Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Trojaner in exe gefunden - Überprüfung auf weitere Infektion (https://www.trojaner-board.de/156354-trojaner-exe-gefunden-uberpruefung-infektion.html)

xhunter61 11.07.2014 19:24
Trojaner in exe gefunden - Überprüfung auf weitere Infektion
 
Hallo, mein Chrome hat vorhin auf einer Seite eine .exe runtergeladen, die sofort von Avira als Trojaner des Types TR/ATRAPS.GEN erkannt wurde. Ich habe sie auch nicht geöffnet oder ähnliches, hab sie direkt gelöscht und dann noch den Papierkorb geleert. Jetzt will ich nur auf Nummer sicher gehen und überprüfen ob ich nicht doch noch den Trojaner im System hab. Deshalb hier meine Logfiles:

defogger_disable.txt:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:03 on 11/07/2014 (Ahmet)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST.txt:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Ahmet (administrator) on AHMET-UENAL on 11-07-2014 20:04:42
Running from E:\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Spotify Ltd) C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
() E:\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688984 2013-09-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-04] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-617964821-516803146-3288835976-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-10] (Valve Corporation)
HKU\S-1-5-21-617964821-516803146-3288835976-1001\...\Run: [Spotify] => C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Spotify\Spotify.exe [6189624 2014-06-27] (Spotify Ltd)
HKU\S-1-5-21-617964821-516803146-3288835976-1001\...\Run: [Spotify Web Helper] => C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-27] (Spotify Ltd)
HKU\S-1-5-21-617964821-516803146-3288835976-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-617964821-516803146-3288835976-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1313536 2014-04-01] (Bogdan Sharkov)
HKU\S-1-5-21-617964821-516803146-3288835976-1001\...\Run: [Google Update] => C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-08] (Google Inc.)
HKU\S-1-5-21-617964821-516803146-3288835976-1001\...\Run: [MusicManager] => C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-617964821-516803146-3288835976-1001\...\Run: [GoogleChromeAutoLaunch_B01A7CBEDF5E3D2FC268D07530C92B69] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-617964821-516803146-3288835976-1001\...\MountPoints2: {21d524e1-be5d-11e3-8265-e840f2a109c8} - "F:\CMADownloader.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [387536 2013-08-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [326224 2013-08-01] (NVIDIA Corporation)
Startup: C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inhaltsmanager-Assistent für PlayStation(R).lnk
ShortcutTarget: Inhaltsmanager-Assistent für PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD0A74DD28351CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Mozilla\Firefox\Profiles\o9m1j4m8.default-1404216395749
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ahmet.Ahmet-Uenal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash and Video Download - C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Mozilla\Firefox\Profiles\o9m1j4m8.default-1404216395749\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-07-05]
FF Extension: BetterTTV - C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Mozilla\Firefox\Profiles\o9m1j4m8.default-1404216395749\Extensions\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi [2014-07-01]
FF Extension: X-notifier - C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Mozilla\Firefox\Profiles\o9m1j4m8.default-1404216395749\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-07-01]
FF Extension: Adblock Plus - C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Mozilla\Firefox\Profiles\o9m1j4m8.default-1404216395749\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-18]

Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://www.sweet-page.com/?type=hp&ts=1400931003&from=cor&uid=SAMSUNGXSSDX830XSeries_S0WJNEAC809352"
CHR Extension: (Google Docs) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-29]
CHR Extension: (Google Drive) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-29]
CHR Extension: (YouTube) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-29]
CHR Extension: (Adblock Plus) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-19]
CHR Extension: (Google-Suche) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-29]
CHR Extension: (Tampermonkey) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-06-17]
CHR Extension: (Grooveshark Germany unlocker) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcnhmeicafddjdaeecddemnhnomiaai [2014-06-17]
CHR Extension: (FoxyProxy Standard) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2014-06-17]
CHR Extension: (NinjaKit) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpbepnljaakggeobkclonlkhbdgccfek [2014-06-17]
CHR Extension: (Stealthy) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-06-17]
CHR Extension: (Firebug Console) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jodfpogckhbcjamkfgjeicoiphpligka [2014-06-17]
CHR Extension: (Request Maker) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajfghlhfkcocafkcjlajldicbikpgnp [2014-06-17]
CHR Extension: (FVD Downloader) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-06-17]
CHR Extension: (Ghostery) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-06-17]
CHR Extension: (Google Wallet) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-29]
CHR Extension: (Google Mail) - C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-29]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107040 2014-05-10] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92560 2012-10-05] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20542408 2014-04-02] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Survarium Update Service; E:\Spiele\Survarium\game\binaries\x86\survarium_service.exe [77432 2014-04-25] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-06-05] (REALiX(tm))
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-11 20:04 - 2014-07-11 20:04 - 00000000 ____D () C:\FRST
2014-07-11 20:03 - 2014-07-11 20:03 - 00000000 _____ () C:\Users\Ahmet.Ahmet-Uenal\defogger_reenable
2014-07-11 18:40 - 2014-07-11 18:40 - 00001913 _____ () C:\Users\Public\Desktop\Blender.lnk
2014-07-11 18:40 - 2014-07-11 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
2014-07-11 18:40 - 2014-07-11 18:40 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-07-11 12:09 - 2014-07-11 12:09 - 00000022 _____ () C:\Windows\S.dirmngr
2014-07-10 16:16 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-07-10 14:12 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 14:12 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 14:12 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 14:12 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 14:12 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-10 14:12 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-07-10 14:12 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-07-10 14:12 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-07-10 14:12 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-07-10 14:12 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 14:11 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 14:11 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 14:11 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 14:11 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 14:11 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 14:11 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 14:11 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 14:11 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 14:11 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 14:11 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 14:11 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 14:11 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 14:11 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 14:11 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 14:11 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 14:11 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 14:11 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 14:11 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 14:11 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 14:11 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 14:11 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 14:11 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 14:11 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 14:11 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 14:11 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 14:11 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 14:11 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 14:11 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 14:11 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 14:11 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-10 14:11 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-07-10 14:11 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-07-10 14:11 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-07-10 14:11 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 14:11 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-10 14:11 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-10 14:11 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 14:11 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-10 14:11 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-10 14:11 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-10 14:11 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-07-10 14:11 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-10 14:11 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-07-10 14:11 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-10 14:02 - 2014-07-10 14:02 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-09 12:55 - 2014-07-09 12:55 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerFinal
2014-07-07 19:59 - 2014-07-07 19:59 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerTestv4
2014-07-06 22:25 - 2014-07-06 12:12 - 05016863 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerTestV1.2.0.1.jar
2014-07-06 18:02 - 2014-07-06 18:02 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Blizzard
2014-07-06 17:53 - 2014-07-06 17:53 - 00000789 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-07-06 17:53 - 2014-07-06 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-06 17:50 - 2014-07-11 16:55 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Battle.net
2014-07-06 17:50 - 2014-07-06 18:02 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Battle.net
2014-07-06 17:50 - 2014-07-06 17:50 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Blizzard Entertainment
2014-07-06 17:50 - 2014-07-06 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-07-06 17:50 - 2014-07-06 17:50 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-07-06 17:49 - 2014-07-06 17:49 - 00000000 ____D () C:\ProgramData\Battle.net
2014-07-05 12:53 - 2014-07-07 19:10 - 02455967 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\Modultest.pptx
2014-07-05 12:14 - 2014-07-05 12:14 - 00034570 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\tk.vsdx
2014-07-04 18:59 - 2014-07-04 18:59 - 00664768 _____ (Copyright© 2012-2013 Intel Corporation. All rights reserved.) C:\Users\Ahmet.Ahmet-Uenal\Downloads\Intel(R) WiDi Update Tool.exe
2014-07-02 16:04 - 2014-07-06 16:24 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\wf-launcher
2014-07-02 16:04 - 2014-07-06 16:06 - 00000000 ____D () C:\ProgramData\GFACE
2014-07-01 17:23 - 2014-07-01 17:23 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Skyrim
2014-07-01 15:45 - 2014-07-01 15:45 - 00112548 _____ () C:\Users\Ahmet.Ahmet-Uenal\Downloads\glg2d-0.3-20130222.215441-2.jar
2014-07-01 14:06 - 2014-07-01 14:06 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\Alte Firefox-Daten
2014-07-01 13:41 - 2014-07-01 13:41 - 00001177 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\Highscore.xml
2014-07-01 13:40 - 2014-06-28 16:30 - 05460075 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerTestV0.2.1.1b_debug.jar
2014-07-01 12:07 - 2014-07-01 12:08 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\.jprofiler8
2014-07-01 12:07 - 2014-07-01 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JProfiler 8
2014-07-01 12:06 - 2014-07-01 12:07 - 00000000 ____D () C:\Program Files\jprofiler8
2014-06-30 21:06 - 2014-06-30 21:07 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\PAYDAY 2
2014-06-25 21:10 - 2014-06-25 21:10 - 00000222 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\Arma 3.url
2014-06-21 19:39 - 2014-06-21 19:39 - 09091423 _____ (Electronic Arts) C:\Users\Ahmet.Ahmet-Uenal\Downloads\GameFaceBrowserPluginInstaller.1.8.0.0.exe
2014-06-21 19:39 - 2014-06-21 19:39 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Electronic Arts
2014-06-21 16:04 - 2014-06-21 16:04 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Documents\Telltale Games
2014-06-20 16:21 - 2014-06-20 16:21 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-06-20 12:11 - 2014-06-20 12:11 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\PAYDAY 2 (Demo)
2014-06-19 16:57 - 2014-07-06 22:28 - 00006219 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SaveState.save
2014-06-18 21:27 - 2014-06-18 21:29 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\FEZ
2014-06-18 21:27 - 2014-06-18 21:27 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-06-18 21:27 - 2014-06-18 21:27 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-06-18 21:27 - 2014-06-18 21:27 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-06-18 21:27 - 2014-06-18 21:27 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-06-18 21:27 - 2014-06-18 21:27 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-06-18 21:27 - 2014-06-18 21:23 - 00012005 _____ () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\alsoft.ini
2014-06-18 16:35 - 2014-06-18 16:35 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Documents\CCGLauncher
2014-06-18 16:35 - 2014-06-18 16:35 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\CCGLauncher
2014-06-18 16:35 - 2014-06-18 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCG Launcher
2014-06-18 16:35 - 2014-06-18 16:35 - 00000000 ____D () C:\Program Files (x86)\CCG Launcher
2014-06-18 16:33 - 2014-06-20 16:22 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\ArmA 2 OA
2014-06-18 16:03 - 2014-06-18 16:33 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Documents\ArmA 2
2014-06-18 16:03 - 2014-06-18 16:33 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-06-18 16:03 - 2014-06-18 16:03 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\ArmA 2
2014-06-18 16:03 - 2014-06-18 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-06-18 14:17 - 2014-06-18 14:17 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Wireshark
2014-06-18 14:14 - 2014-06-18 14:14 - 00001579 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2014-06-18 14:14 - 2014-06-18 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-06-18 14:14 - 2014-06-18 14:14 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-06-18 14:13 - 2014-06-18 14:14 - 00000000 ____D () C:\Program Files\Wireshark
2014-06-18 13:31 - 2014-06-18 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-16 16:46 - 2014-06-16 16:47 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\pixelchunk
