoft FxCop
2014-07-24 23:42 - 2014-07-24 23:42 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\NuGet
2014-07-24 23:31 - 2014-07-24 23:31 - 00000000 ____D () C:\Program Files\Windows Identity Foundation
2014-07-24 23:18 - 2014-07-24 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2014-07-24 23:18 - 2014-07-24 23:18 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Silverlight Kits
2014-07-24 23:15 - 2014-07-24 23:56 - 00000000 ____D () C:\Users\Thore93\Documents\Visual Studio 2013
2014-07-24 23:14 - 2014-07-24 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE
2014-07-24 23:09 - 2014-07-24 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files\Microsoft Identity Extensions
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files (x86)\Workflow Manager Tools
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK
2014-07-24 23:06 - 2014-07-24 23:06 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-24 23:06 - 2014-07-24 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-24 23:03 - 2014-07-24 23:12 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-07-24 23:03 - 2014-07-24 23:03 - 00000000 ____D () C:\Program Files\Application Verifier
2014-07-24 23:03 - 2014-07-24 23:03 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-07-24 22:58 - 2014-07-24 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-07-24 22:55 - 2014-07-24 22:55 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2014-07-24 22:52 - 2014-07-24 22:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-07-24 22:51 - 2014-07-24 22:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\ProgramData\NuGet
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files\IIS Express
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files (x86)\IIS Express
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files\IIS
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files (x86)\IIS
2014-07-24 22:48 - 2014-07-24 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-07-24 22:43 - 2014-07-24 22:48 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2014-07-24 22:40 - 2014-07-24 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-07-24 22:40 - 2014-07-24 22:45 - 00000000 ____D () C:\Windows\SysWOW64\1031
2014-07-24 22:40 - 2014-07-24 22:42 - 00000000 ____D () C:\Windows\system32\1033
2014-07-24 22:40 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-07-24 22:34 - 2014-07-24 22:34 - 00000000 ____D () C:\Windows\symbols
2014-07-24 22:33 - 2014-07-24 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2014-07-24 22:33 - 2014-07-24 22:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-07-24 22:32 - 2014-07-24 23:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-07-24 22:32 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\system32\1031
2014-07-24 22:32 - 2014-07-24 22:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2014-07-24 22:31 - 2014-07-24 23:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-07-24 22:31 - 2014-07-24 22:31 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
2014-07-24 22:27 - 2013-09-13 21:21 - 00030312 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2014-07-24 22:27 - 2013-09-13 21:21 - 00028776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2014-07-24 22:22 - 2014-07-24 22:22 - 00720896 _____ () C:\Users\Thore93\Downloads\SDM_DE.msi
2014-07-24 22:22 - 2014-07-24 22:22 - 00003153 _____ () C:\Users\Thore93\Desktop\Secure Download Manager.lnk
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\Downloads\Visual Studio Professional 2013 with Update 2 - 32 Bit - Web Installer (German)
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\e-academy Inc
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\AppData\Local\e-academy Inc
2014-07-24 18:22 - 2013-01-10 00:04 - 00001082 _____ () C:\Users\Thore93\Documents\Dokumente.lnk
2014-07-19 18:10 - 2014-08-01 00:13 - 00000000 ____D () C:\Users\Thore93\AppData\Local\CrashDumps
2014-07-18 00:02 - 2014-07-18 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Display
2014-07-18 00:01 - 2014-07-18 00:01 - 00000000 ____D () C:\Program Files\Avatron
2014-07-17 23:59 - 2014-07-18 00:00 - 50738552 _____ (Avatron Software, Inc. ) C:\Users\Thore93\Downloads\AirDisplay_Setup.exe
2014-07-17 22:12 - 2014-07-17 22:12 - 00041390 _____ () C:\Users\Thore93\Desktop\Player.swf
2014-07-16 15:20 - 2014-07-24 23:33 - 00465688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-16 15:17 - 2014-07-23 15:11 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-16 15:17 - 2014-07-16 17:14 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Thore93\Documents\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-16 15:17 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2014-07-16 15:15 - 2014-07-16 15:15 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Thore93\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-16 15:03 - 2014-07-16 15:03 - 00000000 ____D () C:\Users\Thore93\Desktop\unl-titc
2014-07-11 09:01 - 2014-06-26 22:53 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-11 09:01 - 2014-06-26 22:53 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 23:54 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 23:54 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 23:54 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 23:54 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-10 23:54 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-10 23:54 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-10 23:54 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 23:54 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-10 23:54 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-10 23:54 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-10 23:54 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-10 23:54 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-10 23:54 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-10 23:54 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-10 23:54 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-10 23:54 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 23:54 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-10 23:54 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 23:54 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-10 23:52 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 23:52 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 23:52 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-10 23:52 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-10 23:52 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 23:52 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 23:52 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 23:52 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 23:52 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 23:52 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 23:52 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 23:52 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 23:52 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 23:52 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-10 23:52 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 23:52 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 23:52 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 23:32 - 2014-07-10 23:32 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-04 21:10 - 2014-07-04 21:10 - 10140512 _____ () C:\Users\Thore93\Downloads\AirfoilInstaller.exe
2014-07-02 23:46 - 2014-07-02 23:46 - 00000000 ____D () C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta
2014-07-02 23:45 - 2014-07-02 23:45 - 00405283 _____ () C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta.rar
2014-07-02 23:43 - 2014-07-02 23:43 - 00125420 _____ () C:\Users\Thore93\Downloads\lcd_fonts_install_v1.91.zip
2014-07-02 23:43 - 2014-07-02 23:43 - 00000000 ____D () C:\Users\Thore93\Downloads\lcd_fonts_install_v1.91
2014-07-02 23:37 - 2014-07-02 23:37 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Logitech
2014-07-02 23:37 - 2014-07-02 23:37 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-07-02 23:36 - 2014-07-02 23:37 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-07-02 23:36 - 2014-07-02 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-07-02 23:35 - 2014-07-02 23:35 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Logitech
2014-07-02 23:35 - 2014-07-02 23:35 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Logishrd
2014-07-02 23:33 - 2014-07-02 23:34 - 62122112 _____ (Logitech Inc.) C:\Users\Thore93\Downloads\LGS_8.53.154_x64_Logitech.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 00:27 - 2014-08-01 00:27 - 00023631 _____ () C:\Users\Thore93\Desktop\FRST.txt
2014-08-01 00:27 - 2014-08-01 00:26 - 00000000 ____D () C:\FRST
2014-08-01 00:27 - 2014-03-28 12:26 - 02021148 _____ () C:\Windows\WindowsUpdate.log
2014-08-01 00:26 - 2014-08-01 00:26 - 02094080 _____ (Farbar) C:\Users\Thore93\Desktop\FRST64.exe
2014-08-01 00:25 - 2014-08-01 00:25 - 00050477 _____ () C:\Users\Thore93\Desktop\Defogger.exe
2014-08-01 00:25 - 2014-08-01 00:25 - 00000546 _____ () C:\Users\Thore93\Desktop\defogger_disable.log
2014-08-01 00:25 - 2014-08-01 00:25 - 00000168 _____ () C:\Users\Thore93\defogger_reenable
2014-08-01 00:25 - 2013-03-17 19:15 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-01 00:25 - 2013-03-17 19:09 - 00000000 ____D () C:\Users\Thore93
2014-08-01 00:21 - 2013-04-04 14:04 - 00000000 ____D () C:\Users\Thore93\AppData\Local\20DF8BEE-6876-436E-B6B2-222F2D9495C3.aplzod
2014-08-01 00:21 - 2012-07-26 12:27 - 00797144 _____ () C:\Windows\system32\perfh007.dat
2014-08-01 00:21 - 2012-07-26 12:27 - 00174008 _____ () C:\Windows\system32\perfc007.dat
2014-08-01 00:21 - 2012-07-26 09:28 - 01864118 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-01 00:17 - 2013-03-17 12:47 - 00000000 ___RD () C:\Users\Thore93\Dropbox
2014-08-01 00:16 - 2013-06-05 17:19 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Skype
2014-08-01 00:16 - 2013-06-05 12:41 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Spotify
2014-08-01 00:16 - 2013-03-17 19:15 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-01 00:16 - 2013-03-17 12:46 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Dropbox
2014-08-01 00:15 - 2013-04-04 15:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-01 00:14 - 2014-04-05 18:55 - 00054638 _____ () C:\Windows\PFRO.log