2014-06-16 16:38 - 2014-06-16 16:38 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\apktool
2014-06-16 16:27 - 2014-06-27 17:59 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\androidworkspace
2014-06-16 16:27 - 2014-06-19 20:22 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\.android
2014-06-14 17:34 - 2014-06-14 17:34 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\LEd
2014-06-14 17:33 - 2014-06-14 17:51 - 00000000 ____D () C:\Program Files (x86)\LEd
2014-06-14 17:33 - 2014-06-14 17:33 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\AI-SE-Bsc-master
2014-06-14 17:29 - 2014-06-14 17:28 - 19589182 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\AI-SE-Bsc-master.zip
2014-06-13 14:05 - 2014-07-11 12:09 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\TSVNCache
2014-06-13 14:05 - 2014-06-13 14:06 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\TortoiseSVN
2014-06-13 14:04 - 2014-06-13 14:04 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\TortoiseSVN
2014-06-13 14:01 - 2014-06-13 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
2014-06-13 14:01 - 2014-06-13 14:01 - 00000000 ____D () C:\Program Files\TortoiseSVN
2014-06-13 14:01 - 2014-06-13 14:01 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays
2014-06-13 13:54 - 2014-06-13 13:54 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Subversion
2014-06-13 13:48 - 2014-06-13 13:48 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerTestv3-Gruppe-EF-Woche13-v4
2014-06-12 15:33 - 2014-06-17 16:39 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\NISPGP
2014-06-12 14:50 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:50 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 14:50 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 14:50 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 14:50 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 14:50 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 14:50 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-12 14:50 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 14:50 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-12 14:50 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-12 14:50 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:50 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 14:49 - 2014-06-12 14:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:49 - 2014-06-12 14:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 14:49 - 2014-06-12 14:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 14:49 - 2014-06-12 14:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 14:49 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-06-12 14:49 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-06-12 14:49 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-06-12 14:49 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-06-12 14:49 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2014-06-12 14:49 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-12 14:49 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-06-12 14:49 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-12 14:49 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-12 14:49 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-12 14:49 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-12 14:49 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-12 14:49 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-06-12 14:49 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-12 14:49 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-06-12 14:49 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-06-12 14:49 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-12 14:49 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-12 14:49 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-06-12 14:49 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-06-12 14:49 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-06-12 14:49 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-06-12 14:49 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-12 14:49 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-12 14:49 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-06-12 14:49 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-06-12 14:49 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-12 14:49 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-12 14:49 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-06-12 14:49 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-06-12 14:49 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-12 14:49 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-12 14:49 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-12 14:49 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-06-12 14:49 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-12 14:49 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-06-12 14:49 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-06-12 14:49 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-12 14:49 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-06-12 14:49 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-06-12 14:49 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-06-12 14:49 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-12 14:49 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-06-12 14:49 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-06-12 14:49 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-06-12 14:49 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-06-12 14:49 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-12 14:49 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-06-12 14:49 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-06-12 14:49 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-06-12 14:49 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-06-12 14:49 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-12 14:49 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-06-12 14:49 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-12 14:49 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-06-12 14:49 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-12 14:49 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-12 14:49 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-06-12 14:49 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-12 14:49 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-06-12 14:49 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-06-12 14:49 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-12 14:49 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-06-12 14:49 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-06-12 14:49 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-12 14:49 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-06-12 14:49 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-06-12 14:49 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-12 14:49 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-12 14:49 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-12 14:49 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-06-12 14:49 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-12 14:49 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-06-12 14:49 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-06-12 14:49 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-06-12 14:49 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-12 14:49 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-06-12 14:49 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-12 14:49 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-06-12 14:49 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-12 14:49 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-06-12 14:49 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-12 14:49 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-06-12 14:49 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-06-12 14:49 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-06-12 14:49 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-12 14:49 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-06-12 14:49 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-06-12 14:49 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-06-12 14:49 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-06-12 14:49 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-06-12 14:49 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-12 14:49 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-12 14:49 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-12 14:49 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-06-12 14:49 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-06-12 14:49 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-12 14:49 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-06-12 14:49 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-12 14:49 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-12 14:49 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2014-06-12 14:49 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-06-12 14:49 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2014-06-12 14:49 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-12 14:49 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2014-06-12 14:49 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-12 14:49 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-06-12 14:49 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-06-12 14:49 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-12 14:49 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-06-12 14:49 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-12 14:49 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-12 14:49 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-06-12 14:49 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-06-12 14:49 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-12 14:49 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-06-12 14:49 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-06-12 14:49 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-06-12 14:49 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-06-12 14:49 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-06-12 14:49 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-12 14:49 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-06-12 14:49 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-06-12 14:49 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-12 14:49 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-12 14:49 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-12 14:49 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-12 14:49 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-06-12 14:49 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-06-12 14:49 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-06-12 14:49 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-12 14:46 - 2014-06-12 14:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-11 21:01 - 2014-06-11 21:03 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\.kde
2014-06-11 21:01 - 2014-06-11 21:01 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\GNU
2014-06-11 21:01 - 2014-06-11 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2014-06-11 18:58 - 2014-06-17 16:36 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\gnupg
2014-06-11 18:58 - 2014-06-11 18:58 - 00000000 ____D () C:\ProgramData\GNU
2014-06-11 18:58 - 2014-06-11 18:58 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-06-11 11:38 - 2014-06-11 11:38 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\.mono