2014-08-01 00:14 - 2013-04-05 07:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 00:14 - 2013-04-04 14:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 00:14 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-01 00:13 - 2014-07-19 18:10 - 00000000 ____D () C:\Users\Thore93\AppData\Local\CrashDumps
2014-08-01 00:08 - 2013-04-08 00:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-01 00:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-31 19:30 - 2014-07-31 19:30 - 00002102 _____ () C:\Users\Thore93\Desktop\GothicStarter.exe - Verknüpfung.lnk
2014-07-30 19:41 - 2014-01-10 18:51 - 00000132 _____ () C:\Users\Thore93\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-29 23:57 - 2013-03-17 19:09 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Packages
2014-07-29 18:31 - 2013-06-05 12:41 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Spotify
2014-07-27 14:35 - 2014-07-27 14:35 - 03031183 _____ (${MOD_COMP}) C:\Users\Thore93\Downloads\gothic2_fix-2.6.0.0-rev2.exe
2014-07-27 14:35 - 2014-07-27 14:35 - 00026684 _____ () C:\Users\Thore93\Downloads\download_278.htm
2014-07-27 14:25 - 2014-03-28 13:14 - 00091841 _____ () C:\Windows\DirectX.log
2014-07-27 14:24 - 2014-07-27 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-07-27 14:22 - 2014-07-27 14:21 - 75281126 _____ (Tricky) C:\Users\Thore93\Downloads\MiniMod_Balance-2.52.exe
2014-07-27 12:57 - 2013-04-04 15:53 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-27 11:00 - 2013-04-04 00:03 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Microsoft Help
2014-07-26 10:43 - 2014-03-23 18:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-25 16:54 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-25 16:42 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-25 16:40 - 2013-03-17 19:15 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-907550391-924612775-1523764202-1001
2014-07-25 16:32 - 2013-03-17 12:46 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-25 00:05 - 2014-07-25 00:05 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Microsoft FxCop
2014-07-25 00:04 - 2014-07-25 00:06 - 00033280 _____ () C:\Users\Thore93\Desktop\DBInfoBuilder.exe
2014-07-24 23:56 - 2014-07-24 23:15 - 00000000 ____D () C:\Users\Thore93\Documents\Visual Studio 2013
2014-07-24 23:42 - 2014-07-24 23:42 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\NuGet
2014-07-24 23:33 - 2014-07-16 15:20 - 00465688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-24 23:32 - 2014-03-02 11:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 23:32 - 2014-03-02 11:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 23:32 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-24 23:31 - 2014-07-24 23:31 - 00000000 ____D () C:\Program Files\Windows Identity Foundation
2014-07-24 23:30 - 2013-07-30 10:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-24 23:18 - 2014-07-24 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2014-07-24 23:18 - 2014-07-24 23:18 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Silverlight Kits
2014-07-24 23:14 - 2014-07-24 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE
2014-07-24 23:12 - 2014-07-24 23:03 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-07-24 23:12 - 2014-07-24 22:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-07-24 23:09 - 2014-07-24 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch
2014-07-24 23:09 - 2014-07-24 22:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files\Microsoft Identity Extensions
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files (x86)\Workflow Manager Tools
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK
2014-07-24 23:07 - 2013-05-31 16:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-07-24 23:07 - 2013-04-04 00:06 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-07-24 23:06 - 2014-07-24 23:06 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-24 23:06 - 2014-07-24 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-24 23:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-24 23:03 - 2014-07-24 23:03 - 00000000 ____D () C:\Program Files\Application Verifier
2014-07-24 23:03 - 2014-07-24 23:03 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-07-24 23:03 - 2014-07-24 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-07-24 22:55 - 2014-07-24 22:55 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2014-07-24 22:55 - 2013-03-17 14:34 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-24 22:53 - 2014-07-24 22:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-07-24 22:51 - 2014-07-24 22:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\ProgramData\NuGet
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files\IIS Express
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files (x86)\IIS Express
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files\IIS
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files (x86)\IIS
2014-07-24 22:48 - 2014-07-24 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-07-24 22:48 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-07-24 22:48 - 2014-07-24 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-07-24 22:45 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\SysWOW64\1031
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2014-07-24 22:42 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\system32\1033
2014-07-24 22:40 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-07-24 22:40 - 2014-07-24 22:32 - 00000000 ____D () C:\Windows\system32\1031
2014-07-24 22:34 - 2014-07-24 22:34 - 00000000 ____D () C:\Windows\symbols
2014-07-24 22:33 - 2014-07-24 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2014-07-24 22:33 - 2014-07-24 22:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-07-24 22:32 - 2014-07-24 22:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2014-07-24 22:32 - 2014-03-29 21:14 - 00004748 _____ () C:\Windows\setupact.log
2014-07-24 22:32 - 2013-03-17 14:34 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-24 22:31 - 2014-07-24 22:31 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
2014-07-24 22:22 - 2014-07-24 22:22 - 00720896 _____ () C:\Users\Thore93\Downloads\SDM_DE.msi
2014-07-24 22:22 - 2014-07-24 22:22 - 00003153 _____ () C:\Users\Thore93\Desktop\Secure Download Manager.lnk
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\Downloads\Visual Studio Professional 2013 with Update 2 - 32 Bit - Web Installer (German)
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\e-academy Inc
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\AppData\Local\e-academy Inc
2014-07-24 18:22 - 2013-03-17 19:20 - 00000000 ____D () C:\ProgramData\Stardock
2014-07-24 17:32 - 2014-03-02 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 15:11 - 2014-07-16 15:17 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-22 13:07 - 2013-05-09 18:58 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\vlc
2014-07-19 18:09 - 2013-10-05 11:23 - 00000000 ____D () C:\Users\Thore93\Documents\Rezepte
2014-07-18 00:02 - 2014-07-18 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Display
2014-07-18 00:01 - 2014-07-18 00:01 - 00000000 ____D () C:\Program Files\Avatron
2014-07-18 00:00 - 2014-07-17 23:59 - 50738552 _____ (Avatron Software, Inc. ) C:\Users\Thore93\Downloads\AirDisplay_Setup.exe
2014-07-17 22:12 - 2014-07-17 22:12 - 00041390 _____ () C:\Users\Thore93\Desktop\Player.swf
2014-07-16 17:45 - 2013-04-04 00:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-16 17:44 - 2013-04-04 00:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-16 17:14 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Thore93\Documents\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-16 15:15 - 2014-07-16 15:15 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Thore93\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-16 15:03 - 2014-07-16 15:03 - 00000000 ____D () C:\Users\Thore93\Desktop\unl-titc
2014-07-11 08:58 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 08:58 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 08:58 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 08:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-11 00:20 - 2013-08-15 21:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 00:17 - 2013-03-20 21:22 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-11 00:17 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-11 00:08 - 2013-04-08 00:04 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 23:37 - 2014-03-23 18:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-10 23:32 - 2014-07-10 23:32 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-10 23:32 - 2014-05-01 13:08 - 00001996 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-10 23:32 - 2014-05-01 13:07 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-10 23:32 - 2014-03-23 18:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-04 21:10 - 2014-07-04 21:10 - 10140512 _____ () C:\Users\Thore93\Downloads\AirfoilInstaller.exe
2014-07-03 18:01 - 2014-05-27 08:45 - 00000000 ____D () C:\Users\Thore93\Documents\Arztbefunde
2014-07-02 23:46 - 2014-07-02 23:46 - 00000000 ____D () C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta
2014-07-02 23:45 - 2014-07-02 23:45 - 00405283 _____ () C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta.rar
2014-07-02 23:43 - 2014-07-02 23:43 - 00125420 _____ () C:\Users\Thore93\Downloads\lcd_fonts_install_v1.91.zip
2014-07-02 23:43 - 2014-07-02 23:43 - 00000000 ____D () C:\Users\Thore93\Downloads\lcd_fonts_install_v1.91
2014-07-02 23:41 - 2013-04-09 18:02 - 00505208 _____ () C:\Users\Thore93\Downloads\setup.exe
2014-07-02 23:37 - 2014-07-02 23:37 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Logitech
2014-07-02 23:37 - 2014-07-02 23:37 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-07-02 23:37 - 2014-07-02 23:36 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-07-02 23:36 - 2014-07-02 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-07-02 23:35 - 2014-07-02 23:35 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Logitech
2014-07-02 23:35 - 2014-07-02 23:35 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Logishrd
2014-07-02 23:34 - 2014-07-02 23:33 - 62122112 _____ (Logitech Inc.) C:\Users\Thore93\Downloads\LGS_8.53.154_x64_Logitech.exe