==================== One Month Modified Files and Folders =======

2014-07-11 20:04 - 2014-07-11 20:04 - 00000000 ____D () C:\FRST
2014-07-11 20:03 - 2014-07-11 20:03 - 00000000 _____ () C:\Users\Ahmet.Ahmet-Uenal\defogger_reenable
2014-07-11 20:03 - 2014-03-28 14:49 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal
2014-07-11 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-11 19:57 - 2014-03-28 14:01 - 01121477 _____ () C:\Windows\WindowsUpdate.log
2014-07-11 19:53 - 2014-03-28 16:09 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Skype
2014-07-11 19:53 - 2014-03-28 15:01 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{27CCFEBA-39F6-44F9-BE3A-87113F22BC2A}
2014-07-11 19:47 - 2014-03-28 15:05 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-617964821-516803146-3288835976-1001
2014-07-11 19:40 - 2014-05-08 21:25 - 00001168 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-617964821-516803146-3288835976-1001UA.job
2014-07-11 19:16 - 2014-03-29 19:56 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-11 19:06 - 2014-03-28 15:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-11 18:40 - 2014-07-11 18:40 - 00001913 _____ () C:\Users\Public\Desktop\Blender.lnk
2014-07-11 18:40 - 2014-07-11 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
2014-07-11 18:40 - 2014-07-11 18:40 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-07-11 17:42 - 2014-03-30 14:44 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Spotify
2014-07-11 16:55 - 2014-07-06 17:50 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Battle.net
2014-07-11 16:37 - 2014-03-28 15:13 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-11 15:16 - 2014-03-29 19:57 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-11 15:16 - 2014-03-29 19:56 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-11 13:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-11 13:29 - 2014-03-28 14:58 - 01780340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-11 13:29 - 2013-08-23 01:24 - 00766620 _____ () C:\Windows\system32\perfh007.dat
2014-07-11 13:29 - 2013-08-23 01:24 - 00159902 _____ () C:\Windows\system32\perfc007.dat
2014-07-11 12:13 - 2014-03-30 14:44 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Spotify
2014-07-11 12:10 - 2014-04-12 13:05 - 00000000 ___RD () C:\Users\Ahmet.Ahmet-Uenal\Dropbox
2014-07-11 12:10 - 2014-04-12 13:04 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\DropboxMaster
2014-07-11 12:10 - 2014-04-12 13:04 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox
2014-07-11 12:10 - 2014-03-29 14:02 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-07-11 12:10 - 2014-03-28 14:52 - 00000000 __RDO () C:\Users\Ahmet.Ahmet-Uenal\SkyDrive
2014-07-11 12:09 - 2014-07-11 12:09 - 00000022 _____ () C:\Windows\S.dirmngr
2014-07-11 12:09 - 2014-06-13 14:05 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\TSVNCache
2014-07-11 12:09 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-11 12:09 - 2013-08-22 16:44 - 00482496 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 22:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-07-10 22:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 22:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 22:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-07-10 22:45 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-10 22:40 - 2014-05-08 21:25 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-617964821-516803146-3288835976-1001Core.job
2014-07-10 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-10 16:18 - 2014-03-30 17:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 16:18 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-10 16:17 - 2014-03-30 17:16 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 16:17 - 2014-03-29 14:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-10 16:17 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-10 16:16 - 2014-03-29 14:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 16:15 - 2013-08-23 01:26 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 14:06 - 2014-03-28 21:02 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-10 14:02 - 2014-07-10 14:02 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-09 12:55 - 2014-07-09 12:55 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerFinal
2014-07-08 21:06 - 2014-03-28 15:10 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 19:59 - 2014-07-07 19:59 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerTestv4
2014-07-07 19:10 - 2014-07-05 12:53 - 02455967 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\Modultest.pptx
2014-07-06 22:28 - 2014-06-19 16:57 - 00006219 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SaveState.save
2014-07-06 18:02 - 2014-07-06 18:02 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Blizzard
2014-07-06 18:02 - 2014-07-06 17:50 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Battle.net
2014-07-06 17:53 - 2014-07-06 17:53 - 00000789 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-07-06 17:53 - 2014-07-06 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-06 17:50 - 2014-07-06 17:50 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Blizzard Entertainment
2014-07-06 17:50 - 2014-07-06 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-07-06 17:50 - 2014-07-06 17:50 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-07-06 17:49 - 2014-07-06 17:49 - 00000000 ____D () C:\ProgramData\Battle.net
2014-07-06 16:24 - 2014-07-02 16:04 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\wf-launcher
2014-07-06 16:06 - 2014-07-02 16:04 - 00000000 ____D () C:\ProgramData\GFACE
2014-07-06 12:12 - 2014-07-06 22:25 - 05016863 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerTestV1.2.0.1.jar
2014-07-05 17:41 - 2014-03-28 14:51 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Packages
2014-07-05 12:14 - 2014-07-05 12:14 - 00034570 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\tk.vsdx
2014-07-04 18:59 - 2014-07-04 18:59 - 00664768 _____ (Copyright© 2012-2013 Intel Corporation. All rights reserved.) C:\Users\Ahmet.Ahmet-Uenal\Downloads\Intel(R) WiDi Update Tool.exe
2014-07-01 17:23 - 2014-07-01 17:23 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Skyrim
2014-07-01 17:23 - 2014-03-28 21:04 - 00179324 _____ () C:\Windows\DirectX.log
2014-07-01 17:22 - 2014-04-25 12:07 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Documents\My Games
2014-07-01 15:45 - 2014-07-01 15:45 - 00112548 _____ () C:\Users\Ahmet.Ahmet-Uenal\Downloads\glg2d-0.3-20130222.215441-2.jar
2014-07-01 14:06 - 2014-07-01 14:06 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\Alte Firefox-Daten
2014-07-01 13:41 - 2014-07-01 13:41 - 00001177 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\Highscore.xml
2014-07-01 12:08 - 2014-07-01 12:07 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\.jprofiler8
2014-07-01 12:07 - 2014-07-01 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JProfiler 8
2014-07-01 12:07 - 2014-07-01 12:06 - 00000000 ____D () C:\Program Files\jprofiler8
2014-06-30 21:07 - 2014-06-30 21:06 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\PAYDAY 2
2014-06-29 15:08 - 2014-05-13 16:48 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Arma 3
2014-06-28 16:30 - 2014-07-01 13:40 - 05460075 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerTestV0.2.1.1b_debug.jar
2014-06-27 17:59 - 2014-06-16 16:27 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\androidworkspace
2014-06-27 17:53 - 2013-08-22 16:46 - 00024767 _____ () C:\Windows\setupact.log
2014-06-27 15:37 - 2014-04-21 17:09 - 00007602 _____ () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Resmon.ResmonCfg
2014-06-26 22:55 - 2013-08-22 17:38 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 21:13 - 2014-05-15 16:42 - 00000000 ____D () C:\ProgramData\Origin
2014-06-26 21:13 - 2014-05-15 16:42 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-25 22:30 - 2014-04-16 21:34 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\TS3Client
2014-06-25 21:10 - 2014-06-25 21:10 - 00000222 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\Arma 3.url
2014-06-24 11:04 - 2014-03-28 15:01 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-22 22:35 - 2014-05-08 21:25 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-617964821-516803146-3288835976-1001UA
2014-06-22 22:35 - 2014-05-08 21:25 - 00003734 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-617964821-516803146-3288835976-1001Core
2014-06-22 13:33 - 2014-03-28 15:00 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-21 19:39 - 2014-06-21 19:39 - 09091423 _____ (Electronic Arts) C:\Users\Ahmet.Ahmet-Uenal\Downloads\GameFaceBrowserPluginInstaller.1.8.0.0.exe
2014-06-21 19:39 - 2014-06-21 19:39 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Electronic Arts
2014-06-21 16:04 - 2014-06-21 16:04 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Documents\Telltale Games
2014-06-20 16:22 - 2014-06-18 16:33 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\ArmA 2 OA
2014-06-20 16:21 - 2014-06-20 16:21 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-06-20 12:11 - 2014-06-20 12:11 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\PAYDAY 2 (Demo)
2014-06-19 20:42 - 2014-05-23 16:46 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\.gimp-2.8
2014-06-19 20:22 - 2014-06-16 16:27 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\.android
2014-06-19 03:39 - 2014-07-10 14:11 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 02:48 - 2014-07-10 14:11 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:16 - 2014-07-10 14:11 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:09 - 2014-07-10 14:11 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:51 - 2014-07-10 14:11 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-10 14:11 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-10 14:11 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:46 - 2014-07-10 14:11 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-19 01:39 - 2014-07-10 14:11 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:33 - 2014-07-10 14:11 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-10 14:11 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:27 - 2014-07-10 14:11 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:12 - 2014-07-10 14:11 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 00:59 - 2014-07-10 14:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-10 14:11 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-10 14:11 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:57 - 2014-07-10 14:11 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 00:52 - 2014-07-10 14:11 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-10 14:11 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-10 14:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:45 - 2014-07-10 14:11 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-10 14:11 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-10 14:11 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-10 14:11 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-10 14:11 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-10 14:11 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-10 14:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 22:58 - 2014-03-28 15:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 21:29 - 2014-06-18 21:27 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\FEZ
2014-06-18 21:27 - 2014-06-18 21:27 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-06-18 21:27 - 2014-06-18 21:27 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-06-18 21:27 - 2014-06-18 21:27 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-06-18 21:27 - 2014-06-18 21:27 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-06-18 21:27 - 2014-06-18 21:27 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-06-18 21:27 - 2014-05-30 22:18 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\NVIDIA
2014-06-18 21:23 - 2014-06-18 21:27 - 00012005 _____ () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\alsoft.ini
2014-06-18 16:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-06-18 16:35 - 2014-06-18 16:35 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Documents\CCGLauncher
2014-06-18 16:35 - 2014-06-18 16:35 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\CCGLauncher
2014-06-18 16:35 - 2014-06-18 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCG Launcher
2014-06-18 16:35 - 2014-06-18 16:35 - 00000000 ____D () C:\Program Files (x86)\CCG Launcher
2014-06-18 16:33 - 2014-06-18 16:03 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Documents\ArmA 2
2014-06-18 16:33 - 2014-06-18 16:03 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-06-18 16:03 - 2014-06-18 16:03 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\ArmA 2
2014-06-18 16:03 - 2014-06-18 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-06-18 14:17 - 2014-06-18 14:17 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Wireshark
2014-06-18 14:14 - 2014-06-18 14:14 - 00001579 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2014-06-18 14:14 - 2014-06-18 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-06-18 14:14 - 2014-06-18 14:14 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-06-18 14:14 - 2014-06-18 14:13 - 00000000 ____D () C:\Program Files\Wireshark
2014-06-18 13:31 - 2014-06-18 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 16:39 - 2014-06-12 15:33 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\NISPGP
2014-06-17 16:36 - 2014-06-11 18:58 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\gnupg
2014-06-17 15:11 - 2014-03-29 19:56 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-17 15:11 - 2014-03-29 19:56 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 00:26 - 2014-07-10 14:12 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-17 00:24 - 2014-07-10 14:12 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-16 16:47 - 2014-06-16 16:46 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\pixelchunk
2014-06-16 16:38 - 2014-06-16 16:38 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\apktool
2014-06-14 17:51 - 2014-06-14 17:33 - 00000000 ____D () C:\Program Files (x86)\LEd
2014-06-14 17:34 - 2014-06-14 17:34 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\LEd
2014-06-14 17:33 - 2014-06-14 17:33 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\AI-SE-Bsc-master
2014-06-14 17:28 - 2014-06-14 17:29 - 19589182 _____ () C:\Users\Ahmet.Ahmet-Uenal\Desktop\AI-SE-Bsc-master.zip
2014-06-13 22:55 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-06-13 22:55 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-06-13 14:06 - 2014-06-13 14:05 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\TortoiseSVN
2014-06-13 14:04 - 2014-06-13 14:04 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\TortoiseSVN
2014-06-13 14:01 - 2014-06-13 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
2014-06-13 14:01 - 2014-06-13 14:01 - 00000000 ____D () C:\Program Files\TortoiseSVN
2014-06-13 14:01 - 2014-06-13 14:01 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays
2014-06-13 13:54 - 2014-06-13 13:54 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Subversion
2014-06-13 13:49 - 2014-06-07 19:12 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerTestv3
2014-06-13 13:48 - 2014-06-13 13:48 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\Desktop\SEPrunnerTestv3-Gruppe-EF-Woche13-v4
2014-06-12 14:49 - 2014-06-12 14:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:49 - 2014-06-12 14:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 14:49 - 2014-06-12 14:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 14:49 - 2014-06-12 14:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 14:49 - 2014-06-12 14:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 14:46 - 2014-06-12 14:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-11 21:03 - 2014-06-11 21:01 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\.kde
2014-06-11 21:01 - 2014-06-11 21:01 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\GNU
2014-06-11 21:01 - 2014-06-11 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2014-06-11 18:58 - 2014-06-11 18:58 - 00000000 ____D () C:\ProgramData\GNU
2014-06-11 18:58 - 2014-06-11 18:58 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-06-11 11:38 - 2014-06-11 11:38 - 00000000 ____D () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\.mono