Some content of TEMP:
====================
C:\Users\Thore93\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaervme.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-22 13:53

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 01.08.2014, 09:34   #4
medicus93
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Standard

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02
Ran by Thore93 at 2014-08-01 00:28:32
Running from C:\Users\Thore93\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
0.5.9.1 (HKLM-x32\...\{2E430614-135D-47F8-A6BB-5095871A0C14}_is1) (Version: 0.5.9.1 - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Air Display Support (HKLM\...\{F51E7212-5D41-4EFA-9E92-BF23C98EBD71}) (Version: 2.0.3.440 - Avatron Software, Inc)
Airfoil (HKLM-x32\...\Airfoil) (Version: 3.5.0 - Rogue Amoeba)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{AF88A32E-BC54-2AA3-2FC8-D63D86DF4A7A}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.3 - EA Digital Illusions CE AB)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
BEWERBUNGSMASTER (HKLM-x32\...\ST6UNST #1) (Version:  - )
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Bullzip PDF Printer 9.7.0.1592 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.7.0.1592 - Bullzip)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Cardiac Auscultation 1.0 (HKLM-x32\...\Cardiac Auscultation) (Version: 1.0 - medical concepts Bonn)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1213.19931 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1212.19931 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1213.19931 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version:  - Microsoft)
Deluxe Edition (HKLM-x32\...\Deluxe Edition) (Version: 2011.1.0.0 - Encyclopaedia Britannica, Inc.)
Deutsche Post E-Porto (HKLM\...\{AFEF38CC-13B4-45E9-AD68-1A842627B203}) (Version: 2.3.0 - Deutsche Post AG)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Dropbox Folder Sync addon (HKLM-x32\...\{E0B7CA7A-98B0-4EF1-87F5-FF6B02DC06A9}_is1) (Version: 2.7 - Sowrabh & Satyadeep)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
Entity Framework 6.1.0 Tools  for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fotor 1.1.0 (HKLM-x32\...\Fotor) (Version: 1.1.0 - Everimaging Co., Ltd.)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.15.325 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
G I - Die Welt der Verurteilten (mit neuen Texturen) (HKLM-x32\...\G I - Die Welt der Verurteilten (mit neuen Texturen)) (Version: 1.03 - Issues (Deadgame Inc.))
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Geeks3D.com FurMark 1.10.6 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D.com)
Geheimakte 2 - Puritas Cordis (HKLM-x32\...\{BE7347AD-2D93-4A74-8DBF-C1B073DAE509}) (Version: 1.00.0000 - Deep Silver)
Geheimakte 3 (HKLM-x32\...\{765BF404-2FEE-492B-9E7F-A55143796EF1}) (Version: 1.00 - Deep Silver)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.30.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.30.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gothic 1 (HKLM-x32\...\Gothic 1_is1) (Version:  - piranha bytes / Pluto 13 GmbH)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version:  - Piranha – Bytes)
GothicW8 (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version:  - )
Grim Dawn (HKLM-x32\...\Steam App 219990) (Version:  - )
Hacker Evolution - Untold (HKLM-x32\...\Steam App 70110) (Version:  - exosyphen studios)
Hacker Evolution (HKLM-x32\...\Steam App 70100) (Version:  - exosyphen studios)
Hacker Evolution Duality (HKLM-x32\...\Steam App 70120) (Version:  - exosyphen studios)
HWiNFO64 Version 4.36 (HKLM\...\HWiNFO64_is1) (Version: 4.36 - Martin Malík - REALiX)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20410.1601 - Microsoft Corporation) Hidden
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
Lost Horizon (HKLM-x32\...\Steam App 40350) (Version:  - Animation Arts)
MakeMKV v1.8.10 (HKLM-x32\...\MakeMKV) (Version: v1.8.10 - GuinpinSoft inc)
Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising SDK for Windows Phone 8.1 XAML - DEU (x32 Version: 8.1.40427.0 - Microsoft Corporation) Hidden
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.40402.0 - Microsoft Corporation) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft ASP.NET and Web Tools 2013.2 - Visual Studio 2013 - deu (x32 Version: 2.3.50425.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET and Web Tools 2013.2 - Visual Studio 2013 (x32 Version: 2.3.50425.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - DEU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - DEU (x32 Version: 5.1.20409.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.1.20409.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - DEU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Exchange Web Services Managed API 2.1 (x32 Version: 15.0.847.30 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20621.0 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.5 Tools (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.5 ToolsRes - DEU (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft LightSwitch für Visual Studio 2013 CoreRes - DEU (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft LightSwitch v4.5 SDK (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.8.50313.46 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools für Microsoft Visual Studio (x64) - DEU Sprachpaket (Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Developer Tools for Visual Studio (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Office Developer Tools für Visual Studio DEU Sprachpaket (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - chs (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - cht (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - csy (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - esn (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - fra (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - ita (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - jpn (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - kor (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - plk (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - ptb (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - rus (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - trk (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On für Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Update 2 Object Model (x64) (Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Update 2-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual C++  ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - DEU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013  x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40820 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Diagnostic Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Diagnostic Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 XAML UI Designer (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Diagnosetools - DEU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Leistungserfassungstools - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Leistungserfassungstools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-XAML-Benutzeroberflächen-Designer - DEU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c81217f5-344b-4b07-895e-97468942d363}) (Version: 12.0.30501 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
MiniMod Balance (HKLM-x32\...\MiniMod Balance) (Version: 2.52 - Tricky)
Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.55a (HKLM-x32\...\Mp3tag) (Version: v2.55a - Florian Heidenreich)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
Notation Player 2.6.3 (HKLM-x32\...\{61150C85-DC0A-4976-922F-5575F388ADA6}) (Version: 2.6.3 - Notation Software, Inc.) <==== ATTENTION
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
ObjectDock Plus (HKLM-x32\...\ObjectDock Plus2.01) (Version: 2.01 - Stardock Corporation)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
PhonerLite 2.10 (HKLM-x32\...\PhonerLite_is1) (Version: 2.10 - Heiko Sommerfeldt)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
RESCUE 2013 DEMO (HKCU\...\RESCUE 2013 DEMO) (Version: 1.00.00.00 - rondomedia GmbH)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - )
Rome - Total War - Gold Edition (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.6 - The Creative Assembly)
Secret Files: Sam Peters (HKLM-x32\...\Steam App 257220) (Version:  - )
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Start8 (HKLM-x32\...\Start8) (Version: 1.11 - Stardock Software, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CE9A9D7C-B6FB-4F6C-8BDE-9A1ADBBAC1EE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{00BBBFFE-8889-4953-956A-77DDE975A947}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{BF0D921F-E77E-4E03-BE71-46D9D2C7A36A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Visual F# 3.1 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 SDK Language Pack - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS Language Pack - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2012 Verification SDK (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Visual Studio 2012-Verifizierungs-SDK - deu (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites - DEU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)
Visual Studio 2013 的 Microsoft Report Viewer 附加元件 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Visual Studio 2013용 Microsoft Report Viewer 추가 기능 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 2.1.30501.00 - Microsoft Corporation) Hidden
ViUpdater (HKLM-x32\...\ViUpdater) (Version: 1.0.0.3 - Lee-Soft.com)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows 8 Development Essentials (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Azure Mobile Services SDK (x32 Version: 1.0.20401.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio - v1.1 (x32 Version: 1.1.20407.1601 - Microsoft Corporation) Hidden
Windows Azure Mobile Services-Tools für Visual Studio Language Pack - v1.1 (x32 Version: 1.1.20407.1601 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20410.1601 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - March 2014 Update - v2.2 (x32 Version: 2.2.20311.1602 - Microsoft) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Azure Tools für LightSwitch für Visual Studio 2013 - $(var.OOBPublishVersion) (DEU) (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Azure Tools für LightSwitch für Visual Studio 2013 - Update März 2014 - $(var.OOBPublishVersion) (DEU) (x32 Version: 2.2.20311.1602 - Microsoft) Hidden
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{940596e5-652a-4970-8a5a-492e73ed0fbb}) (Version: 12.0.30501.0 - Microsoft Corporation)
Windows Phone 8.1 SDK - ARM (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - Desktop (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - x64 (Version: 8.1.12358 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - x86 (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden
Windows Phone 8.1 Tools for Visual Studio 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone 8.1 Tools for Visual Studio Professional 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone 8.1-Tools für Visual Studio 2013 - DEU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone 8.1-Tools für Visual Studio Professional 2013 - DEU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0 Assemblies (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - de-de (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Xirrus Wi-Fi Inspector (HKLM-x32\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-907550391-924612775-1523764202-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907550391-924612775-1523764202-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907550391-924612775-1523764202-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907550391-924612775-1523764202-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907550391-924612775-1523764202-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907550391-924612775-1523764202-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907550391-924612775-1523764202-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907550391-924612775-1523764202-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-907550391-924612775-1523764202-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