Some content of TEMP:
====================
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\avgnt.exe
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\dotNetFx40_Full_setup.exe
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx_nwie.dll
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\i4jdel0.exe
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\namebench.exe
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\python27.dll
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\SRLDetectionLibrary8444556675561430680.dll
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\tcl85.dll
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\tk85.dll
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\vcredist_x86_2013.exe
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-09 20:35

==================== End Of Log ============================
Die anderen beiden sind in der rar datei.


Bin für jede Antwort dankbar :)

schrauber 11.07.2014 19:35
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

xhunter61 11.07.2014 19:37
Oh sry, ich mach das ganz schnell:

Additions.txt:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
Ran by Ahmet at 2014-07-11 20:05:08
Running from E:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

.NET Reflector Desktop (HKLM-x32\...\{60EDFDF5-224E-4CB3-8BE8-55A6D852C0A8}) (Version: 8.3.3.115 - Red Gate Software Ltd)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.205 - Alps Electric)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Avira (HKLM-x32\...\{70a79d1f-686d-4d5c-962b-07aa1294eae0}) (Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Beasts of Prey (HKLM-x32\...\Steam App 299860) (Version:  - Octagon Interactive)
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
CCG Launcher version 0.4 (HKLM-x32\...\{E8BE34DD-02E6-4445-A96B-70931D747024}_is1) (Version: 0.4 - Custom Combat Gaming)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version:  - Microsoft)
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - CHIP.de)
Driver Sweeper Version 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 5.2.0.39882 - Electronic Arts, Inc.)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
ETDWare PS/2-X64 11.6.4.001_WHQL (HKLM\...\Elantech) (Version: 11.6.4.001 - ELAN Microelectronic Corp.)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube to DVD Converter version 3.1.32.327 (HKLM-x32\...\Free YouTube to DVD Converter_is1) (Version: 3.1.32.327 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HWiNFO64 Version 4.38 (HKLM\...\HWiNFO64_is1) (Version: 4.38 - Martin Malík - REALiX)
Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{81AD22B9-C28A-45a3-94B3-5FECD221AD5C}) (Version: 3.10.7525.4 - Sony Computer Entertainment Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden
JProfiler 8.0.7 (HKLM\...\8785-2147-3791-3338) (Version: 8.0.7 - ej-technologies GmbH)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visio MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
MorphVOX Pro (HKLM-x32\...\{62DAB694-358E-4C6F-82BF-26DA64B297A6}) (Version: 4.3.2 - Screaming Bee)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 3.0.0 (HKLM-x32\...\Afterburner) (Version: 3.0.0 - MSI Co., LTD)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
My Game Long Name (HKLM\...\UDK-153be175-0fb8-4d74-be23-843cc3ffca18) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-b90a16dd-0b0b-459e-a542-1586980520bc) (Version:  - Epic Games, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 326.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 326.49 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 326.49 (Version: 326.49 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.20 - Qualcomm Atheros Inc.)
RivaTuner Statistics Server 6.1.1 (HKLM-x32\...\RTSS) (Version: 6.1.1 - Unwinder)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{F0C12872-B60D-4E37-A2F9-20C46A5E1F1A}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Supraball (HKLM-x32\...\Supraball) (Version:  - Supra Games Gbr)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.21d - )
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.3.6 - Electronic Arts)
TortoiseSVN 1.8.7.25475 (64 bit) (HKLM\...\{A8573F59-C080-4495-A9A8-EC32D8A4ECFF}) (Version: 1.8.25475 - TortoiseSVN)
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.VISPROR_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CE9A9D7C-B6FB-4F6C-8BDE-9A1ADBBAC1EE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.VISPROR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{00BBBFFE-8889-4953-956A-77DDE975A947}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.VISPROR_{00BBBFFE-8889-4953-956A-77DDE975A947}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.VISPROR_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.VISPROR_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{BF0D921F-E77E-4E03-BE71-46D9D2C7A36A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.VISPROR_{BF0D921F-E77E-4E03-BE71-46D9D2C7A36A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.VISPROR_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2878322) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F900141F-C216-4095-94E4-1D47AEFAD27D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2878322) 64-Bit Edition (HKLM\...\{90150000-0054-0407-1000-0000000FF1CE}_Office15.VISPROR_{F900141F-C216-4095-94E4-1D47AEFAD27D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2878322) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{F900141F-C216-4095-94E4-1D47AEFAD27D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.VISPROR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0051-0000-1000-0000000FF1CE}_Office15.VISPROR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek GmbH)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wireshark 1.10.8 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.8 - The Wireshark developer community, hxxp://www.wireshark.org)

==================== Restore Points  =========================

22-06-2014 11:33:30 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
01-07-2014 15:22:59 DirectX wurde installiert
10-07-2014 14:15:05 Windows Update

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1430CCAE-64F1-45DE-A47E-7BD5B9E350C3} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2310F7CE-5F1D-42CD-A782-5EEB3F48567F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3925BD1F-40E1-4A01-A85E-07E369C4CB4C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4F32B923-5FA0-4E1A-B884-AD913C3A7538} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-617964821-516803146-3288835976-1001Core => C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-08] (Google Inc.)
Task: {548F3584-182E-46CD-934D-9BAF6929BA8A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {5C3B9151-AB9D-4630-8D1B-5744F8B05CF4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-10] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6ABA332E-4307-4401-B909-D45F904BD1F5} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-03-29] ()
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {87007142-4711-431D-BB59-CBC6BF619B01} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8D58CE80-FD5E-4028-BE8F-B31D7C9CE05F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A04AC0FE-8FD4-4526-A2C3-3F81FB29A1D8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {A22DAC4D-70AF-43BA-809E-7FA10D39C13B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)
Task: {AB73BD17-DF60-44DF-93C2-8D69583ED7AC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-617964821-516803146-3288835976-1001UA => C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-08] (Google Inc.)
Task: {B48C3593-ECC6-412B-ACE7-C013140FCCE3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {BDAD0A5B-9FE7-4DD7-9B53-F8588690772F} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CEA40C4A-D169-4A8F-990B-54AF8D8CCAA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EC3C1B4B-8586-4C52-AED8-3589F50898F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {F9B2E63C-BE9B-4C30-9DB0-1896A6C556B9} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-617964821-516803146-3288835976-1001Core.job => C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-617964821-516803146-3288835976-1001UA.job => C:\Users\Ahmet.Ahmet-Uenal\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-27 20:22 - 2013-08-01 03:40 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-03-28 14:56 - 2013-08-01 15:22 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-07 16:54 - 2013-10-07 16:54 - 00218112 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2014-04-25 12:06 - 2014-04-25 12:06 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-06 20:37 - 2014-05-06 20:37 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-05-06 20:37 - 2014-05-06 20:37 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-01-25 03:22 - 2014-01-25 03:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-11 20:03 - 2014-07-11 20:03 - 00050477 _____ () E:\Downloads\Defogger.exe
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-10-07 16:44 - 2013-10-07 16:44 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00628224 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2013-10-07 16:47 - 2013-10-07 16:47 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00138320 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-03-28 15:02 - 2014-05-05 10:37 - 00049744 _____ () C:\Users\AHMET~1.AHM\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-11 12:10 - 2014-07-11 12:10 - 00043008 _____ () c:\users\ahmet~1.ahm\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx_nwie.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-28 14:55 - 2013-08-01 03:40 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-01 11:58 - 2014-05-31 03:27 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-05-01 11:58 - 2014-05-31 03:27 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-03-28 15:13 - 2014-05-31 03:27 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-05 13:52 - 2014-05-31 03:27 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-03-28 15:14 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-01 11:58 - 2014-07-10 20:21 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-01 11:58 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-03-28 15:14 - 2014-07-10 20:21 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-03-28 15:14 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-03-28 15:14 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2014-03-28 15:14 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2014-03-28 15:14 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-06-18 13:31 - 2014-06-18 13:31 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-05 22:21 - 2014-05-05 22:21 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-06-11 22:12 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-11 22:12 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Ahmet\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Ahmet.Ahmet-Uenal\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-617964821-516803146-3288835976-1001\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-617964821-516803146-3288835976-1001\Software\Classes\exefile:  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\StartupFolder: => "Inhaltsmanager-Assistent für PlayStation(R).lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKCU\...\StartupApproved\Run: => "Spotify"
HKCU\...\StartupApproved\Run: => "Spotify Web Helper"
HKCU\...\StartupApproved\Run: => "Clownfish"
HKCU\...\StartupApproved\Run: => "Gyazo"
HKCU\...\StartupApproved\Run: => "MusicManager"
HKCU\...\StartupApproved\Run: => "Google Update"
HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_B01A7CBEDF5E3D2FC268D07530C92B69"

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2014 11:52:32 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (07/08/2014 07:58:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_PcaSvc, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17031, Zeitstempel: 0x530895af
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009ca6a
ID des fehlerhaften Prozesses: 0x148
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_PcaSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_PcaSvc1
Pfad des fehlerhaften Moduls: svchost.exe_PcaSvc2
Berichtskennung: svchost.exe_PcaSvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_PcaSvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_PcaSvc5

Error: (07/07/2014 10:39:35 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/06/2014 10:29:05 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/05/2014 09:47:28 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/05/2014 07:49:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{5a142fff-b670-11e3-824b-806e6f6e6963}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/05/2014 07:28:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{5a142fff-b670-11e3-824b-806e6f6e6963}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/05/2014 11:46:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AHMET-UENAL)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/04/2014 10:50:09 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/03/2014 09:37:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_PcaSvc, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17031, Zeitstempel: 0x530895af
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009ca6a
ID des fehlerhaften Prozesses: 0x140
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_PcaSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_PcaSvc1
Pfad des fehlerhaften Moduls: svchost.exe_PcaSvc2
Berichtskennung: svchost.exe_PcaSvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_PcaSvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_PcaSvc5