16-07-2014 15:41:47 Windows Update
17-07-2014 22:01:12 Installed Bonjour
17-07-2014 22:01:41 Installed Air Display Support
24-07-2014 15:30:41 Windows Update
27-07-2014 12:24:33 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {12B4BEA5-E259-4EAE-861E-EB2186D53079} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {192CED00-1698-4133-ACF2-713C3BCE8B94} - System32\Tasks\Games\UpdateCheck_S-1-5-21-907550391-924612775-1523764202-1001
Task: {1A255871-98CB-4223-93EF-F137B70CE822} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {22F3F2DA-EEA2-4A01-B943-A6F167E77FC2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {38CA3A14-AA23-4894-836D-493A8ED67557} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3CC0B16F-851D-4009-9403-AC4EBEC66906} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-11] (Microsoft Corporation)
Task: {3E46130A-3E27-4CAD-BAE6-8EC5161C1C00} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {4F244C2C-9275-4BA0-A74A-FC10EB924084} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-17] (Google Inc.)
Task: {53AC99F5-98CC-4754-B7F1-C8F30E11BB4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-17] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D5B9252A-817C-4C6D-B4A5-66575CAC8F9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11] (Adobe Systems Incorporated)
Task: {DC70391D-53A0-4209-91C6-D37BF80BE77F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-10] (AVAST Software)
Task: {E0ECEEBA-F496-45E3-99D9-F432F1B0DF2A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-11-12 01:49 - 2011-11-12 01:49 - 00730624 _____ () C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.dll
2013-04-05 12:58 - 2013-04-05 12:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-04-04 16:03 - 2014-05-13 10:52 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-11 20:21 - 2014-02-11 20:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-02-11 20:21 - 2014-02-11 20:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-08-25 10:55 - 2013-08-25 10:55 - 00860160 _____ () C:\Program Files\Avatron\Air Display\libGLESv2.dll
2013-08-25 11:10 - 2013-08-25 11:10 - 01043968 _____ () C:\Program Files\Avatron\Air Display\platforms\qwindows.dll
2013-08-25 10:56 - 2013-08-25 10:56 - 00052736 _____ () C:\Program Files\Avatron\Air Display\libEGL.dll
2012-08-06 12:11 - 2012-08-06 12:11 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-10-06 09:43 - 2014-07-18 00:07 - 00601144 _____ () C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-01-23 17:05 - 2014-01-23 17:05 - 01424552 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2014-08-01 00:25 - 2014-08-01 00:25 - 00050477 _____ () C:\Users\Thore93\Desktop\Defogger.exe
2014-07-10 23:32 - 2014-07-10 23:32 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-01 00:04 - 2014-08-01 00:04 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14073101\algo.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-22 18:33 - 2014-07-12 02:53 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-05-22 18:33 - 2014-07-12 02:53 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-09 08:19 - 2014-07-12 02:53 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-23 10:25 - 2014-07-12 02:53 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-03-25 14:23 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 18:34 - 2014-07-16 04:28 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-22 18:33 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-03-29 11:53 - 2014-07-16 04:28 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-26 16:16 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2011-11-12 01:49 - 2011-11-12 01:49 - 00626688 _____ () C:\Program Files (x86)\Stardock\ObjectDock Plus\DockShellHook.dll
2013-06-05 12:41 - 2014-07-18 00:07 - 36966968 _____ () C:\Users\Thore93\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-10 23:32 - 2014-07-10 23:32 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-01 00:16 - 2014-08-01 00:16 - 00043008 _____ () c:\users\thore93\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaervme.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Thore93\AppData\Roaming\Dropbox\bin\libcef.dll
2011-08-11 22:12 - 2013-04-04 16:37 - 00807936 _____ () C:\Program Files (x86)\Stardock\ObjectDock Plus\CrashRpt.dll
2011-08-11 22:12 - 2011-08-11 22:12 - 00053760 _____ () C:\Program Files (x86)\Stardock\ObjectDock Plus\zlib.dll
2011-08-11 22:12 - 2011-08-11 22:12 - 00094208 _____ () C:\Program Files (x86)\Stardock\ObjectDock Plus\Docklets\Clock\Clock.dll
2014-07-18 00:07 - 2014-07-18 00:07 - 00867896 _____ () C:\Users\Thore93\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-10-06 09:43 - 2014-07-18 00:07 - 00886840 _____ () C:\Users\Thore93\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-10-06 09:43 - 2014-07-18 00:07 - 00108600 _____ () C:\Users\Thore93\AppData\Roaming\Spotify\Data\libegl.dll
2013-04-05 07:28 - 2014-07-31 18:51 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Thore93\Desktop\2012-11-30 12.52.03.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Thore93\Desktop\IMG_1771.JPG:com.dropbox.attributes
AlternateDataStreams: C:\Users\Thore93\Desktop\IMG_1798.JPG:com.dropbox.attributes
AlternateDataStreams: C:\Users\Thore93\Desktop\P1040072.JPG:com.dropbox.attributes
AlternateDataStreams: C:\Users\Thore93\Desktop\P1040124.JPG:com.dropbox.attributes
AlternateDataStreams: C:\Users\Thore93\Desktop\P1040127.JPG:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/01/2014 00:13:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5310 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fd0

Startzeit: 01cfad0c791e1e1f

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: d5c91c13-18ff-11e4-becd-bc5ff45c7ab0

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/01/2014 00:13:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xf2c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (08/01/2014 00:04:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Vdfs32g.exe, Version: 2.6.0.0, Zeitstempel: 0x3f966949
Name des fehlerhaften Moduls: Vdfs32g.exe, Version: 2.6.0.0, Zeitstempel: 0x3f966949
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000171f
ID des fehlerhaften Prozesses: 0xd08
Startzeit der fehlerhaften Anwendung: 0xVdfs32g.exe0
Pfad der fehlerhaften Anwendung: Vdfs32g.exe1
Pfad des fehlerhaften Moduls: Vdfs32g.exe2
Berichtskennung: Vdfs32g.exe3
Vollständiger Name des fehlerhaften Pakets: Vdfs32g.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Vdfs32g.exe5

Error: (07/31/2014 10:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4469

Error: (07/31/2014 10:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4469

Error: (07/31/2014 10:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/31/2014 10:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3313

Error: (07/31/2014 10:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3313

Error: (07/31/2014 10:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/31/2014 10:17:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2219


System errors:
=============
Error: (08/01/2014 00:14:43 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎31.‎07.‎2014 um 22:16:00 unerwartet heruntergefahren.

Error: (08/01/2014 00:14:21 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (07/31/2014 10:17:49 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (07/30/2014 10:20:08 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (07/29/2014 07:06:12 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (07/27/2014 07:55:08 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (07/27/2014 03:42:32 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (07/27/2014 02:53:53 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (07/27/2014 10:13:43 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (07/26/2014 09:05:11 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


Microsoft Office Sessions:
=========================
Error: (08/01/2014 00:13:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.5310fd001cfad0c791e1e1f4294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exed5c91c13-18ff-11e4-becd-bc5ff45c7ab0

Error: (08/01/2014 00:13:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141bf2c01cfad0c7ad71ecfC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlld6e4a78b-18ff-11e4-becd-bc5ff45c7ab0

Error: (08/01/2014 00:04:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Vdfs32g.exe2.6.0.03f966949Vdfs32g.exe2.6.0.03f966949c00000050000171fd0801cfad0b6f4a49dfC:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Vdfs32g.exeC:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Vdfs32g.exead65f7bb-18fe-11e4-becd-bc5ff45c7ab0

Error: (07/31/2014 10:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4469

Error: (07/31/2014 10:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4469

Error: (07/31/2014 10:17:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/31/2014 10:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3313

Error: (07/31/2014 10:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3313

Error: (07/31/2014 10:17:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/31/2014 10:17:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2219


==================== Memory info =========================== 

Percentage of memory in use: 70%
Total physical RAM: 4058.94 MB
Available physical RAM: 1177.68 MB
Total Pagefile: 5403.01 MB
Available Pagefile: 2790.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:593.83 GB) NTFS
Drive d: (TQIT) (CDROM) (Total:2.3 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 265B49C9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
GMER.txt
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-01 00:50:21
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000029 ST1000DM003-9YN162 rev.CC4B 931,51GB
Running: vpiqm2yl.exe; Driver: C:\Users\Thore93\AppData\Local\Temp\pxloapow.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\system32\svchost.exe[904] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                               000007f8b650f817 1 byte [62]
.text    C:\Windows\system32\atiesrxx.exe[964] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                       000007f8b64f177a 4 bytes [4F, B6, F8, 07]
.text    C:\Windows\system32\atiesrxx.exe[964] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                       000007f8b64f1782 4 bytes [4F, B6, F8, 07]
.text    C:\Windows\system32\dwm.exe[1020] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                                  000007f8b650f817 1 byte [62]
.text    C:\Windows\System32\svchost.exe[288] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                               000007f8b650f817 1 byte [62]
.text    C:\Windows\system32\svchost.exe[416] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                               000007f8b650f817 1 byte [62]
.text    C:\Windows\system32\atieclxx.exe[356] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                       000007f8b64f177a 4 bytes [4F, B6, F8, 07]
.text    C:\Windows\system32\atieclxx.exe[356] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                       000007f8b64f1782 4 bytes [4F, B6, F8, 07]
.text    C:\Windows\system32\atieclxx.exe[356] C:\Windows\system32\WSOCK32.dll!recvfrom + 742                                                                                                                                     000007f8b0ea1b32 4 bytes [EA, B0, F8, 07]
.text    C:\Windows\system32\atieclxx.exe[356] C:\Windows\system32\WSOCK32.dll!recvfrom + 750                                                                                                                                     000007f8b0ea1b3a 4 bytes [EA, B0, F8, 07]
.text    C:\Windows\System32\svchost.exe[780] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                               000007f8b650f817 1 byte [62]
.text    C:\Windows\system32\svchost.exe[1256] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                              000007f8b650f817 1 byte [62]
.text    C:\Windows\System32\spoolsv.exe[1832] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                       000007f8b64f177a 4 bytes [4F, B6, F8, 07]
.text    C:\Windows\System32\spoolsv.exe[1832] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                       000007f8b64f1782 4 bytes [4F, B6, F8, 07]
.text    C:\Windows\system32\taskhostex.exe[1868] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                           000007f8b650f817 1 byte [62]
.text    C:\Windows\system32\svchost.exe[1896] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                              000007f8b650f817 1 byte [62]
.text    C:\Windows\Explorer.EXE[1920] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                                      000007f8b650f817 1 byte [62]
.text    C:\Windows\Explorer.EXE[1920] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                                                         000007f8acc41532 4 bytes [C4, AC, F8, 07]
.text    C:\Windows\Explorer.EXE[1920] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                                                         000007f8acc4153a 4 bytes [C4, AC, F8, 07]
.text    C:\Windows\Explorer.EXE[1920] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                                                       000007f8acc4165a 4 bytes [C4, AC, F8, 07]
.text    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2916] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306                                                                                         000007f8b64f177a 4 bytes [4F, B6, F8, 07]
.text    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[2916] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314                                                                                         000007f8b64f1782 4 bytes [4F, B6, F8, 07]
.text    C:\Windows\system32\SearchIndexer.exe[3244] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                        000007f8b650f817 1 byte [62]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4416] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                          000007f8b650f817 1 byte [62]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4416] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306                                                                                                   000007f8b64f177a 4 bytes [4F, B6, F8, 07]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4416] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314                                                                                                   000007f8b64f1782 4 bytes [4F, B6, F8, 07]
.text    C:\Windows\system32\wbem\wmiprvse.exe[4116] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                        000007f8b650f817 1 byte [62]
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[2028] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                 000007f8b650f817 1 byte [62]
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[2028] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                    000007f8acc41532 4 bytes [C4, AC, F8, 07]
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[2028] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                    000007f8acc4153a 4 bytes [C4, AC, F8, 07]
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe[2028] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                  000007f8acc4165a 4 bytes [C4, AC, F8, 07]
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[4852] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                              000007f8acc41532 4 bytes [C4, AC, F8, 07]
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[4852] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                              000007f8acc4153a 4 bytes [C4, AC, F8, 07]
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[4852] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                            000007f8acc4165a 4 bytes [C4, AC, F8, 07]
.text    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[4720] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 163                                                                                          000007f8b650f817 1 byte [62]
.text    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[4160] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 163                                                                                          000007f8b650f817 1 byte [62]
.text    C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.exe[336] C:\Windows\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                    000007f8b650f817 1 byte [62]
.text    C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.exe[336] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306                                                                                             000007f8b64f177a 4 bytes [4F, B6, F8, 07]
.text    C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.exe[336] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314                                                                                             000007f8b64f1782 4 bytes [4F, B6, F8, 07]
.text    C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDockTray.exe[2592] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 163                                                                                           000007f8b650f817 1 byte [62]

---- Threads - GMER 2.1 ----

Thread   C:\Windows\system32\csrss.exe [636:1032]                                                                                                                                                                                 fffff9600081f5e8
---- Processes - GMER 2.1 ----

Library  C:\Users\Thore93\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Thore93\AppData\Roaming\Dropbox\bin\Dropbox.exe [5520](2014-07-21 20:53:38)                                                0000000003fb0000
Library  c:\users\thore93\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaervme.dll (*** suspicious ***) @ C:\Users\Thore93\AppData\Roaming\Dropbox\bin\Dropbox.exe [5520](2014-07-31 22:16:19)  0000000004680000
Library  C:\Users\Thore93\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Thore93\AppData\Roaming\Dropbox\bin\Dropbox.exe [5520](2013-10-18 23:55:02)                                                      000000005af90000
Library  C:\Users\Thore93\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Thore93\AppData\Roaming\Dropbox\bin\Dropbox.exe [5520] (ICU Data DLL/The ICU Project)(2013-10-18 23:55:00)                        000000005a600000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                                                                                                        -518986336

---- EOF - GMER 2.1 ----
         
Danke

Alt 01.08.2014, 14:27   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Standard

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Zitat:
Platform: Windows 8 Pro (X64)
Microsoft Office Professional Plus 2013
Microsoft Visual Studio Professional 2013
Gewerblich genutztes System?

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.08.2014, 14:33   #6
medicus93
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Standard

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Nein, gibt's für Studenten kostenlos bei Microsoft Dreamspark.

Alt 01.08.2014, 14:36   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Standard

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Ok, danke für die Erklärung


Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.08.2014, 14:36   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Standard

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Ok, danke für die Erklärung


Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.08.2014, 22:32   #9
medicus93
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Standard

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Hey,

nein, mein Virenscanner hat vorher nie Alarm geschlagen.

FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by Thore93 (administrator) on PC on 01-08-2014 23:30:52
Running from C:\Users\Thore93\Desktop
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avatron Software) C:\Program Files\Avatron\Air Display\AVTHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Thore93\AppData\Roaming\Spotify\spotify.exe
(Avatron Software, Inc) C:\Program Files\Avatron\Air Display\AirDisplay.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\Thore93\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.exe
(Microsoft) C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDockTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-07-16] (Valve Corporation)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [ViUpdater] => C:\Program Files (x86)\ViUpdater\ViUpdater.exe [122880 2013-01-11] (Lee-Soft.com)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Spotify Web Helper] => C:\Users\Thore93\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Spotify] => C:\Users\Thore93\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\Run: [Air Display Support] => C:\Program Files\Avatron\Air Display\AirDisplay.exe [4189688 2013-12-04] (Avatron Software, Inc)
HKU\S-1-5-21-907550391-924612775-1523764202-1001\...\MountPoints2: {83a67c74-8f24-11e2-be65-806e6f6e6963} - "D:\Launch.exe" 
AppInit_DLLs-x32: AirfoilInject3.dll => "AirfoilInject3.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Thore93\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe (Stardock)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thore93\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9EA193AC3223CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: No Name -> {0124123D-61B4-456f-AF86-78C53A0790C5} ->  No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {0124123D-61B4-456f-AF86-78C53A0790C5} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default
FF NetworkProxy: "http", "223.30.31.160"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxyProxy Standard - C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default\Extensions\foxyproxy@eric.h.jung [2014-05-27]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default\Extensions\ich@maltegoetz.de [2014-05-22]
FF Extension: YouTube ALL HTML5 - C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2014-05-22]
FF Extension: Tab notifier - C:\Users\Thore93\AppData\Roaming\Mozilla\Firefox\Profiles\kn7d91tv.default\Extensions\tabnotifier@unusoft.it.xpi [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-23]