System errors:
=============
Error: (07/11/2014 00:10:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/11/2014 00:10:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (07/10/2014 02:02:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/10/2014 02:02:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (07/09/2014 11:44:58 AM) (Source: DCOM) (EventID: 10010) (User: AHMET-UENAL)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (07/09/2014 11:44:58 AM) (Source: DCOM) (EventID: 10010) (User: AHMET-UENAL)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (07/09/2014 11:44:58 AM) (Source: DCOM) (EventID: 10010) (User: AHMET-UENAL)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (07/09/2014 11:44:58 AM) (Source: DCOM) (EventID: 10010) (User: AHMET-UENAL)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (07/09/2014 11:44:58 AM) (Source: DCOM) (EventID: 10010) (User: AHMET-UENAL)
Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}

Error: (07/08/2014 07:59:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================
Error: (07/09/2014 11:52:32 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (07/08/2014 07:58:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_PcaSvc6.3.9600.163845215dfe3ntdll.dll6.3.9600.17031530895afc0000008000000000009ca6a14801cf9aa33b77e9c2C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll65b4605e-06c9-11e4-82d5-e840f2a109c8

Error: (07/07/2014 10:39:35 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/06/2014 10:29:05 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/05/2014 09:47:28 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/05/2014 07:49:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{5a142fff-b670-11e3-824b-806e6f6e6963}\Falscher Parameter. (0x80070057)

Error: (07/05/2014 07:28:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{5a142fff-b670-11e3-824b-806e6f6e6963}\Falscher Parameter. (0x80070057)

Error: (07/05/2014 11:46:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AHMET-UENAL)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023174

Error: (07/04/2014 10:50:09 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/03/2014 09:37:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_PcaSvc6.3.9600.163845215dfe3ntdll.dll6.3.9600.17031530895afc0000008000000000009ca6a14001cf96dcfc2d1418C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll6b6cf597-02e9-11e4-82ce-e840f2a109c8


CodeIntegrity Errors:
===================================
  Date: 2014-05-09 14:25:04.592
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\AHMET~1.AHM\AppData\Local\Temp\uisrcyja3e.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 8030.35 MB
Available physical RAM: 5133.37 MB
Total Pagefile: 9310.35 MB
Available Pagefile: 6036.35 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:58.76 GB) NTFS
Drive e: (Acer) (Fixed) (Total:916.01 GB) (Free:722.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 396751CF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 8DCD4028)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Not Active) - (Size=16 GB) - (Type=27)
Partition 3: (Not Active) - (Size=916 GB) - (Type=42)

==================== End Of Log ============================
und gmer.txt:
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-11 20:20:25
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000039 SAMSUNG_SSD_830_Series rev.CXM03B1Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\AHMET~1.AHM\AppData\Local\Temp\fglcrkow.sys


---- Kernel code sections - GMER 2.1 ----

.text    C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                                                                                                                          fffff9600006b600 15 bytes [00, F8, 09, 02, 80, 32, 72, ...]
.text    C:\Windows\System32\win32k.sys!W32pServiceTable + 16                                                                                                                                                                                      fffff9600006b610 11 bytes [00, BC, FB, FF, 00, 77, B2, ...]