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Google Wallet) - C:\Users\Thore93\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-10] (AVAST Software)
R2 AVTHelper; C:\Program Files\Avatron\Air Display\AVTHelper.exe [237048 2013-12-04] (Avatron Software)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2012-07-26] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-13] ()
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-01-31] (Stardock Software, Inc)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AirDisplayWDDM; C:\Windows\system32\DRIVERS\AVWDDMMiniPort.sys [48632 2013-12-04] (Windows (R) Win 7 DDK provider)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-10] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-03-17] ()
R0 AVPCIFilter; C:\Windows\System32\drivers\AVPCIFilter.sys [36344 2013-12-04] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-04-10] (DT Soft Ltd)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-05-04] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-03-17] ()
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [38272 2013-05-25] (Windows (R) Win 7 DDK provider)
S3 cpuz137; \??\C:\Users\Thore93\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta\Hardware Monitor for G15 V1.0.1-Beta\res\HardwareMonitorProzess.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 23:30 - 2014-08-01 23:30 - 02094080 _____ (Farbar) C:\Users\Thore93\Desktop\FRST64.exe
2014-08-01 23:30 - 2014-08-01 23:30 - 00023451 _____ () C:\Users\Thore93\Desktop\FRST.txt
2014-08-01 00:50 - 2014-08-01 00:50 - 00012430 _____ () C:\Users\Thore93\Desktop\GMER.log
2014-08-01 00:30 - 2014-08-01 00:30 - 00000086 _____ () C:\Users\Thore93\Desktop\Neues Textdokument.txt
2014-08-01 00:29 - 2014-08-01 00:29 - 00380416 _____ () C:\Users\Thore93\Desktop\vpiqm2yl.exe
2014-08-01 00:26 - 2014-08-01 23:30 - 00000000 ____D () C:\FRST
2014-08-01 00:25 - 2014-08-01 00:25 - 00050477 _____ () C:\Users\Thore93\Desktop\Defogger.exe
2014-08-01 00:25 - 2014-08-01 00:25 - 00000546 _____ () C:\Users\Thore93\Desktop\defogger_disable.log
2014-08-01 00:25 - 2014-08-01 00:25 - 00000168 _____ () C:\Users\Thore93\defogger_reenable
2014-07-31 19:30 - 2014-07-31 19:30 - 00002102 _____ () C:\Users\Thore93\Desktop\GothicStarter.exe - Verknüpfung.lnk
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-27 14:35 - 2014-07-27 14:35 - 03031183 _____ (${MOD_COMP}) C:\Users\Thore93\Downloads\gothic2_fix-2.6.0.0-rev2.exe
2014-07-27 14:35 - 2014-07-27 14:35 - 00026684 _____ () C:\Users\Thore93\Downloads\download_278.htm
2014-07-27 14:24 - 2014-07-27 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-07-27 14:21 - 2014-07-27 14:22 - 75281126 _____ (Tricky) C:\Users\Thore93\Downloads\MiniMod_Balance-2.52.exe
2014-07-25 00:06 - 2014-07-25 00:04 - 00033280 _____ () C:\Users\Thore93\Desktop\DBInfoBuilder.exe
2014-07-25 00:05 - 2014-07-25 00:05 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Microsoft FxCop
2014-07-24 23:42 - 2014-07-24 23:42 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\NuGet
2014-07-24 23:31 - 2014-07-24 23:31 - 00000000 ____D () C:\Program Files\Windows Identity Foundation
2014-07-24 23:18 - 2014-07-24 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2014-07-24 23:18 - 2014-07-24 23:18 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Silverlight Kits
2014-07-24 23:15 - 2014-07-24 23:56 - 00000000 ____D () C:\Users\Thore93\Documents\Visual Studio 2013
2014-07-24 23:14 - 2014-07-24 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE
2014-07-24 23:09 - 2014-07-24 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files\Microsoft Identity Extensions
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files (x86)\Workflow Manager Tools
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK
2014-07-24 23:06 - 2014-07-24 23:06 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-24 23:06 - 2014-07-24 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-24 23:03 - 2014-07-24 23:12 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-07-24 23:03 - 2014-07-24 23:03 - 00000000 ____D () C:\Program Files\Application Verifier
2014-07-24 23:03 - 2014-07-24 23:03 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-07-24 22:58 - 2014-07-24 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-07-24 22:55 - 2014-07-24 22:55 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2014-07-24 22:52 - 2014-07-24 22:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-07-24 22:51 - 2014-07-24 22:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\ProgramData\NuGet
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files\IIS Express
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files (x86)\IIS Express
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files\IIS
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files (x86)\IIS
2014-07-24 22:48 - 2014-07-24 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-07-24 22:43 - 2014-07-24 22:48 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2014-07-24 22:40 - 2014-07-24 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-07-24 22:40 - 2014-07-24 22:45 - 00000000 ____D () C:\Windows\SysWOW64\1031
2014-07-24 22:40 - 2014-07-24 22:42 - 00000000 ____D () C:\Windows\system32\1033
2014-07-24 22:40 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-07-24 22:34 - 2014-07-24 22:34 - 00000000 ____D () C:\Windows\symbols
2014-07-24 22:33 - 2014-07-24 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2014-07-24 22:33 - 2014-07-24 22:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-07-24 22:32 - 2014-07-24 23:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-07-24 22:32 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\system32\1031
2014-07-24 22:32 - 2014-07-24 22:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2014-07-24 22:31 - 2014-07-24 23:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-07-24 22:31 - 2014-07-24 22:31 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
2014-07-24 22:27 - 2013-09-13 21:21 - 00030312 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2014-07-24 22:27 - 2013-09-13 21:21 - 00028776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2014-07-24 22:22 - 2014-07-24 22:22 - 00720896 _____ () C:\Users\Thore93\Downloads\SDM_DE.msi
2014-07-24 22:22 - 2014-07-24 22:22 - 00003153 _____ () C:\Users\Thore93\Desktop\Secure Download Manager.lnk
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\Downloads\Visual Studio Professional 2013 with Update 2 - 32 Bit - Web Installer (German)
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\e-academy Inc
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\AppData\Local\e-academy Inc
2014-07-24 18:22 - 2013-01-10 00:04 - 00001082 _____ () C:\Users\Thore93\Documents\Dokumente.lnk
2014-07-19 18:10 - 2014-08-01 22:30 - 00000000 ____D () C:\Users\Thore93\AppData\Local\CrashDumps
2014-07-18 00:02 - 2014-07-18 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Display
2014-07-18 00:01 - 2014-07-18 00:01 - 00000000 ____D () C:\Program Files\Avatron
2014-07-17 23:59 - 2014-07-18 00:00 - 50738552 _____ (Avatron Software, Inc. ) C:\Users\Thore93\Downloads\AirDisplay_Setup.exe
2014-07-17 22:12 - 2014-07-17 22:12 - 00041390 _____ () C:\Users\Thore93\Desktop\Player.swf
2014-07-16 15:20 - 2014-07-24 23:33 - 00465688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-16 15:17 - 2014-07-23 15:11 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-16 15:17 - 2014-07-16 17:14 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Thore93\Documents\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-16 15:17 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2014-07-16 15:15 - 2014-07-16 15:15 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Thore93\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-16 15:03 - 2014-07-16 15:03 - 00000000 ____D () C:\Users\Thore93\Desktop\unl-titc
2014-07-11 09:01 - 2014-06-26 22:53 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-11 09:01 - 2014-06-26 22:53 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 23:54 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 23:54 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 23:54 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 23:54 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-10 23:54 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-10 23:54 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-10 23:54 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 23:54 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-10 23:54 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-10 23:54 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-10 23:54 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-10 23:54 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-10 23:54 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-10 23:54 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-10 23:54 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-10 23:54 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 23:54 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-10 23:54 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 23:54 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-10 23:52 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 23:52 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 23:52 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-10 23:52 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-10 23:52 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 23:52 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 23:52 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 23:52 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 23:52 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 23:52 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 23:52 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 23:52 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 23:52 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 23:52 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 23:52 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 23:52 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 23:52 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-10 23:52 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 23:52 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 23:52 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 23:32 - 2014-07-10 23:32 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-04 21:10 - 2014-07-04 21:10 - 10140512 _____ () C:\Users\Thore93\Downloads\AirfoilInstaller.exe
2014-07-02 23:46 - 2014-07-02 23:46 - 00000000 ____D () C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta
2014-07-02 23:45 - 2014-07-02 23:45 - 00405283 _____ () C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta.rar
2014-07-02 23:43 - 2014-07-02 23:43 - 00125420 _____ () C:\Users\Thore93\Downloads\lcd_fonts_install_v1.91.zip
2014-07-02 23:43 - 2014-07-02 23:43 - 00000000 ____D () C:\Users\Thore93\Downloads\lcd_fonts_install_v1.91
2014-07-02 23:37 - 2014-07-02 23:37 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Logitech
2014-07-02 23:37 - 2014-07-02 23:37 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-07-02 23:36 - 2014-07-02 23:37 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-07-02 23:36 - 2014-07-02 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-07-02 23:35 - 2014-07-02 23:35 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Logitech
2014-07-02 23:35 - 2014-07-02 23:35 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Logishrd
2014-07-02 23:33 - 2014-07-02 23:34 - 62122112 _____ (Logitech Inc.) C:\Users\Thore93\Downloads\LGS_8.53.154_x64_Logitech.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 23:31 - 2014-08-01 23:30 - 00023451 _____ () C:\Users\Thore93\Desktop\FRST.txt
2014-08-01 23:30 - 2014-08-01 23:30 - 02094080 _____ (Farbar) C:\Users\Thore93\Desktop\FRST64.exe
2014-08-01 23:30 - 2014-08-01 00:26 - 00000000 ____D () C:\FRST
2014-08-01 23:29 - 2013-06-05 17:19 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Skype
2014-08-01 23:23 - 2013-03-17 19:15 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-01 23:08 - 2013-04-08 00:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-01 23:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-01 22:49 - 2014-03-28 12:26 - 02037417 _____ () C:\Windows\WindowsUpdate.log