---- User code sections - GMER 2.1 ----

.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation                                                                                                                                                00007ff821da28c0 7 bytes JMP 00007ff9216d02d0
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW                                                                                                                                                        00007ff821da43d8 7 bytes JMP 00007ff9216d0308
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA                                                                                                                                                          00007ff821e51f20 7 bytes JMP 00007ff9216d0378
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW                                                                                                                                                          00007ff821e540b4 7 bytes JMP 00007ff9216d03b0
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW                                                                                                                                                        00007ff821e54510 7 bytes JMP 00007ff9216d0340
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNEL32.DLL!K32GetModuleFileNameExW                                                                                                                                                00007ff821e54af0 7 bytes JMP 00007ff9216d0260
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx                                                                                                                                                00007ff821e7cea0 7 bytes JMP 00007ff9216d0228
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW                                                                                                                                                  00007ff821e7cf10 7 bytes JMP 00007ff9216d0298
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                                                                      00007ff8216e2300 7 bytes JMP 00007ff9216d00d8
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                                                                          00007ff8216e5770 5 bytes JMP 00007ff9216d0180
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                                                                        00007ff8216e5860 5 bytes JMP 00007ff9216d0148
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                                                                    00007ff8216e5a30 5 bytes JMP 00007ff9216d0110
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\USER32.dll!CreateWindowExW                                                                                                                                                          00007ff82238b6f4 10 bytes JMP 00007ff9216d0490
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW                                                                                                                                                      00007ff8223945d8 5 bytes JMP 00007ff9216d0458
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo                                                                                                                                                00007ff822394750 9 bytes JMP 00007ff9216d03e8
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA                                                                                                                                                      00007ff8223a4fc0 5 bytes JMP 00007ff9216d0420
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                                                                  00007ff823ef1500 8 bytes JMP 00007ff9216d01b8
.text    C:\Windows\system32\dwm.exe[888] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                                                                    00007ff823ef1750 8 bytes JMP 00007ff9216d01f0
.text    C:\Windows\system32\nvvsvc.exe[956] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                                00007ff8226a169a 4 bytes [6A, 22, F8, 7F]
.text    C:\Windows\system32\nvvsvc.exe[956] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                                00007ff8226a16a2 4 bytes [6A, 22, F8, 7F]
.text    C:\Windows\system32\nvvsvc.exe[956] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                                  00007ff8226a181a 4 bytes [6A, 22, F8, 7F]
.text    C:\Windows\system32\nvvsvc.exe[956] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                                  00007ff8226a1832 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe[4936] C:\Windows\system32\KERNELBASE.dll!SetUnhandledExceptionFilter                                                                                                                      00007ff8216f3308 3 bytes [33, C0, C3]
.text    C:\Windows\System32\igfxpers.exe[3768] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                            00007ff8226a169a 4 bytes [6A, 22, F8, 7F]
.text    C:\Windows\System32\igfxpers.exe[3768] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                            00007ff8226a16a2 4 bytes [6A, 22, F8, 7F]
.text    C:\Windows\System32\igfxpers.exe[3768] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                                00007ff8226a181a 4 bytes [6A, 22, F8, 7F]
.text    C:\Windows\System32\igfxpers.exe[3768] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                                00007ff8226a1832 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\Apoint.exe[2572] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                        00007ff8226a169a 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\Apoint.exe[2572] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                        00007ff8226a16a2 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\Apoint.exe[2572] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                            00007ff8226a181a 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\Apoint.exe[2572] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                            00007ff8226a1832 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\ApMsgFwd.exe[5192] C:\Windows\system32\PSAPI.dll!GetModuleBaseNameA + 506                                                                                                                                      00007ff8226a169a 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\ApMsgFwd.exe[5192] C:\Windows\system32\PSAPI.dll!GetModuleBaseNameA + 514                                                                                                                                      00007ff8226a16a2 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\ApMsgFwd.exe[5192] C:\Windows\system32\PSAPI.dll!QueryWorkingSet + 118                                                                                                                                          00007ff8226a181a 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\ApMsgFwd.exe[5192] C:\Windows\system32\PSAPI.dll!QueryWorkingSet + 142                                                                                                                                          00007ff8226a1832 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\Apntex.exe[5224] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                        00007ff8226a169a 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\Apntex.exe[5224] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                        00007ff8226a16a2 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\Apntex.exe[5224] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                            00007ff8226a181a 4 bytes [6A, 22, F8, 7F]
.text    C:\Program Files\Apoint2K\Apntex.exe[5224] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                            00007ff8226a1832 4 bytes [6A, 22, F8, 7F]
.text    E:\Downloads\FRST64.exe[7152] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194                                                                                                                                                            00007ff81bbd1f6a 4 bytes [BD, 1B, F8, 7F]
.text    E:\Downloads\FRST64.exe[7152] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218                                                                                                                                                            00007ff81bbd1f82 4 bytes [BD, 1B, F8, 7F]
.text    E:\Downloads\FRST64.exe[7152] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                                      00007ff8226a169a 4 bytes [6A, 22, F8, 7F]
.text    E:\Downloads\FRST64.exe[7152] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                                      00007ff8226a16a2 4 bytes [6A, 22, F8, 7F]
.text    E:\Downloads\FRST64.exe[7152] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                                        00007ff8226a181a 4 bytes [6A, 22, F8, 7F]
.text    E:\Downloads\FRST64.exe[7152] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                                        00007ff8226a1832 4 bytes [6A, 22, F8, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [588:204]                                                                                                                                                                                                  fffff96000821b90
Thread  C:\Windows\Explorer.EXE [3436:3844]                                                                                                                                                                                                      00007ff818c6d6bc
Thread  C:\Windows\Explorer.EXE [3436:3604]                                                                                                                                                                                                      00007ff813b9d6bc
Thread  C:\Windows\Explorer.EXE [3436:4588]                                                                                                                                                                                                      00007ff8161ed6bc
Thread  C:\Windows\Explorer.EXE [3436:5372]                                                                                                                                                                                                      00007ff819cfd6bc
Thread  C:\Windows\Explorer.EXE [3436:2496]                                                                                                                                                                                                      00007ff81640d6bc
Thread  C:\Windows\Explorer.EXE [3436:3000]                                                                                                                                                                                                      00007ff81640d6bc
Thread  C:\Windows\Explorer.EXE [3436:5812]                                                                                                                                                                                                      00007ff81614d6bc
Thread  C:\Windows\Explorer.EXE [3436:968]                                                                                                                                                                                                        00007ff8164dd6bc
Thread  C:\Windows\Explorer.EXE [3436:4372]                                                                                                                                                                                                      00007ff819cfd6bc
Thread  C:\Windows\Explorer.EXE [3436:3708]                                                                                                                                                                                                      00007ff81b78d6bc
Thread  C:\Windows\Explorer.EXE [3436:6764]                                                                                                                                                                                                      00007ff81640d6bc
Thread  C:\Windows\Explorer.EXE [3436:4996]                                                                                                                                                                                                      00007ff81b78d6bc
Thread  C:\Windows\Explorer.EXE [3436:6928]                                                                                                                                                                                                      00007ff819cfd6bc
Thread  C:\Windows\Explorer.EXE [3436:2772]                                                                                                                                                                                                      00007ff819cfd6bc
Thread  C:\Windows\Explorer.EXE [3436:7020]                                                                                                                                                                                                      00007ff813b9d6bc
Thread  C:\Windows\Explorer.EXE [3436:7688]                                                                                                                                                                                                      00007ff8165dd6bc
Thread  C:\Windows\Explorer.EXE [3436:2220]                                                                                                                                                                                                      00007ff81615d6bc
---- Processes - GMER 2.1 ----

Library  C:\Program Files\WindowsApps\Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c\Microsoft.PerfTrack.dll (*** suspicious ***) @ C:\Windows\syswow64\wwahost.exe [3548] (Microsoft.PerfTrack.dll/Microsoft Corporation)(2014-03-29 12:52:25)  0000000067890000
Library  C:\Program Files\WindowsApps\Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c\LibWrap.dll (*** suspicious ***) @ C:\Windows\syswow64\wwahost.exe [3548] (Microsoft Skype/Microsoft Corporation)(2014-05-07 10:52:35)                      0000000059c80000
Library  C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\Dropbox.exe [5588](2014-01-03 01:09:26)                                            0000000003b40000
Library  c:\users\ahmet~1.ahm\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx_nwie.dll (*** suspicious ***) @ C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\Dropbox.exe [5588](2014-07-11 10:10:14)    00000000053f0000
Library  C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\Dropbox.exe [5588](2013-08-23 19:01:44)                                                  00000000638d0000
Library  C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Ahmet.Ahmet-Uenal\AppData\Roaming\Dropbox\bin\Dropbox.exe [5588] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42)                    0000000062460000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{86C0167D-26A8-44C4-87F9-15FDA12D37B6}\Connection@Name                                                                                              isatap.fritz.box
Reg      HKLM\SYSTEM\CurrentControlSet\Control\RadioManagement\SystemRadioState@                                                                                                                                                                  1
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                                                                                                                        -1067501921
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{86C0167D-26A8-44C4-87F9-15FDA12D37B6}@ReusableType                                                                                                                    0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{86C0167D-26A8-44C4-87F9-15FDA12D37B6}@DefunctTimestamp                                                                                                                0x5E 0xFB 0xBE 0x53 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                                                                                                                          5120
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                                                                                                                          3364
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\iexplore@Count                                                                                                                            556
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\Grid@Logo100                                                                                                                                                                %USERPROFILE%\AppData\Local\Microsoft\Windows\Explorer\TileCacheLogo-4841765_100.dat
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest                                                                                                                                    0x92 0xB6 0x0E 0x4D ...
Reg      HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows@UserSelectedDefault                                                                                                                                                            1

---- EOF - GMER 2.1 ----

schrauber 12.07.2014 17:56
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:38 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131