2014-08-01 22:30 - 2014-07-19 18:10 - 00000000 ____D () C:\Users\Thore93\AppData\Local\CrashDumps
2014-08-01 22:30 - 2013-06-05 12:41 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Spotify
2014-08-01 22:30 - 2013-03-17 12:47 - 00000000 ___RD () C:\Users\Thore93\Dropbox
2014-08-01 22:30 - 2013-03-17 12:46 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Dropbox
2014-08-01 22:29 - 2013-04-04 15:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-01 22:29 - 2013-03-17 19:15 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-01 10:33 - 2012-07-26 12:27 - 00797144 _____ () C:\Windows\system32\perfh007.dat
2014-08-01 10:33 - 2012-07-26 12:27 - 00174008 _____ () C:\Windows\system32\perfc007.dat
2014-08-01 10:33 - 2012-07-26 09:28 - 01864118 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-01 10:28 - 2014-03-23 18:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-01 10:27 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-01 00:50 - 2014-08-01 00:50 - 00012430 _____ () C:\Users\Thore93\Desktop\GMER.log
2014-08-01 00:30 - 2014-08-01 00:30 - 00000086 _____ () C:\Users\Thore93\Desktop\Neues Textdokument.txt
2014-08-01 00:29 - 2014-08-01 00:29 - 00380416 _____ () C:\Users\Thore93\Desktop\vpiqm2yl.exe
2014-08-01 00:25 - 2014-08-01 00:25 - 00050477 _____ () C:\Users\Thore93\Desktop\Defogger.exe
2014-08-01 00:25 - 2014-08-01 00:25 - 00000546 _____ () C:\Users\Thore93\Desktop\defogger_disable.log
2014-08-01 00:25 - 2014-08-01 00:25 - 00000168 _____ () C:\Users\Thore93\defogger_reenable
2014-08-01 00:25 - 2013-03-17 19:09 - 00000000 ____D () C:\Users\Thore93
2014-08-01 00:21 - 2013-04-04 14:04 - 00000000 ____D () C:\Users\Thore93\AppData\Local\20DF8BEE-6876-436E-B6B2-222F2D9495C3.aplzod
2014-08-01 00:14 - 2014-04-05 18:55 - 00054638 _____ () C:\Windows\PFRO.log
2014-08-01 00:14 - 2013-04-05 07:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 00:14 - 2013-04-04 14:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-31 19:30 - 2014-07-31 19:30 - 00002102 _____ () C:\Users\Thore93\Desktop\GothicStarter.exe - Verknüpfung.lnk
2014-07-30 19:41 - 2014-01-10 18:51 - 00000132 _____ () C:\Users\Thore93\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-30 19:34 - 2014-07-30 19:34 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-07-29 23:57 - 2013-03-17 19:09 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Packages
2014-07-29 18:31 - 2013-06-05 12:41 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Spotify
2014-07-27 14:35 - 2014-07-27 14:35 - 03031183 _____ (${MOD_COMP}) C:\Users\Thore93\Downloads\gothic2_fix-2.6.0.0-rev2.exe
2014-07-27 14:35 - 2014-07-27 14:35 - 00026684 _____ () C:\Users\Thore93\Downloads\download_278.htm
2014-07-27 14:25 - 2014-03-28 13:14 - 00091841 _____ () C:\Windows\DirectX.log
2014-07-27 14:24 - 2014-07-27 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-07-27 14:22 - 2014-07-27 14:21 - 75281126 _____ (Tricky) C:\Users\Thore93\Downloads\MiniMod_Balance-2.52.exe
2014-07-27 12:57 - 2013-04-04 15:53 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-27 11:00 - 2013-04-04 00:03 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Microsoft Help
2014-07-25 16:54 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-07-25 16:42 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-25 16:40 - 2013-03-17 19:15 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-907550391-924612775-1523764202-1001
2014-07-25 16:32 - 2013-03-17 12:46 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-25 00:05 - 2014-07-25 00:05 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Microsoft FxCop
2014-07-25 00:04 - 2014-07-25 00:06 - 00033280 _____ () C:\Users\Thore93\Desktop\DBInfoBuilder.exe
2014-07-24 23:56 - 2014-07-24 23:15 - 00000000 ____D () C:\Users\Thore93\Documents\Visual Studio 2013
2014-07-24 23:42 - 2014-07-24 23:42 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\NuGet
2014-07-24 23:33 - 2014-07-16 15:20 - 00465688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-24 23:32 - 2014-03-02 11:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 23:32 - 2014-03-02 11:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 23:32 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-24 23:31 - 2014-07-24 23:31 - 00000000 ____D () C:\Program Files\Windows Identity Foundation
2014-07-24 23:30 - 2013-07-30 10:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-24 23:18 - 2014-07-24 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2014-07-24 23:18 - 2014-07-24 23:18 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Silverlight Kits
2014-07-24 23:14 - 2014-07-24 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE
2014-07-24 23:12 - 2014-07-24 23:03 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-07-24 23:12 - 2014-07-24 22:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-07-24 23:09 - 2014-07-24 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch
2014-07-24 23:09 - 2014-07-24 22:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files\Microsoft Identity Extensions
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files (x86)\Workflow Manager Tools
2014-07-24 23:08 - 2014-07-24 23:08 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK
2014-07-24 23:07 - 2013-05-31 16:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-07-24 23:07 - 2013-04-04 00:06 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-07-24 23:06 - 2014-07-24 23:06 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-24 23:06 - 2014-07-24 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-24 23:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-24 23:03 - 2014-07-24 23:03 - 00000000 ____D () C:\Program Files\Application Verifier
2014-07-24 23:03 - 2014-07-24 23:03 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-07-24 23:03 - 2014-07-24 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-07-24 22:55 - 2014-07-24 22:55 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2014-07-24 22:55 - 2013-03-17 14:34 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-24 22:53 - 2014-07-24 22:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-07-24 22:51 - 2014-07-24 22:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\ProgramData\NuGet
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files\IIS Express
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-07-24 22:50 - 2014-07-24 22:50 - 00000000 ____D () C:\Program Files (x86)\IIS Express
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files\IIS
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services
2014-07-24 22:49 - 2014-07-24 22:49 - 00000000 ____D () C:\Program Files (x86)\IIS
2014-07-24 22:48 - 2014-07-24 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-07-24 22:48 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-07-24 22:48 - 2014-07-24 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-07-24 22:45 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\SysWOW64\1031
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-07-24 22:43 - 2014-07-24 22:43 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2014-07-24 22:42 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\system32\1033
2014-07-24 22:40 - 2014-07-24 22:40 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-07-24 22:40 - 2014-07-24 22:32 - 00000000 ____D () C:\Windows\system32\1031
2014-07-24 22:34 - 2014-07-24 22:34 - 00000000 ____D () C:\Windows\symbols
2014-07-24 22:33 - 2014-07-24 22:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2014-07-24 22:33 - 2014-07-24 22:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-07-24 22:32 - 2014-07-24 22:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2014-07-24 22:32 - 2014-03-29 21:14 - 00004748 _____ () C:\Windows\setupact.log
2014-07-24 22:32 - 2013-03-17 14:34 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-24 22:31 - 2014-07-24 22:31 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
2014-07-24 22:22 - 2014-07-24 22:22 - 00720896 _____ () C:\Users\Thore93\Downloads\SDM_DE.msi
2014-07-24 22:22 - 2014-07-24 22:22 - 00003153 _____ () C:\Users\Thore93\Desktop\Secure Download Manager.lnk
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\Downloads\Visual Studio Professional 2013 with Update 2 - 32 Bit - Web Installer (German)
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\e-academy Inc
2014-07-24 22:22 - 2014-07-24 22:22 - 00000000 ____D () C:\Users\Thore93\AppData\Local\e-academy Inc
2014-07-24 18:22 - 2013-03-17 19:20 - 00000000 ____D () C:\ProgramData\Stardock
2014-07-24 17:32 - 2014-03-02 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 15:11 - 2014-07-16 15:17 - 00000000 ____D () C:\ProgramData\Tunngle
2014-07-22 13:07 - 2013-05-09 18:58 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\vlc
2014-07-19 18:09 - 2013-10-05 11:23 - 00000000 ____D () C:\Users\Thore93\Documents\Rezepte
2014-07-18 00:02 - 2014-07-18 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Display
2014-07-18 00:01 - 2014-07-18 00:01 - 00000000 ____D () C:\Program Files\Avatron
2014-07-18 00:00 - 2014-07-17 23:59 - 50738552 _____ (Avatron Software, Inc. ) C:\Users\Thore93\Downloads\AirDisplay_Setup.exe
2014-07-17 22:12 - 2014-07-17 22:12 - 00041390 _____ () C:\Users\Thore93\Desktop\Player.swf
2014-07-16 17:45 - 2013-04-04 00:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-16 17:44 - 2013-04-04 00:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-16 17:14 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Thore93\Documents\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-16 15:17 - 2014-07-16 15:17 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-07-16 15:15 - 2014-07-16 15:15 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Thore93\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-16 15:03 - 2014-07-16 15:03 - 00000000 ____D () C:\Users\Thore93\Desktop\unl-titc
2014-07-11 08:58 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 08:58 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 08:58 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 08:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-11 00:20 - 2013-08-15 21:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 00:17 - 2013-03-20 21:22 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-11 00:17 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-11 00:08 - 2013-04-08 00:04 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 23:37 - 2014-03-23 18:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-10 23:32 - 2014-07-10 23:32 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-10 23:32 - 2014-05-01 13:08 - 00001996 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-10 23:32 - 2014-05-01 13:07 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-10 23:32 - 2014-03-23 18:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-10 23:32 - 2014-03-23 18:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-04 21:10 - 2014-07-04 21:10 - 10140512 _____ () C:\Users\Thore93\Downloads\AirfoilInstaller.exe
2014-07-03 18:01 - 2014-05-27 08:45 - 00000000 ____D () C:\Users\Thore93\Documents\Arztbefunde
2014-07-02 23:46 - 2014-07-02 23:46 - 00000000 ____D () C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta
2014-07-02 23:45 - 2014-07-02 23:45 - 00405283 _____ () C:\Users\Thore93\Downloads\Hardware Monitor for G15 V1.0.1-Beta.rar
2014-07-02 23:43 - 2014-07-02 23:43 - 00125420 _____ () C:\Users\Thore93\Downloads\lcd_fonts_install_v1.91.zip
2014-07-02 23:43 - 2014-07-02 23:43 - 00000000 ____D () C:\Users\Thore93\Downloads\lcd_fonts_install_v1.91
2014-07-02 23:41 - 2013-04-09 18:02 - 00505208 _____ () C:\Users\Thore93\Downloads\setup.exe
2014-07-02 23:37 - 2014-07-02 23:37 - 00000000 ____D () C:\Users\Thore93\AppData\Local\Logitech
2014-07-02 23:37 - 2014-07-02 23:37 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-07-02 23:37 - 2014-07-02 23:36 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-07-02 23:36 - 2014-07-02 23:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-07-02 23:35 - 2014-07-02 23:35 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Logitech
2014-07-02 23:35 - 2014-07-02 23:35 - 00000000 ____D () C:\Users\Thore93\AppData\Roaming\Logishrd
2014-07-02 23:34 - 2014-07-02 23:33 - 62122112 _____ (Logitech Inc.) C:\Users\Thore93\Downloads\LGS_8.53.154_x64_Logitech.exe

Some content of TEMP:
====================
C:\Users\Thore93\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjwavyb.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-22 13:53

==================== End Of Log ============================
         
--- --- ---

Alt 01.08.2014, 22:45   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Standard

Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"



Ähm sry. Ich glaub irgendwie hat die Forensoftware gesponnen oder meine inet Verbindung.
Es sollte nicht doppelt gepostet werden und neue FRST Logs hätten auch so keinen Sinn gemacht (das ist meine Schuld )

Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"
adware, arbeiten, avast, dubiose, firefox, free, immer wieder, inter, interne, internet, nichts, plötzlich, rum, scan, scanner, software, standardbrowser, virenscan, virenscanner, webseite, windows, windows 8, öffnet




Ähnliche Themen: Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"


  1. Laptop ruft selbst die seite: http://98uj8.de/s3brsn5ba66mgfzeinrum#noad site:www.trojaner-board.de auf
    Log-Analyse und Auswertung - 15.08.2014 (11)
  2. http://98uj8.de/s3brsn5ba66mgfzeinrum#noad Öffnet mehrere Seiten im Firefox
    Plagegeister aller Art und deren Bekämpfung - 07.08.2014 (9)
  3. Browser öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad
    Plagegeister aller Art und deren Bekämpfung - 06.08.2014 (12)
  4. Webseite http://www.98uj8.de/s3brsn5ba66mgfzeinrum#noad öffnet sich von alleine
    Log-Analyse und Auswertung - 06.08.2014 (9)
  5. http://98uj8.de/s3brsn5ba66mgfzeinrum öffnet sich x mal
    Plagegeister aller Art und deren Bekämpfung - 06.08.2014 (18)
  6. http://98uj8.de/s3brsn5ba66mgfzeinrum#noad öffnet sich im Sekundentakt
    Log-Analyse und Auswertung - 05.08.2014 (5)
  7. http://98uj8.de/s3brsn5ba66mgfzeinrum#noad Öffnet sich mehrmals im Browser. :(
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (18)
  8. http://98uj8.de/ ... #noad #ad - Webbrowser öffnet sich ungewollt
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (3)
  9. Mein Computer hat eigenmächtig die Seite http://98uj8.de/s3brsn5ba66mgfzeinrum#noad aufgerufen
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (17)
  10. http://98uj8.de/s3brsn5ba66mgfzeinrum#noad öfnet sich hintereinander
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (9)
  11. h**p://98uj8.de/s3brsn5ba66mgfzeinrum#ad 98uj8.de öffnet sich selbstständig
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (17)
  12. http://98uj8.de/s3brsn5ba66mgfzeinrum#noad öffnet sich Mehrfach
    Plagegeister aller Art und deren Bekämpfung - 03.08.2014 (14)
  13. http://98uj8.de/s3brsn5ba66mgfzeinrum#noad öffnete sich selbstständig ca 30x
    Plagegeister aller Art und deren Bekämpfung - 02.08.2014 (4)
  14. Google Chrome öffnet 98uj8.de/s3brsn5ba66mgfzeinrum#noad selbstständig
    Plagegeister aller Art und deren Bekämpfung - 02.08.2014 (1)
  15. !KEINE FRAGE! meine lösung zum "98uj8.de/s3brsn5ba66mgfzeinrum#noad" problem
    Plagegeister aller Art und deren Bekämpfung - 01.08.2014 (3)
  16. Windows 7 Trojaner : h**p://98uj8.de/s3brsn5ba66mgfzeinrum#noad
    Plagegeister aller Art und deren Bekämpfung - 01.08.2014 (5)
  17. Windows 7: Firefox öffnet http://98uj8.de/s3brsn5ba66mgfzeinrum#noad
    Plagegeister aller Art und deren Bekämpfung - 01.08.2014 (2)

Zum Thema Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" - Hallo, eben beim Arbeiten hat mein PC plötzlich Firefox (Standardbrowser) geöffnet und in unzähligen Tabs immer wieder die Webseite "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" aufgerufen. Habe in letzter Zeit eigentlich keine dubiose Software aus - Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad"...
Archiv
Du betrachtest: Windows 8: Firefox öffnet aus dem nichts unzählige Male "hXXp://98uj8.de/s3brsn5ba66mgfzeinrum#noad" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.